2203840 – [FTBFS] rsa_pkcs1_implicit_rejection breaks test_decrypt_invalid_decrypt

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2203840 - [FTBFS] rsa_pkcs1_implicit_rejection breaks test_decrypt_invalid_decrypt

Summary: [FTBFS] rsa_pkcs1_implicit_rejection breaks test_decrypt_invalid_decrypt

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Deadline:	2023-06-19
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	python-cryptography
Sub Component:
Version:	9.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Christian Heimes
QA Contact:	anuja
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2252398 2252399
TreeView+	depends on / blocked

Reported:	2023-05-15 11:57 UTC by Christian Heimes
Modified:	2023-12-01 12:38 UTC (History)
CC List:	3 users (show)
Fixed In Version:	python-cryptography-36.0.1-4.el9
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Clones:	2252398 2252399 (view as bug list)
Environment:
Last Closed:	2023-11-07 08:52:12 UTC
Type:	Bug
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	pyca cryptography pull 7895	None	Merged	Bump OpenSSL/BoringSSL and adapt for OpenSSL RSA bleichenbacher mitigation	2023-05-15 11:57:15 UTC
Red Hat Bugzilla	2153471	medium	CLOSED	Backport implicit rejection for RSA PKCS#1 v1.5 encryption [rhel-9]	2023-11-08 08:47:52 UTC
Red Hat Issue Tracker	FREEIPA-9877	None	None	None	2023-05-15 11:57:53 UTC
Red Hat Issue Tracker	RHELPLAN-157226	None	None	None	2023-05-15 11:57:57 UTC
Red Hat Product Errata	RHSA-2023:6615	None	None	None	2023-11-07 08:52:21 UTC

Description Christian Heimes 2023-05-15 11:57:15 UTC

Description of problem:
rhbz#2153471 introduced a fix for Bleichenbacher timing attacks. The new feature EVP_PKEY_CTRL_RSA_IMPLICIT_REJECTION breaks an assumption in upstream test case test_decrypt_invalid_decrypt. The test no longer fails with an exception.

Version-Release number of selected component (if applicable):
36.0.1-3.el9

How reproducible:
always

Steps to Reproduce:
1. Run the upstream test suite (spec file runs the test suite in %check)

Actual results:
=================================== FAILURES ===================================
________________ TestRSADecryption.test_decrypt_invalid_decrypt ________________

self = <tests.hazmat.primitives.test_rsa.TestRSADecryption object at 0x7fa9df2d4730>
backend = <OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>

    @pytest.mark.supported(
        only_if=lambda backend: backend.rsa_padding_supported(
            padding.PKCS1v15()
        ),
        skip_message="Does not support PKCS1v1.5.",
    )
    def test_decrypt_invalid_decrypt(self, backend):
        private_key = RSA_KEY_2048.private_key(backend)
        with pytest.raises(ValueError):
>           private_key.decrypt(b"\x00" * 256, padding.PKCS1v15())
E           Failed: DID NOT RAISE <class 'ValueError'>

tests/hazmat/primitives/test_rsa.py:1562: Failed

Expected results:
No error

Additional info:
Issue was detected by OSCI, http://artifacts.osci.redhat.com/baseos-ci/brew-build/52/45/09/52450935/https___baseos-jenkins.rhev-ci-vms.eng.rdu2.redhat.com-ci-artemis/42237/tmpzxfeamhj.01/recipes/1/tasks/4/logs/taskout.log

Upstream fix: https://github.com/pyca/cryptography/pull/7895

Comment 11 anuja 2023-06-28 14:02:14 UTC

As per fix test will be marked as skipped. 

tests/hazmat/primitives/test_rsa.py::TestRSADecryption::test_decrypt_invalid_decrypt SKIPPED

=========================== short test summary info ============================
SKIPPED [1600] tests/hazmat/primitives/utils.py:501: Does not support counter location: middle_fixed
SKIPPED [1] tests/utils.py:30: Requires OpenSSL without poly1305 support (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Requires backend without RSA OAEP label support (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Does not support PKCS1v1.5. (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Requires FIPS (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [4] tests/hazmat/primitives/test_serialization.py:1919: Requires bcrypt module
SKIPPED [1] tests/utils.py:30: Requires that bcrypt exists (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Requires backend support for ec.SECP192R1 (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Does not support SM4 ECB (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Does not support SM4 CBC (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Does not support SM4 OFB (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Does not support SM4 CFB (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Does not support SM4 CTR (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Requires OpenSSL without X25519 support (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
SKIPPED [1] tests/utils.py:30: Requires OpenSSL without X448 support (<OpenSSLBackend(version: OpenSSL 3.0.7 1 Nov 2022, FIPS: False)>)
===================== 1007 passed, 1617 skipped in 41.62s ======================
                                                                                                                                      
Based on results marking bug as verified.

Comment 13 errata-xmlrpc 2023-11-07 08:52:12 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: python-cryptography security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6615

Note You need to log in before you can comment on or make changes to this bug.