You should rebuild using libgmp >= 5 to avoid timing attack vulnerability
getting this on your linux when trying to run something?
You should rebuild using libgmp >= 5 to avoid timing attack vulnerability. _warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
yup, seen it…
RHEL has GMP version 4.something
PyCrypto needs GMP >= 5
RHEL is a tad behind we have to re-make The GNU Multiple Precision Arithmetic Library stuff.
solution:
download the sources from https://gmplib.org/#DOWNLOAD
and according to the instructions from the package:
tar -xvjpf gmp-6.0.0a.tar.bz2 ./configure make make check make install
rebuild PyCrypto
pip install --ignore-installed PyCrypto
for good measure, re-build and re-install some stuff (trust me, just go with it)
yum -y groupinstall "Development tools" yum -y install gcc libgcc glibc libffi-devel libxml2-devel libxslt-devel openssl-devel zlib-devel bzip2-devel ncurses-devel
tada! send me a nice thank you note when you’re done.