Closed ErnstStavroBlofeld closed 2 weeks ago
Hello, so I made a few tests and I ended up with this script:
for i in range(0, 5):
key = RSA.generate(2048, Random.get_random_bytes)
print('Random bytes', Random.get_random_bytes(32).hex())
print('Key', SHA256Hash.new(key.export_key('DER')).digest().hex())
print('Key', key.export_key('DER'))
In the output we can see that keys are not the same but are indeed identical once hashed. If you read the New features message of version 3.20.0, changes were made for Crypto.Hash.new() and SHA-2 and RSA keys exporting.
Conclusion: we need more investigation in the last commits of version 3.20.0 about Hash methods
The problem is that:
from Crypto.Hash.SHA256 import SHA256Hash
...
print('Key hash', SHA256Hash.new(key.export_key('DER')).digest().hex())
should be:
from Crypto.Hash import SHA256
...
print('Key hash', SHA256.new(key.export_key('DER')).digest().hex())
In other words, the right way to create a new hash is to call SHA256.new
.
SHA256Hash.new
is an instance method, not a static method, and therefore its parameter is interpreted as the object instance, and not as the data to hash. In your program digest()
returns the SHA256 of the empty string (which is always the same of course). More in general, the class SHA256Hash
should never be used directly.
Okay I didn't noticed! Maybe we should changed the semantic and add a warning message. With openSSL, for instance, when you are using RSA components directly withtout the EVP (envelop), a warning is displayed.
Hi, the
RSA.generate
method produces the same key for me each time I run it. It used to run quite slowly some time ago but now it runs almost instantaneously. I tested this behaviour on multiple environments (windows+conda+python3.12.2
,windows+python.3.12.4
,macos+python3.10.14
) and version 3.20.0 of the library.Below is the code with isolated issue:
Running this yields:
I'm can't possibly imagine what might be causing this, any ideas?