Insufficient data authenticity validation In openssl-encrypt
Description
openssl-encrypt's unverified key bundle from_dict() + to_identity() path allows encryption to attacker keys
Summary
The PublicKeyBundle.from_dict() method in openssl_encrypt/modules/key_bundle.py at lines 329-361 creates bundles from untrusted data without verifying the signature. The docstring warns to call verify_signature() after creation, but the to_identity() method (line 363-391) can convert an unverified bundle directly to an Identity object.
Affected Code
@classmethod def from_dict(cls, data: Dict) -> "PublicKeyBundle": """ SECURITY: Does NOT verify signature. Call verify_signature() after creation. """ # Creates bundle without verification
Impact
If from_dict() followed by to_identity() is called without an intervening verify_signature() call, encryption could be performed against an attacker's public key, leaking secrets. While key_resolver.py (lines 146-147) does verify before use, the unguarded API path remains directly callable.
Recommended Fix
Add a verified flag to PublicKeyBundle that must be set before to_identity() can be called
Or have to_identity() automatically call verify_signature() and raise on failure
Or make from_dict() require verification as part of construction
Fix
Fixed in commit f4a1ba6 on branch releases/1.4.x — from_dict() now verifies self_signature by default (verify=True parameter); raises ValueError on verification failure.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 pypi | 1.4.0 |
Aliases
References