Floating point exception in Crypto.PublicKey.RSA
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Python-Crypto |
New
|
Undecided
|
Unassigned |
Bug Description
I've just stumbled on a discrepancy in Crypto.
----
import random
from Crypto.PublicKey import RSA
from binascii import hexlify,unhexlify
n='9f4de0edf371
e='010001'
msg='00f5d3b541
def generateRandomB
"""
Will SIGFPE before this is called
"""
val = ''
for i in range(bytes):
val += '%02x'%
return unhexlify(val)
rsa=RSA.
rsa.encrypt(
----
gdb backtrace:
----
$ gdb python
GNU gdb (Ubuntu/Linaro 7.4-2012.
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
For bug reporting instructions, please see:
<http://
Reading symbols from /usr/bin/
(gdb) run
Starting program: /usr/bin/python
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-
Python 2.7.3 (default, Aug 1 2012, 05:16:07)
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import bug
Program received signal SIGFPE, Arithmetic exception.
0xb77c9bfb in __gmp_exception () from /usr/lib/
(gdb) backtrace
#0 0xb77c9bfb in __gmp_exception () from /usr/lib/
#1 0xb77c9c4b in __gmp_divide_
#2 0xb77deb33 in __gmpz_powm_sec () from /usr/lib/
#3 0xb78bbc3b in ?? () from /usr/lib/
#4 0x081949c1 in PyEval_EvalFrameEx ()
#5 0x08194eec in PyEval_EvalFrameEx ()
#6 0x08194eec in PyEval_EvalFrameEx ()
#7 0x0819af70 in PyEval_EvalCodeEx ()
#8 0x0819bb03 in PyImport_
#9 0x0814bd40 in ?? ()
#10 0x0814c6d4 in ?? ()
#11 0x08103146 in ?? ()
#12 0x0814cfe6 in ?? ()
#13 0x08096a0e in ?? ()
#14 0x081287ef in PyObject_Call ()
#15 0x08128c59 in PyEval_
#16 0x08196e17 in PyEval_EvalFrameEx ()
#17 0x0819af70 in PyEval_EvalCodeEx ()
#18 0x0819c401 in PyRun_Interacti
#19 0x0819c735 in PyRun_Interacti
#20 0x080a916e in PyRun_AnyFileEx
#21 0x080a9949 in Py_Main ()
#22 0x0805ea5b in main ()
(gdb)
----
It turns out your RSA modulus is even (so totally invalid) but mpz_powm_sec() really requires it to be odd:
http:// gmplib. org/manual/ Integer- Exponentiation. html#Integer- Exponentiation
If the modulus even, the gmp routine crashes (??).
I have some patches out already for making RSA import/construct more robust.
I added a small check in the Python code to catch the even modulus condition as early as possible:
https:/ /github. com/Legrandin/ pycrypto/ commit/ 3b26fe526aef215 12ab3a63f87d9c9 983b767f2b
In that way, it is not necessary to modify the C mode.
The other patch already checks that the following components are prime and that automatically covers the even modulus condition:
* p,q component in RSA (private key)
* p modulus in DSA
* p modulus in ElGamal