Python-Crypto

_randfunc attribute with a pickled rsa key

Bug #1183629 reported by Frédéric Lang
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Python-Crypto
Fix Committed
Undecided
Unassigned

Bug Description

I try to save and restore private key in file. So i use pickle module. And then when i crypt a message with dumped private key and when i try to decrypt it, pycrypto answer "_RSA object has not _randfunc attribute"

After long exam, i find problem from pickle module. So i write a little code exam like this

#!/usr/bin/env python
#-*- coding: utf-8 -*-

from Crypto import Random
from Crypto.PublicKey import RSA
import pickle
rng=Random.new().read
key=RSA.generate(1024, rng)

print dir(key)
print dir(pickle.loads(pickle.dumps(key)))

And the result:
['__doc__', '__eq__', '__getattr__', '__getstate__', '__init__', '__module__', '__ne__', '__repr__', '__setstate__', '_blind', '_decrypt', '_encrypt', '_randfunc', '_sign', '_unblind', '_verify', 'blind', 'can_blind', 'can_encrypt', 'can_sign', 'decrypt', 'encrypt', 'exportKey', 'has_private', 'implementation', 'key', 'keydata', 'publickey', 'sign', 'size', 'unblind', 'validate', 'verify']
['__doc__', '__eq__', '__getattr__', '__getstate__', '__init__', '__module__', '__ne__', '__repr__', '__setstate__', '_blind', '_decrypt', '_encrypt', '_sign', '_unblind', '_verify', 'blind', 'can_blind', 'can_encrypt', 'can_sign', 'decrypt', 'encrypt', 'exportKey', 'has_private', 'implementation', 'key', 'keydata', 'publickey', 'sign', 'size', 'unblind', 'validate', 'verify']

So effectively, the _randfunc attribute is not in second display.

The problem is same if i use copy.deepcopy().

Best regards
Thanks

Revision history for this message
Legrandin (gooksankoo) wrote :

The problem you mention has been fixed in a recent patch:

https://github.com/dlitz/pycrypto/commit/db52ac71e804e85ace3edd772d2e78055972ac2c

Still, I wouldn't use pickle in the first place.
Using exportKey() and importKey() is much more secure and robust.

Revision history for this message
Frédéric Lang (fr-lang) wrote : Re: [Bug 1183629] Re: _randfunc attribute with a pickled rsa key

Good evening. Thanks for your answer.
Effectively, yesterday (friday) i found the function exportKey() and
importKey() (sorry, i found Crypto only thuersday) and so i changed my
operations. Now all is ok. I can export and import without any problem.

Thank-you for your work. I was looking for crypt opérations since 2
weeks. I tryed Python-GnuPG, PyME and so Thuersday i found Crypto and i
see it's really what i wanted. Light, quick, simply functions, very very
good.

Best Regards

PS: Sorry for my english, i'm french...

Le 25/05/2013 18:30, Legrandin a écrit :
> The problem you mention has been fixed in a recent patch:
>
> https://github.com/dlitz/pycrypto/commit/db52ac71e804e85ace3edd772d2e78055972ac2c
>
> Still, I wouldn't use pickle in the first place.
> Using exportKey() and importKey() is much more secure and robust.
>

--
Frédéric Lang
http://fr.lang.free.fr
<email address hidden>

Darsey Litzenberger (dlitz)
Changed in pycrypto:
status: New → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.