Skip to content

bpo-9216: [WIP] Support OpenSSL FIPS mode. #5548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
stratakis wants to merge 1 commit into from
Closed

bpo-9216: [WIP] Support OpenSSL FIPS mode. #5548

stratakis wants to merge 1 commit into from

Conversation

@stratakis
Copy link
Contributor

@stratakis stratakis commented Feb 5, 2018
edited by bedevere-bot
Loading

Add a usedforsecurity keyword argument to the various
digest algorithms in hashlib, which whitelists digest algorithms
that while forbidden in a FIPS environment, are not utilized
for security.

Based on Dave Malcolm's patch from https://bugs.python.org/issue9216.

https://bugs.python.org/issue9216

@stratakis
Support OpenSSL FIPS mode.
849655d 
Add a usedforsecurity keyword argument to the various
digest algorithms in hashlib, which whitelists digest algorithms
that while forbidden in a FIPS environment, are not utilized
for security.
@tiran tiran self-requested a review February 5, 2018 10:53
@stratakis
Copy link
Contributor Author

stratakis commented Jul 14, 2019

After a discussion with @tiran we decided to not move forward with that, as allowing applications to workaround the usage of unsafe algorithms within a FIPS environment, is a potential violation of the FIPS standard. Hence closing this.

@stratakis stratakis closed this Jul 14, 2019
@stratakis stratakis deleted the usedforsecurity branch July 14, 2019 10:11
@davidmalcolm davidmalcolm mentioned this pull request Apr 25, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tiran tiran Awaiting requested review from tiran

Assignees

No one assigned

Labels

awaiting review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stratakis @the-knights-who-say-ni @bedevere-bot