From dinesh.k.somani at gmail.com Sat Nov 3 01:44:13 2018 From: dinesh.k.somani at gmail.com (Dinesh K. Somani) Date: Fri, 2 Nov 2018 22:44:13 -0700 Subject: [Cryptography-dev] Unexpected result from cryptography package Message-ID: Hi I am a new user of py-cryptography. I am finding that even the encrypted token is modified at end, it still decrypts OK. How so? Here is a test script from cryptography.fernet import Fernet f = Fernet( Fernet.generate_key() ) word = b"very secret thing" print("encrypting...", word) token = f.encrypt( word ) print("decrypting...", len(token), token,) reword = f.decrypt( token ) print("works as expected" if reword == word else "oops!") modtoken = str.encode( token.decode() + "?abcd." ) print("modified token, appended stuff") print("decrypting...", len(modtoken), modtoken) reword = f.decrypt( modtoken ) print("whoops! still decrypts ok" if reword == word else "good boy!") and the output was encrypting... b'very secret thing' decrypting... 120 b'gAAAAABb3TIJLCgbVdq-CgQ3V7V3eehQ02h_O70iZkCjd6KCU9GsErog-c-LluWITQg5lTsp5ldoTc0J_XdFCd-jhoJPOYAKyQbzbHDJZKTGORIJSflO1do=' works as expected modified token, appended stuff decrypting... 126 b'gAAAAABb3TIJLCgbVdq-CgQ3V7V3eehQ02h_O70iZkCjd6KCU9GsErog-c-LluWITQg5lTsp5ldoTc0J_XdFCd-jhoJPOYAKyQbzbHDJZKTGORIJSflO1do=?abcd.' whoops! still decrypts ok Is this expected behavior? If so, how do I check if the token is not modified between encrypt and decrypt? python 3.6.6 on ubuntu under WSL Regards Dinesh -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Sat Nov 3 07:58:30 2018 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Sat, 3 Nov 2018 19:58:30 +0800 Subject: [Cryptography-dev] Unexpected result from cryptography package In-Reply-To: References: Message-ID: <5AD0186B-524D-4F45-A75D-28D45B1F8785@gmail.com> Hi Dinesh, I think I coincidentally responded to your question on stack overflow a bit ago. Here is what I said there: This is an artifact of the malleability of base64 with Python's decoder. When the fernet token is base64 decoded everything you've added is discarded. This means that when the HMAC value is checked the ciphertext is intact and the token passes the integrity check as expected. While this is not directly a problem, it could become a problem if a user does something unwise with presumed token uniqueness. To be clear, Fernet has strong integrity guarantees for the token payload, but the base64 itself has limited malleability. Over 3 years ago I tried to get the Fernet spec updated to require strict base64 encoding (https://github.com/fernet/spec/pull/11) but unfortunately the authors are not maintaining their spec and nothing has happened. We don't want to break compatibility with other Fernet implementations and this issue, while annoying, isn't enough to convince me that we need to fork it at this time. -Paul > On Nov 3, 2018, at 1:44 PM, Dinesh K. Somani wrote: > > Hi > > I am a new user of py-cryptography. I am finding that even the encrypted token is modified at end, it still decrypts OK. How so? > > Here is a test script > > from cryptography.fernet import Fernet > f = Fernet( Fernet.generate_key() ) > word = b"very secret thing" > print("encrypting...", word) > token = f.encrypt( word ) > print("decrypting...", len(token), token,) > reword = f.decrypt( token ) > print("works as expected" if reword == word else "oops!") > > modtoken = str.encode( token.decode() + "?abcd." ) > print("modified token, appended stuff") > print("decrypting...", len(modtoken), modtoken) > reword = f.decrypt( modtoken ) > print("whoops! still decrypts ok" if reword == word else "good boy!") > > and the output was > > encrypting... b'very secret thing' > decrypting... 120 b'gAAAAABb3TIJLCgbVdq-CgQ3V7V3eehQ02h_O70iZkCjd6KCU9GsErog-c-LluWITQg5lTsp5ldoTc0J_XdFCd-jhoJPOYAKyQbzbHDJZKTGORIJSflO1do=' > works as expected > modified token, appended stuff > decrypting... 