Cryptographic tweaks in python/python3 in rawhide (F17)
by David Malcolm
Summary: most users shouldn't see any differences, but rawhide's python
should now better support OpenSSL FIPS mode, as of python-2.7.2-14.fc17
and python3-3.2.2-5.fc17 onwards.
Long version:
I've just built some tweaks to python's cryptographic code in rawhide,
aimed at making it play better with FIPS mode. It's actually a forward
port of some code that's been in RHEL 6's python 2.6 since RHEL 6.0
(where it was was rhbz#563986).
The idea is that in high-security environments, it's possible to set
site-wide configuration to deny the use of known insecure cryptographic
algorithms.
The main example here is MD5. MD5 is past its "use-by date", and should
not be used for security purposes. See e.g.:
http://www.kb.cert.org/vuls/id/836068
In the past, Fedora build of the python 2 standard library has contained
the following modules:
Pure python modules:
* hashlib (implemented in terms of _hashlib)
* md5 (implemented in terms of _hashlib, falling back to _md5)
* sha (implemented in terms of _hashlib, falling back to _sha256,
_sha512,
_sha as appopriate)
C module wrapping OpenSSL:
* _hashlib
Modules with pure C implementations of certain crypto hash algorithms:
* _md5
* _sha256
* _sha512
* _sha
As of python-2.7.2-14.fc17, I've dropped the final four modules above;
instead, all crypto code within our build of python's stdlib is
implemented in terms of _hashlib, and thus OpenSSL.
Similarly python3-3.2.2-5.fc17 drops the final four modules.
There is a slight risk that this will break any code that uses "_md5"
etc directly, but such code shouldn't be using those modules: they
should use the analogous API entrypoints in either md5/sha or hashlib
instead. (Potentially this could lead to hardware acceleration of the
hash computation).
I've also fixed things so that the remaining modules do the right thing
in FIPS mode.
In the past, if you ran python with OPENSSL_FORCE_FIPS_MODE=1 in the
enviroment, the _hashlib module would segfault when used with a broken
crypto hash algorithm. I've now fixed this so that an exception will be
raised when using bad algorithms:
In normal mode:
$ python -c "import hashlib; m = hashlib.md5(); m.update('abc'); print
m.hexdigest()"
900150983cd24fb0d6963f7d28e17f72
In FIPS mode:
$ OPENSSL_FORCE_FIPS_MODE=1 python -c "import hashlib; m =
hashlib.md5(); m.update('abc'); print m.hexdigest()"
Traceback (most recent call last):
File "<string>", line 1, in <module>
ValueError: error:060800A0:digital envelope
routines:EVP_DigestInit_ex:unknown cipher
(previously, this case would segfault)
[Note that you may need to turn off prelinking, and undo any prelinking
that may have occurred for FIPS mode to work: sudo prelink -u --all ]
If you're using FIPS mode but have some legacy non-security purpose for
MD5 (e.g. hash buckets for optimization, not security), I've added a
non-standard optional keyword argument: usedforsecurity=True, which you
can override to False to mark a callsite as non-security sensitive, and
thus keep using MD5 at audited callsites:
$ OPENSSL_FORCE_FIPS_MODE=1 python -c "import hashlib; m =
hashlib.md5(usedforsecurity=False); m.update('abc'); print
m.hexdigest()"
900150983cd24fb0d6963f7d28e17f72
I've sent a version of this upstream for Python 3 as
http://bugs.python.org/issue9216
Hope the above makes sense (and that I didn't break anything)
Dave
12 years
- 1
- 0
python-distutils-extra for EPEL?
by Matt Domsch
Is anyone in the Python SIG interested in maintaining
python-distutils-extra in el6? The Fedora maintainer has declined to
participate in EPEL, but would welcome someone else doing so. The
rawhide copy builds clean in koji against el6 right now, so it
shouldn't be that hard to maintain.
This is needed by openstack-nova, which the Cloud SIG is in process of
packaging for Fedora and EL6.
Thanks,
Matt
--
Matt Domsch
Technology Strategist
Dell | Office of the CTO
12 years
- 2
- 5
- ← Newer
- 1
- Older →