oslo.utils/oslo_utils/secretutils.py

# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

"""
Secret utilities.

.. versionadded:: 3.5
"""

import hashlib
import hmac


def _constant_time_compare(first, second):
    """Return True if both string or binary inputs are equal, otherwise False.

    This function should take a constant amount of time regardless of
    how many characters in the strings match. This function uses an
    approach designed to prevent timing analysis by avoiding
    content-based short circuiting behaviour, making it appropriate
    for cryptography.
    """
    first = str(first)
    second = str(second)
    if len(first) != len(second):
        return False
    result = 0
    for x, y in zip(first, second):
        result |= ord(x) ^ ord(y)
    return result == 0


try:
    constant_time_compare = hmac.compare_digest
except AttributeError:
    constant_time_compare = _constant_time_compare

try:
    _ = hashlib.md5(usedforsecurity=False)  # nosec

    def md5(string=b'', usedforsecurity=True):
        """Return an md5 hashlib object using usedforsecurity parameter

        For python distributions that support the usedforsecurity keyword
        parameter, this passes the parameter through as expected.
        See https://bugs.python.org/issue9216
        """
        return hashlib.md5(string, usedforsecurity=usedforsecurity)  # nosec
except TypeError:
    def md5(string=b'', usedforsecurity=True):
        """Return an md5 hashlib object without usedforsecurity parameter

        For python distributions that do not yet support this keyword
        parameter, we drop the parameter
        """
        return hashlib.md5(string)  # nosec
Create secretutils and include 'constant_time_compare' function This code (or a version of it) is being shared by at least nova and keystonemiddleware and it seems like a good idea to move it to being common shared code (especially due to the importance of getting this code correct). This adds an initial secretutils and adds tests for it. Change-Id: Ia603202a065d5b345608e712f63f7af21fd74dea 2015-09-23 14:28:11 -07:00			`# All Rights Reserved.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License"); you may`
			`# not use this file except in compliance with the License. You may obtain`
			`# a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT`
			`# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the`
			`# License for the specific language governing permissions and limitations`
			`# under the License.`

Add missing documentation for secretutils The current doc page for secretutils is blank [1], most likely because of the way constant_time_compare is in the exception block. This patch manually tells sphinx to doc the constant_time_compare function. Also adds the oslo.utils version when the module was added. [1]: https://docs.openstack.org/developer/oslo.utils/api/secretutils.html Change-Id: Ic1fb15176c93f126826f568149cabf4b8e5450d8 2017-02-23 07:38:04 -08:00			`"""`
			`Secret utilities.`

			`.. versionadded:: 3.5`
			`"""`

Add function to encapsule md5 for FIPS systems For systems in FIPS mode, invocations of MD5 will fail. This occurs even in cases where the MD5 is used in a non-cryptographical context eg. for an etag in swift. There is a proposal in Python to allow developers to mark these non-crypto cases as valid through a new usedforsecurity keyword. See https://bugs.python.org/issue9216. Some downstream versions of python already implement this keyword. To permit OpenStack to run in FIPS enabled systems with these versions of python, we add a simple encapsulation of hashlib.md5() here. Once the issue is resolved in upstream python, we can remove this function. Change-Id: I09433fea6ad6e6849677a93b269e24dec5c05b69 2020-09-04 15:55:31 -04:00			`import hashlib`
Create secretutils and include 'constant_time_compare' function This code (or a version of it) is being shared by at least nova and keystonemiddleware and it seems like a good idea to move it to being common shared code (especially due to the importance of getting this code correct). This adds an initial secretutils and adds tests for it. Change-Id: Ia603202a065d5b345608e712f63f7af21fd74dea 2015-09-23 14:28:11 -07:00			`import hmac`

Adding a check of string type for hmacs - To ensure comparison is done on binary data The method would first check if the 2 hmacs are a python `six.stringtype`. If they are, they would be encoded using 'utf-8' as the encoding scheme to binary data. Change-Id: Idf59f669087a39c30eee4e533899b95ede66e198 2017-02-15 14:33:48 -06:00
Fix exception with secretutils 1. There are some problems about the test method. problem 1: Unit tests may not cover our function, it depends on the python version that performed the test. problem 2: when using function 'constant_time_compare(first, second)', 'first' and 'second' params are usually HMAC digest values, it is not appropriate to use utf-8 encoded values as mock data. 2. The previous commit `f1d332a` lead into a bug, but due to the problem 1 and the problem 2, we did not find out the error. Change-Id: I1c29bfe69f8eda60f3c5caaf3e5447dd5b69b108 Closes-Bug: #1772851 2018-05-23 17:13:47 +08:00			`def _constant_time_compare(first, second):`
			`"""Return True if both string or binary inputs are equal, otherwise False.`

