Difference between revisions of "Security/Juno/Barbican"
(→Encryption Algorithms) |
(→Used Crypto) |
||
Line 14: | Line 14: | ||
|- | |- | ||
| AES || symmetric crypto || yes || PyCrypto || | | AES || symmetric crypto || yes || PyCrypto || | ||
− | * | + | * Used as the default encryption/decryption algorithm for symmetric crypto utility class. |
+ | * Caller can specify a different algorithm. | ||
+ | * Caller specifies the key size. | ||
+ | * TODO - what uses this utility class in Barbican, and do any override the default algorithm? | ||
|| | || | ||
* barbican/openstack/common/crypto/utils.py:SymmetricCrypto | * barbican/openstack/common/crypto/utils.py:SymmetricCrypto | ||
Line 25: | Line 28: | ||
|- | |- | ||
| sha256 || HKDF || Yes || PyCrypto || | | sha256 || HKDF || Yes || PyCrypto || | ||
− | * Used as the default algorithm for HMAC-based Key Derivation Function (HKDF) utility | + | * Used as the default algorithm for HMAC-based Key Derivation Function (HKDF) utility class. |
* Caller can specify a different hashing algorithm. | * Caller can specify a different hashing algorithm. | ||
− | * TODO - what uses this utility | + | * TODO - what uses this utility class in Barbican, and do any override the default algorithm? |
|| | || | ||
* barbican/openstack/common/crypto/utils.py:HKDF | * barbican/openstack/common/crypto/utils.py:HKDF | ||
|- | |- | ||
| sha256 || symmetric crypto signing || Yes || PyCrypto || | | sha256 || symmetric crypto signing || Yes || PyCrypto || | ||
− | * Used as the default signing (HMAC) algorithm for symmetric crypto utility | + | * Used as the default signing (HMAC) algorithm for symmetric crypto utility class. |
* Caller can specify a different hashing algorithm. | * Caller can specify a different hashing algorithm. | ||
− | * TODO - what uses this utility | + | * TODO - what uses this utility class in Barbican, and do any override the default algorithm? |
|| | || | ||
* barbican/openstack/common/crypto/utils.py:SymmetricCrypto | * barbican/openstack/common/crypto/utils.py:SymmetricCrypto |
Revision as of 19:13, 25 April 2014
This page documents security related details for the Barbican project in the OpenStack Juno release.
Contents
Implemented Crypto
Used Crypto
Libraries
- PyCrypto
Encryption Algorithms
Algorithm | Purpose | Configurable | Implementation | Details | Source |
---|---|---|---|---|---|
AES | symmetric crypto | yes | PyCrypto |
|
|
Hashing Algorithms
Algorithm | Purpose | Configurable | Implementation | Details | Source |
---|---|---|---|---|---|
sha256 | HKDF | Yes | PyCrypto |
|
|
sha256 | symmetric crypto signing | Yes | PyCrypto |
|
|