From 4d318be1951d6bbae0eae7aff69a58de353c8337 Mon Sep 17 00:00:00 2001 From: Filippo Valsorda Date: Mon, 14 Dec 2015 02:18:13 +0000 Subject: [update] fix (unexploitable) BB'06 vulnerability in rsa_verify The rsa_verify code was vulnerable to a BB'06 attack, allowing to forge signatures for arbitrary messages if and only if the public key exponent is 3. Since the updates key is hardcoded to 65537, there is no risk for youtube-dl, but I don't want vulnerable code in the wild. The new function adopts a way safer approach of encoding-and-comparing to replace the dangerous parsing code. --- test/test_update.py | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 test/test_update.py (limited to 'test/test_update.py') diff --git a/test/test_update.py b/test/test_update.py new file mode 100644 index 000000000..d9c71511d --- /dev/null +++ b/test/test_update.py @@ -0,0 +1,30 @@ +#!/usr/bin/env python + +from __future__ import unicode_literals + +# Allow direct execution +import os +import sys +import unittest +sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.abspath(__file__)))) + + +import json +from youtube_dl.update import rsa_verify + + +class TestUpdate(unittest.TestCase): + def test_rsa_verify(self): + UPDATES_RSA_KEY = (0x9d60ee4d8f805312fdb15a62f87b95bd66177b91df176765d13514a0f1754bcd2057295c5b6f1d35daa6742c3ffc9a82d3e118861c207995a8031e151d863c9927e304576bc80692bc8e094896fcf11b66f3e29e04e3a71e9a11558558acea1840aec37fc396fb6b65dc81a1c4144e03bd1c011de62e3f1357b327d08426fe93, 65537) + with open(os.path.join(os.path.dirname(os.path.abspath(__file__)), 'versions.json'), 'rb') as f: + versions_info = f.read().decode() + versions_info = json.loads(versions_info) + signature = versions_info['signature'] + del versions_info['signature'] + self.assertTrue(rsa_verify( + json.dumps(versions_info, sort_keys=True).encode('utf-8'), + signature, UPDATES_RSA_KEY)) + + +if __name__ == '__main__': + unittest.main() -- cgit v1.2.3