126 b'gAAAAABb3TIJLCgbVdq-CgQ3V7V3eehQ02h_O70iZkCjd6KCU9GsErog-c-LluWITQg5lTsp5ldoTc0J_XdFCd-jhoJPOYAKyQbzbHDJZKTGORIJSflO1do=?abcd.' > whoops! still decrypts ok > > Is this expected behavior? If so, how do I check if the token is not modified between encrypt and decrypt? > > python 3.6.6 on ubuntu under WSL > > > Regards > Dinesh > _______________________________________________ > Cryptography-dev mailing list > Cryptography-dev at python.org > https://mail.python.org/mailman/listinfo/cryptography-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Sun Nov 11 20:59:06 2018 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Mon, 12 Nov 2018 02:59:06 +0100 Subject: [Cryptography-dev] PyCA cryptography 2.4.1 (and 2.4) released Message-ID: PyCA cryptography 2.4.1 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 2.7, Python 3.4+, and PyPy. Changelog (https://cryptography.io/en/latest/changelog/#v2-4-1): * Fixed a build breakage in our manylinux1 wheels. Changelog (https://cryptography.io/en/latest/changelog/#v2-4): * BACKWARDS INCOMPATIBLE: Dropped support for LibreSSL 2.4.x. * Deprecated OpenSSL 1.0.1 support. OpenSSL 1.0.1 is no longer supported by the OpenSSL project. At this time there is no time table for dropping support, however we strongly encourage all users to upgrade or install cryptography from a wheel. * Added initial OCSP support. * Added support for PrecertPoison. -Paul Kehrer (reaperhulk) -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.l.kehrer at gmail.com Tue Nov 20 22:44:11 2018 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Tue, 20 Nov 2018 19:44:11 -0800 Subject: [Cryptography-dev] PyCA cryptography 2.4.2 released Message-ID: PyCA cryptography 2.4.2 has been released to PyPI. cryptography includes both high level recipes and low level interfaces to common cryptographic algorithms such as symmetric ciphers, asymmetric algorithms, message digests, X509, key derivation functions, and much more. We support Python 2.7, Python 3.4+, and PyPy. Changelog (https://cryptography.io/en/latest/changelog/#v2-4-2): * Updated Windows, macOS, and manylinux1 wheels to be compiled with OpenSSL 1.1.0j. -Paul Kehrer (reaperhulk) -------------- next part -------------- An HTML attachment was scrubbed... URL: From jortel at redhat.com Thu Nov 29 12:16:20 2018 From: jortel at redhat.com (Jeff Ortel) Date: Thu, 29 Nov 2018 11:16:20 -0600 Subject: [Cryptography-dev] x509 Certificate Validation Message-ID: <1a908977-6b21-7870-de18-3ef2f0861462@redhat.com> Hello, our project needs a python lib to validate that a client certificate has been signed by a specific CA.? Looking at the cryptography package, it does not seem support this.? Any recommendations on how to proceed in the short term? Thanks, Jeff [1] https://github.com/pyca/cryptography/issues/2381 From paul.l.kehrer at gmail.com Thu Nov 29 18:52:13 2018 From: paul.l.kehrer at gmail.com (Paul Kehrer) Date: Thu, 29 Nov 2018 15:52:13 -0800 Subject: [Cryptography-dev] x509 Certificate Validation In-Reply-To: <1a908977-6b21-7870-de18-3ef2f0861462@redhat.com> References: <1a908977-6b21-7870-de18-3ef2f0861462@redhat.com> Message-ID: I'd recommend using pyOpenSSL in the short term (at this point it is a good choice for TLS and cert validation since those are two things cryptography does not do). For single cert key verification only it's easy to implement that with what is available in cryptography now, but chain validation is a much more complex problem. We do have some code for eventually doing validation, but no timeline on when it might get finished. -Paul On November 30, 2018 at 1:16:38 AM, Jeff Ortel (jortel at redhat.com) wrote: Hello, our project needs a python lib to validate that a client certificate has been signed by a specific CA. Looking at the cryptography package, it does not seem support this. Any recommendations on how to proceed in the short term? Thanks, Jeff [1] https://github.com/pyca/cryptography/issues/2381 _______________________________________________ Cryptography-dev mailing list Cryptography-dev at python.org https://mail.python.org/mailman/listinfo/cryptography-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: