Enhancement Request: Add usedforsecurity Argument to Hash Functions to Indicate Security Context Usage
#10073
Labels
Comments
|
Looking a bit into this, here's two ways we could implement it:
class HashAlgorithm(metaclass=abc.ABCMeta):
# ....
def __init__(self, used_for_security: bool = True):
if used_for_security and not self.is_secure:
raise InsecureAlgorithmException()
#....
class SHA1(HashAlgorithm):
name = "sha1"
digest_size = 20
block_size = 64
is_secure = False
def __init__(self, used_for_security: bool = True):
super().__init__(used_for_security) # new
if digest_size < 1:
raise ValueError("digest_size must be a positive integer")
self._digest_size = digest_size
#...
class SM3(HashAlgorithm):
name = "sm3"
digest_size = 32
block_size = 64
is_secure = True
def __init__(self, used_for_security: bool = True):
super().__init__(used_for_security)
#... etc |
|
@alex and @reaperhulk might be thinking something different, but IMO mirroring the |
|
Personally, I'm not wild about adding more options for this. It's an
idiosyncrasy that exists nearly exclusively for FIPS, and it's ill thought
out IMO.
…On Mon, Apr 22, 2024 at 10:20 AM William Woodruff ***@***.***> wrote:
@alex <https://github.com/alex> and @reaperhulk
<https://github.com/reaperhulk> might be thinking something different,
but IMO mirroring the usedforsecurity kwarg behavior in hashlib would be
parsimonious here: rather than having any new exceptions, we could just add
the usedforsecurity kwarg and leave it up to users to explicitly set True
or False. From there, it's up to external tooling to determine whether
the particular hash's use is security sensitive or not (e.g. MD5 is used
for security in HMAC-MD5, but is still strong in that setting).
—
Reply to this email directly, view it on GitHub
<#10073 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBD5ZSJ42FH4LITZPKTY6UMDLAVCNFSM6AAAAABBEJNB2CVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANRZGYZDQMZXG4>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
All that is necessary for evil to succeed is for good people to do nothing.
|
|
Agreed with @alex, I’d rather structure it with decrepit, although that is also a very long term deprecation cycle to move the hashes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
Thank you for maintaining the cryptographic library.
I am a research student with an interest in cryptographic engineering. Recently, we developed a Cryptographic APIs Misuse Detector to identify potential misuses. We have also adapted our rules for the mainstream
cryptography.iolibrary. In comparing the use of insecure hash functions between thecryptography.iolibrary and thehashlibstandard library, we identified numerous misuses in real-world applications. Unfortunately, unlike thehashlibstandard library, thecryptography.iolibrary does not have a keyword-only argument likeusedforsecurityto explicitly indicate whether it is used in a security context. I believe it would be beneficial to consider adding this feature. As a reference, in the official library, there is a set keyword-only argument usedforsecurity with the default valueTrue. A false value allows the use of insecure and blocked hashing algorithms in restricted environments.Reference: hashlib
Usage
I am grateful for your dedication to the cryptographic library. If this enhancement is considered, I would be delighted to contribute to the Python cryptographic library.
Thank you for your time and consideration.
The text was updated successfully, but these errors were encountered: