The travis_encrypt_binstar_token implementation in the conda-smithy package has been identified as vulnerable to an Oracle Padding Attack. This vulnerability results from the use of an outdated and insecure padding scheme during RSA encryption. A malicious actor with access to an oracle system can exploit this flaw by iteratively submitting modified ciphertexts and analyzing responses to infer the plaintext without possessing the private key.
def travis_encrypt_binstar_token(repo, string_to_encrypt):
[...]
import base64
from Crypto.Cipher import PKCS1_v1_5
from Crypto.PublicKey import RSA
keyurl = f"https://api.travis-ci.com/repo/{repo}/key_pair/generated"
r = requests.get(keyurl, headers=travis_headers())
r.raise_for_status()
public_key = r.json()["public_key"]
key = RSA.importKey(public_key)
cipher = PKCS1_v1_5.new(key)
return base64.b64encode(cipher.encrypt(string_to_encrypt.encode())).decode(
"utf-8"
)
The use of RSA-OAEP (Optimal Asymmetric Encryption Padding) is recommended to mitigate padding oracle attacks.
jaimergp Remediation developer
The travis_encrypt_binstar_token implementation in the conda-smithy package has been identified as vulnerable to an Oracle Padding Attack. This vulnerability results from the use of an outdated and insecure padding scheme during RSA encryption. A malicious actor with access to an oracle system can exploit this flaw by iteratively submitting modified ciphertexts and analyzing responses to infer the plaintext without possessing the private key.
Affected File:
https://github.com/conda-forge/conda-smithy/blob/[...]/conda_smithy/ci_register.py#L447
Affected Code:
The use of RSA-OAEP (Optimal Asymmetric Encryption Padding) is recommended to mitigate padding oracle attacks.