Hi Sandro,
I appreciate your frustration here, and as the maintainer of
python-cryptography of course I'm responsible when there are issues with
the package.
That said, I did actually test pyopenssl before uploading this version, and
it was working locally; in addition, the diff from 1.5.2 to 1.5.3 is almost
trivial (I've attached it for reference); the HKDF fix is a one line change
plus an added test, and the only other changes are bumping the version
number, so I'm still looking into the actual cause of the problem.
I think the mistake I made when testing locally was that I didn't update my
build chroot first; if the problem is related to newer build-dependencies
(eg. python-cffi) then that would explain why my local package does not
exhibit the problem while the one from the buildds does. (Of course this is
the result of rushing the 1.5.3 update; I do know better than to rush out a
"trivial" update, as these things often turn out to be less trivial than
assumed, but I felt there was some urgency to getting the new package into
unstable as the security issue is more likely to affect users there and I
guess I let this override my better judgement)
I will follow up again once I track down the root cause of the problem.
commit c551c1690dc2ec0a12f779eaab780da45e40d1c6
Author: Tristan Seligmann <mithra...@debian.org>
Date: Tue Nov 8 05:34:19 2016 +0200
Import python-cryptography_1.5.3.orig.tar.gz
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 0bfd328..9b0bf29 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -1,6 +1,13 @@
Changelog
=========
+1.5.3 - 2016-11-05
+~~~~~~~~~~~~~~~~~~
+
+* **SECURITY ISSUE**: Fixed a bug where ``HKDF`` would return an empty
+ byte-string if used with a ``length`` less than ``algorithm.digest_size``.
+ Credit to **Markus Döring** for reporting the issue.
+
1.5.2 - 2016-09-26
~~~~~~~~~~~~~~~~~~
diff --git a/PKG-INFO b/PKG-INFO
index 3c67042..9de24de 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: cryptography
-Version: 1.5.2
+Version: 1.5.3
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
diff --git a/src/cryptography.egg-info/PKG-INFO b/src/cryptography.egg-info/PKG-INFO
index 3c67042..9de24de 100644
--- a/src/cryptography.egg-info/PKG-INFO
+++ b/src/cryptography.egg-info/PKG-INFO
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: cryptography
-Version: 1.5.2
+Version: 1.5.3
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
diff --git a/src/cryptography/__about__.py b/src/cryptography/__about__.py
index 02d6494..6baca0d 100644
--- a/src/cryptography/__about__.py
+++ b/src/cryptography/__about__.py
@@ -14,7 +14,7 @@ __summary__ = ("cryptography is a package which provides cryptographic recipes"
" and primitives to Python developers.")
__uri__ = "https://github.com/pyca/cryptography";
-__version__ = "1.5.2"
+__version__ = "1.5.3"
__author__ = "The cryptography developers"
__email__ = "cryptography-...@python.org"
diff --git a/src/cryptography/hazmat/primitives/kdf/hkdf.py b/src/cryptography/hazmat/primitives/kdf/hkdf.py
index f738bbd..82ed9b1 100644
--- a/src/cryptography/hazmat/primitives/kdf/hkdf.py
+++ b/src/cryptography/hazmat/primitives/kdf/hkdf.py
@@ -91,7 +91,7 @@ class HKDFExpand(object):
output = [b""]
counter = 1
- while (self._algorithm.digest_size // 8) * len(output) < self._length:
+ while self._algorithm.digest_size * (len(output) - 1) < self._length:
h = hmac.HMAC(key_material, self._algorithm, backend=self._backend)
h.update(output[-1])
h.update(self._info)
diff --git a/tests/hazmat/primitives/test_hkdf.py b/tests/hazmat/primitives/test_hkdf.py
index e33529c..a05fd75 100644
--- a/tests/hazmat/primitives/test_hkdf.py
+++ b/tests/hazmat/primitives/test_hkdf.py
@@ -142,6 +142,17 @@ class TestHKDF(object):
hkdf.verify(b"foo", u"bar")
+ def test_derive_short_output(self, backend):
+ hkdf = HKDF(
+ hashes.SHA256(),
+ 4,
+ salt=None,
+ info=None,
+ backend=backend
+ )
+
+ assert hkdf.derive(b"\x01" * 16) == b"gJ\xfb{"
+
@pytest.mark.requires_backend_interface(interface=HMACBackend)
class TestHKDFExpand(object):
