Support PKCS#1 v2.0; support OAEP/PSS

[sybrenstuvel]

See http://stackoverflow.com/a/36633937/875379 and http://crypto.stackexchange.com/questions/12688/can-you-explain-bleichenbachers-cca-attack-on-pkcs1-v1-5 for more info.

RSA 4.0 should support OAEP for encryption and PSS for signing, as described in PKCS#1 v2.0. This makes it much less (if it even still is) vulnerable to a Bleichenbacher attack.

[adamantike]

I will give it a try, starting with OAEP :)

[sybrenstuvel]

@adamantike what's your progress so far? I'd love to be able to release 4.0 in the coming month or so. Do you think that's feasible?

[adamantike]

@sybrenstuvel I haven't made any progress since the last PR. I can start working on OAEP, and hopefully there'll be some progress before next weekend.

Is there any other goal for 4.0 that is not included in the milestone?

[sybrenstuvel]

I can start working on OAEP, and hopefully there'll be some progress before next weekend.

That would be awesome :)

Is there any other goal for 4.0 that is not included in the milestone?

Nope. If more comes up, we'll just release 4.1 :)

[jamorham]

Does python-rsa currently support OAEP padding? I saw #89 but I wasn't sure exactly the implications of it.

[sify21]

Is the encryption part of this issue fixed by #126?

[srinivasramanujan]

Hi everyone,

I saw this thread about PKCS#1 v2.0 support for python rsa.

I have currently rsa version 4.8 .. I have another library (Crypto++) whose RSA encryption I am trying to decrypt. The library supports both OAEP and PKCS. Crypto++ is using v.2.0

Can Python RSA decrypt both PKCS #1 v.1.15 and v.2.0 ?

If I want the decryptor to use a specific version of PKCS #1 or OAEP, is there a way to specify this ?

In the rsa.encrypt(..) and rsa.decrypt(..) function I did not see any way to specify the version or the padding format ?

def encrypt_rsa(message, key):
try:
result = rsa.encrypt(base64.b64encode(message), key)
return result
except Exception as err:
print("There was an error encryption RSA", err)
return None

def decrypt_rsa(cipherbytes, key):
try:
base64_bytes = rsa.decrypt(cipherbytes, key)
print("Got base64 bytes")
return base64.b64decode(base64_bytes)
except Exception as err:
print(err)
return None

[myheroyuki]

Can Python RSA decrypt both PKCS #1 v.1.15 and v.2.0?

Python RSA does not currently support PKCS #1 v2.0+.
There are open issues, including this one, for adding that support.

If I want the decryptor to use a specific version of PKCS #1 or OAEP, is there a way to specify this ?

No. OAEP is not supported.