Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Diffie-Hellman PrivKey generation fails in OpenSSL when providing q #12232

Open
rafzi opened this issue Jan 3, 2025 · 1 comment
Open

Diffie-Hellman PrivKey generation fails in OpenSSL when providing q #12232

rafzi opened this issue Jan 3, 2025 · 1 comment
Labels
bugs

Comments

@rafzi
Copy link

rafzi commented Jan 3, 2025

Trying to use this function which optionally accepts a subgroup order value q: https://cryptography.io/en/latest/hazmat/primitives/asymmetric/dh/#cryptography.hazmat.primitives.asymmetric.dh.DHParameterNumbers

It points to https://github.com/openssl/openssl/blob/master/crypto/dh/dh_key.c#L378 which has many possible points of failure, none of which look like obvious issues with my code.

> docker run -it ubuntu:24.04
[...]
root@7891502d861a:/# apt update
[...]
root@7891502d861a:/# apt install python3 python3-pip python3-venv
[...]
Setting up openssl (3.0.13-0ubuntu3.4) ...
[...]
root@7891502d861a:/# python3 -m venv venv
[...]
root@7891502d861a:/# . venv/bin/activate
(venv) root@7891502d861a:/# pip install --upgrade pip setuptools
[...]
Successfully installed pip-24.3.1 setuptools-75.6.0
(venv) root@7891502d861a:/# pip install --upgrade cryptography
[...]
Successfully installed cffi-1.17.1 cryptography-44.0.0 pycparser-2.22
(venv) root@7891502d861a:/# python
Python 3.12.3 (main, Nov  6 2024, 18:32:19) [GCC 13.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from cryptography.hazmat.primitives.asymmetric import dh
>>> from cryptography.hazmat.backends import default_backend
>>> params = dh.generate_parameters(generator=2, key_size=2048)
>>> p = params.parameter_numbers().p
>>> g = params.parameter_numbers().g
>>> p
27959375644344463256751989350921832803570460731596420086495116779797809201458510262261192513317138047331433751306682833062850443350129629576537357367083523062689316143098333136760243118401118959114204204146330220074115929544235092751355252066718380339944684013475359264972395317916808865346000118170327257593289467488709867204896596610310360956180170034165285113072925707274818648535508355000730552796522590254858283760710129528157667353952606117128856742682684800197270523634625205767541132241705030383732412203388550936036674882008256768803496179751877223196884900008877371926673824831535296158294177744741203133743
>>> g
2
>>> parameters = dh.DHParameterNumbers(p, g).parameters(default_backend())
>>> parameters.generate_private_key()
<cryptography.hazmat.bindings._rust.openssl.dh.DHPrivateKey object at 0x7ff8868c5770>
>>> q = (p - 1) // 2 if (p - 1) % 2 == 0 else None
>>> q
13979687822172231628375994675460916401785230365798210043247558389898904600729255131130596256658569023665716875653341416531425221675064814788268678683541761531344658071549166568380121559200559479557102102073165110037057964772117546375677626033359190169972342006737679632486197658958404432673000059085163628796644733744354933602448298305155180478090085017082642556536462853637409324267754177500365276398261295127429141880355064764078833676976303058564428371341342400098635261817312602883770566120852515191866206101694275468018337441004128384401748089875938611598442450004438685963336912415767648079147088872370601566871
>>> parameters = dh.DHParameterNumbers(p, g, q).parameters(default_backend())
>>> parameters.generate_private_key()
Traceback (most recent call last):
  File "", line 1, in 
cryptography.exceptions.InternalError: Unknown OpenSSL error. This error is commonly encountered
                    when another library is not cleaning up the OpenSSL error
                    stack. If you are using cryptography with another library
                    that uses OpenSSL try disabling it before reporting a bug.
                    Otherwise please file an issue at
                    https://github.com/pyca/cryptography/issues with
                    information on how to reproduce this. (error:02880003:Diffie-Hellman routines:generate_key:BN lib:crypto/dh/dh_key.c:378:)
>>>
@alex
Copy link
Member

alex commented Jan 3, 2025

I'm able to reproduce with:

from cryptography.hazmat.primitives.asymmetric import dh

params = dh.generate_parameters(generator=2, key_size=2048)
p = params.parameter_numbers().p
g = params.parameter_numbers().g
print(p)
print(g)

parameters = dh.DHParameterNumbers(p, g).parameters()
print(parameters.generate_private_key())

q = (p - 1) // 2 if (p - 1) % 2 == 0 else None
print(q)
parameters = dh.DHParameterNumbers(p, g, q).parameters()
print(parameters.generate_private_key())

@alex alex added the bugs label Jan 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bugs
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alex @rafzi