			`This function should take a constant amount of time regardless of`
			`how many characters in the strings match. This function uses an`
			`approach designed to prevent timing analysis by avoiding`
			`content-based short circuiting behaviour, making it appropriate`
			`for cryptography.`
			`"""`
			`first = str(first)`
			`second = str(second)`
			`if len(first) != len(second):`
			`return False`
			`result = 0`
			`for x, y in zip(first, second):`
			`result \|= ord(x) ^ ord(y)`
			`return result == 0`
Create secretutils and include 'constant_time_compare' function This code (or a version of it) is being shared by at least nova and keystonemiddleware and it seems like a good idea to move it to being common shared code (especially due to the importance of getting this code correct). This adds an initial secretutils and adds tests for it. Change-Id: Ia603202a065d5b345608e712f63f7af21fd74dea 2015-09-23 14:28:11 -07:00
Update hacking for Python3 The repo is Python 3 now, so update hacking to version 3.0 which supports Python 3. Fix problems found. Remove hacking and friends from lower-constraints, they are not needed for installation. Change-Id: I3f23bf09ef24fe34e128102c34382da98e10f5c1 2020-04-02 15:08:30 +02:00
Create secretutils and include 'constant_time_compare' function This code (or a version of it) is being shared by at least nova and keystonemiddleware and it seems like a good idea to move it to being common shared code (especially due to the importance of getting this code correct). This adds an initial secretutils and adds tests for it. Change-Id: Ia603202a065d5b345608e712f63f7af21fd74dea 2015-09-23 14:28:11 -07:00			`try:`
			`constant_time_compare = hmac.compare_digest`
			`except AttributeError:`
Fix exception with secretutils 1. There are some problems about the test method. problem 1: Unit tests may not cover our function, it depends on the python version that performed the test. problem 2: when using function 'constant_time_compare(first, second)', 'first' and 'second' params are usually HMAC digest values, it is not appropriate to use utf-8 encoded values as mock data. 2. The previous commit `f1d332a` lead into a bug, but due to the problem 1 and the problem 2, we did not find out the error. Change-Id: I1c29bfe69f8eda60f3c5caaf3e5447dd5b69b108 Closes-Bug: #1772851 2018-05-23 17:13:47 +08:00			`constant_time_compare = _constant_time_compare`
Add function to encapsule md5 for FIPS systems For systems in FIPS mode, invocations of MD5 will fail. This occurs even in cases where the MD5 is used in a non-cryptographical context eg. for an etag in swift. There is a proposal in Python to allow developers to mark these non-crypto cases as valid through a new usedforsecurity keyword. See https://bugs.python.org/issue9216. Some downstream versions of python already implement this keyword. To permit OpenStack to run in FIPS enabled systems with these versions of python, we add a simple encapsulation of hashlib.md5() here. Once the issue is resolved in upstream python, we can remove this function. Change-Id: I09433fea6ad6e6849677a93b269e24dec5c05b69 2020-09-04 15:55:31 -04:00
			`try:`
			`_ = hashlib.md5(usedforsecurity=False) # nosec`

			`def md5(string=b'', usedforsecurity=True):`
			`"""Return an md5 hashlib object using usedforsecurity parameter`

			`For python distributions that support the usedforsecurity keyword`
			`parameter, this passes the parameter through as expected.`
			`See https://bugs.python.org/issue9216`
			`"""`
			`return hashlib.md5(string, usedforsecurity=usedforsecurity) # nosec`
			`except TypeError:`
			`def md5(string=b'', usedforsecurity=True):`
			`"""Return an md5 hashlib object without usedforsecurity parameter`

			`For python distributions that do not yet support this keyword`
			`parameter, we drop the parameter`
			`"""`
			`return hashlib.md5(string) # nosec`