From 347e1e292e3cae7149970e55bdb579f69814f46f Mon Sep 17 00:00:00 2001
From: shixuantong <shixuantong1@huawei.com>
Date: Wed, 2 Jul 2025 10:10:30 +0800
Subject: [PATCH] disable RSA PKCS#1v1.5 padding to fix CVE-2023-50782

(cherry picked from commit 253ab71a1e37a387e3d2d29d76734efab29ef6b8)
---
 disable-RSA-PKCS-1v1.5-padding.patch | 80 ++++++++++++++++++++++++++++
 python-cryptography.spec             |  6 ++-
 2 files changed, 85 insertions(+), 1 deletion(-)
 create mode 100644 disable-RSA-PKCS-1v1.5-padding.patch

diff --git a/disable-RSA-PKCS-1v1.5-padding.patch b/disable-RSA-PKCS-1v1.5-padding.patch
new file mode 100644
index 0000000..eefceb6
--- /dev/null
+++ b/disable-RSA-PKCS-1v1.5-padding.patch
@@ -0,0 +1,80 @@
+From edf2c74db67eb0f2e0d4cf02bba429d9f398c676 Mon Sep 17 00:00:00 2001
+From: shixuantong <shixuantong1@huawei.com>
+Date: Wed, 2 Jul 2025 10:08:40 +0800
+Subject: [PATCH] disable RSA PKCS#1v1.5 padding
+
+---
+ src/rust/src/backend/rsa.rs         | 15 +++++++++++++++
+ tests/hazmat/primitives/test_rsa.py | 16 +++++++++-------
+ 2 files changed, 24 insertions(+), 7 deletions(-)
+
+diff --git a/src/rust/src/backend/rsa.rs b/src/rust/src/backend/rsa.rs
+index 662f30a..dddd08d 100644
+--- a/src/rust/src/backend/rsa.rs
++++ b/src/rust/src/backend/rsa.rs
+@@ -326,6 +326,13 @@ impl RsaPrivateKey {
+         let mut ctx = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?;
+         ctx.decrypt_init()?;
+ 
++        if padding.is_instance(types::PKCS1V15.get(py)?)? {
++            return Err(CryptographyError::from(
++                    pyo3::exceptions::PyValueError::new_err(
++                        "RSA PKCS#1v1.5 has security problems and it has been banned.",
++                    ),
++            ));
++        }
+         setup_encryption_ctx(py, &mut ctx, padding)?;
+ 
+         // Everything from this line onwards is written with the goal of being
+@@ -452,6 +459,14 @@ impl RsaPublicKey {
+         let mut ctx = openssl::pkey_ctx::PkeyCtx::new(&self.pkey)?;
+         ctx.encrypt_init()?;
+ 
++        if padding.is_instance(types::PKCS1V15.get(py)?)? {
++            return Err(CryptographyError::from(
++                    pyo3::exceptions::PyValueError::new_err(
++                        "RSA PKCS#1v1.5 has security problems and it has been banned.",
++                   ),
++            ));
++        }
++
+         setup_encryption_ctx(py, &mut ctx, padding)?;
+ 
+         let length = ctx.encrypt(plaintext, None)?;
+diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
+index 8810f0f..0261542 100644
+--- a/tests/hazmat/primitives/test_rsa.py
++++ b/tests/hazmat/primitives/test_rsa.py
+@@ -1771,8 +1771,9 @@ class TestRSADecryption:
+                 ).private_key(backend, unsafe_skip_rsa_key_validation=True)
+                 ciphertext = binascii.unhexlify(example["encryption"])
+                 assert len(ciphertext) == (skey.key_size + 7) // 8
+-                message = skey.decrypt(ciphertext, padding.PKCS1v15())
+-                assert message == binascii.unhexlify(example["message"])
++                with pytest.raises(ValueError, match="RSA PKCS#1v1.5 has security problems and it has been banned."):
++                    message = skey.decrypt(ciphertext, padding.PKCS1v15())
++                    assert message == binascii.unhexlify(example["message"])
+ 
+     def test_unsupported_padding(
+         self, rsa_key_2048: rsa.RSAPrivateKey, backend
+@@ -2130,11 +2131,12 @@ class TestRSAEncryption:
+         _check_fips_key_length(backend, private_key)
+         pt = b"encrypt me!"
+         public_key = private_key.public_key()
+-        ct = public_key.encrypt(pt, pad)
+-        assert ct != pt
+-        assert len(ct) == (public_key.key_size + 7) // 8
+-        recovered_pt = private_key.decrypt(ct, pad)
+-        assert recovered_pt == pt
++        with pytest.raises(ValueError, match="RSA PKCS#1v1.5 has security problems and it has been banned."):
++            ct = public_key.encrypt(pt, pad)
++            assert ct != pt
++            assert len(ct) == (public_key.key_size + 7) // 8
++            recovered_pt = private_key.decrypt(ct, pad)
++            assert recovered_pt == pt
+ 
+     @pytest.mark.parametrize(
+         ("key_data", "pad"),
+-- 
+2.27.0
+
diff --git a/python-cryptography.spec b/python-cryptography.spec
index 61e9a47..3d7e60e 100644
--- a/python-cryptography.spec
+++ b/python-cryptography.spec
@@ -1,7 +1,7 @@
 %global pypi_name cryptography
 Name:           python-%{pypi_name}
 Version:        42.0.2
-Release:        7
+Release:        8
 Summary:        PyCA's cryptography library
 License:        ASL 2.0 or BSD
 URL:            https://cryptography.io/en/latest/  
@@ -22,6 +22,7 @@ Patch9001:      Revert-Remove-now-unused-OpenSSL-password-callback-1.patch
 Patch9002:      Revert-Another-sweep-removing-unused-bindings-9671.patch
 Patch9003:      Revert-Remove-unused-bindings-8972.patch
 Patch9004:      Revert-Remove-now-unused-bindings-8778.patch
+Patch9005:      disable-RSA-PKCS-1v1.5-padding.patch
 
 BuildRequires:  openssl-devel cargo
 BuildRequires:  gcc
@@ -106,6 +107,9 @@ PYTHONPATH=%{buildroot}%{python3_sitearch} %{__python3} -m pytest --ignore vendo
 %doc README.rst docs
 
 %changelog
+* Wed Jul 02 2025 shixuantong <shixuantong1@huawei.com> - 42.0.2-8
+- disable RSA PKCS#1v1.5 padding to fix CVE-2023-50782
+
 * Wed Jun 11 2025 shixuantong <shixuantong1@huawei.com> - 42.0.2-7
 - add EVP_PKEY_keygen_init and EVP_PKEY_keygen
 
-- 
Gitee