New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Indicate that md5 is not being used for secure purposes—and that's okay (FIPS fix) #10192
Conversation
Manage this branch in SquashTest this branch here: https://nutjob4lifemain-ij6k5.squash.io |
wagtail/users/utils.py
Outdated
try: | ||
# On security-restricted systems, indicate we're just fingerprinting: | ||
hashed = hashlib.md5(email_bytes, usedforsecurity=False).hexdigest() | ||
except TypeError: | ||
# On older Pythons, we can't make such an indication: | ||
hashed = hashlib.md5(email_bytes).hexdigest() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we move this to a shared utility function, e.g.
wagtail.coreutils.safe_md5
def safe_md5(data=b"", usedforsecurity=True):
try:
return hashlib.md5(data, usedforsecurity=usedforsecurity)
except TypeError:
return hashlib.md5(data)
and in here (and wagtail.embeds.embeds.get_embed_hash
) we do something like
try: | |
# On security-restricted systems, indicate we're just fingerprinting: | |
hashed = hashlib.md5(email_bytes, usedforsecurity=False).hexdigest() | |
except TypeError: | |
# On older Pythons, we can't make such an indication: | |
hashed = hashlib.md5(email_bytes).hexdigest() | |
hashed = safe_md5(email_bytes, usedforsecurity=False).hexdigest() |
We also have an accepts_kwarg
function in coreutils
that can be used in place of the try
/except
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea @laymonage. I've pushed changes to refactor the use of md5
into a common safe_md5
utility function.
Also made use of accepts_kwargs
—even if that does feel a bit more like asking permission than forgiveness 😅
Thanks @nutjob4life! Merged in 4dea702. |
…)" This reverts commit 4dea702.
Reverted in f6781a2 (CI was failing against Python 3.7) |
This is curious:
Looks like using |
5065019
to
170ef8e
Compare
It seems Python 3.7 doesn't include the signature object for Sorry this fell off my radar before the 5.0 feature freeze, so it looks like this'll be in 5.1. Thanks @nutjob4life! |
Merge this to fix #10184 wherein calls to
hashlib.md5
would raise an exception on security-restricted systems (such as FIPS mode systems used in newer U.S. Government computers). MD5 is disabled by default on such systems but a flag may be passed to indicate that it's being used for non-secure reasons (such as fingerprinting).