Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bpo-9216: Add usedforsecurity to hashlib constructors #16044

Merged
merged 5 commits into from Sep 13, 2019
Merged

bpo-9216: Add usedforsecurity to hashlib constructors #16044

merged 5 commits into from Sep 13, 2019

Conversation

tiran
Copy link
Member

@tiran tiran commented Sep 12, 2019
edited by bedevere-bot

@tiran tiran added type-feature A feature request or enhancement DO-NOT-MERGE labels Sep 12, 2019
@gpshead
Copy link
Member

gpshead commented Sep 12, 2019

The hashlib.rst documentation needs to be updated.

@gpshead gpshead self-assigned this Sep 12, 2019
@tiran
Copy link
Member Author

tiran commented Sep 12, 2019

I need to update documentation, PEP, and tests.

@tiran
bpo-9216: Add usedforsecurity to hashlib constructors
81a004b 
Signed-off-by: Christian Heimes <christian@python.org>
@tiran
bpo-9216: Add usedforsecurity to other digest constructors
31b7962 
Signed-off-by: Christian Heimes <christian@python.org>
@tiran
bpo-9216: MD5 in uuid is not used for security
d149672 
Signed-off-by: Christian Heimes <christian@python.org>
@tiran
bpo-9216: document usedforsecurity
378ab50 
Signed-off-by: Christian Heimes <christian@python.org>
@tiran
bpo-9216: test usedforsecurity
82448cd 
Signed-off-by: Christian Heimes <christian@python.org>
@gpshead gpshead added the sprint label Sep 13, 2019
@gpshead gpshead merged commit 7cad53e into python:master Sep 13, 2019
@charettes charettes mentioned this pull request Oct 1, 2019
Closed
5 tasks
stratakis pushed a commit to stratakis/cpython that referenced this pull request Jan 2, 2020
@tiran @stratakis
bpo-9216: Add usedforsecurity to hashlib constructors (pythonGH-16044)
36204b4 
The usedforsecurity keyword only argument added to the hash constructors is useful for FIPS builds and similar restrictive environment with non-technical requirements that legacy algorithms be forbidden by their implementations without being explicitly annotated as not being used for any security related purposes.  Linux distros with FIPS support benefit from this being standard rather than making up their own way(s) to do it.

Contributed and Signed-off-by: Christian Heimes christian@python.org
@lhupfeldt lhupfeldt mentioned this pull request May 4, 2020
Closed
stratakis pushed a commit to stratakis/cpython that referenced this pull request Oct 5, 2020
@tiran @stratakis
bpo-9216: Add usedforsecurity to hashlib constructors (pythonGH-16044)
53dd5be 
The usedforsecurity keyword only argument added to the hash constructors is useful for FIPS builds and similar restrictive environment with non-technical requirements that legacy algorithms be forbidden by their implementations without being explicitly annotated as not being used for any security related purposes.  Linux distros with FIPS support benefit from this being standard rather than making up their own way(s) to do it.

Contributed and Signed-off-by: Christian Heimes christian@python.org
@davvid davvid mentioned this pull request Sep 3, 2021
Closed
@davidmalcolm davidmalcolm mentioned this pull request Apr 25, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gpshead gpshead gpshead approved these changes

Assignees

@gpshead gpshead

Labels
sprint type-feature A feature request or enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@tiran @gpshead @the-knights-who-say-ni @bedevere-bot