From 18aa5a99271908054b8fc65d79c91c8404d486af Mon Sep 17 00:00:00 2001 From: Eli Collins Date: Sat, 2 May 2020 14:14:25 -0400 Subject: reworked lookup_hash() and create_hex_digest() internals to work better on FIPS systems (issue 116). * lookup_hash(): - moved all hash consturctor error checks / handling into HashInfo object, which simplifies lookup_hash() internals - [minor] added "required" kwd, inverse of the now-deprecated "return_unknown" kwd - [minor] now caches unknown/unsupported HashInfo records. * HashInfo: - now catches ValueErrors thrown by hash constructor, and special-cased detection of "disabled for fips" errors. - stub instances now have constructor that throws UnknownHashError, instead of being None. calling code should detect stub instances via the new "not info.supported" instead of testing for "info.const is None". * create_hex_digest() now defaults to creating handlers w/ mock hash func when it's not present (e.g. due to FIPS). this should let them be imported; and defer the errors until they're actually used. * added _set_mock_fips_mode() and some helps to make lookup_hash() fake a FIPS mode system (per traceback provided in issue comments). used this to make some preliminary UTs for the digest & hasher changes above. --- docs/history/1.7.rst | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'docs') diff --git a/docs/history/1.7.rst b/docs/history/1.7.rst index 0d25fb2..3cee9a9 100644 --- a/docs/history/1.7.rst +++ b/docs/history/1.7.rst @@ -26,6 +26,25 @@ Bugfixes * :mod:`passlib.ext.django`: fixed lru_cache import (django 3 compatibility) +Other Changes +------------- + +* Modified some internals to help run on FIPS systems (:issue:`116`): + + In particular, when MD5 hash is not available, :class:`~passlib.hash.hex_md5` + will now return a dummy hasher which throws an error if used; rather than throwing + an uncaught :exc:`!ValueError` when an application attempts to import it. (Similar behavior + added for the other unsalted digest hashes). + + .. py:currentmodule:: passlib.crypto.digest + + Also, :func:`lookup_hash`'s ``required=False`` kwd was modified to report unsupported hashes + via the :attr:`HashInfo.supported` attribute; rather than letting ValueErrors through uncaught. + + This should allow CryptContext instances to be created on FIPS systems without having + a load-time error (though they will still receive an error if an attempt is made to actually + *use* a FIPS-disabled hash). + **1.7.2** (2019-11-22) ====================== -- cgit v1.2.1