Difference between revisions of "Security/Juno/Barbican"

Revision as of 19:17, 25 April 2014

This page documents security related details for the Barbican project in the OpenStack Juno release.

Algorithm	Purpose	Configurable	Implementation	Details	Source
AES	symmetric crypto	yes	PyCrypto	Used as the default encryption/decryption algorithm for symmetric crypto utility class. Caller can specify a different algorithm. Caller specifies the key size. This class isn't currently used anywhere within Barbican.	barbican/openstack/common/crypto/utils.py:SymmetricCrypto

Algorithm	Purpose	Configurable	Implementation	Details	Source
sha256	HKDF	Yes	PyCrypto	Used as the default algorithm for HMAC-based Key Derivation Function (HKDF) utility class. Caller can specify a different hashing algorithm. This class isn't currently used anywhere within Barbican.	barbican/openstack/common/crypto/utils.py:HKDF
sha256	symmetric crypto signing	Yes	PyCrypto	Used as the default signing (HMAC) algorithm for symmetric crypto utility class. Caller can specify a different hashing algorithm. This class isn't currently used anywhere within Barbican.	barbican/openstack/common/crypto/utils.py:SymmetricCrypto

@@ Line 17: / Line 17: @@
 * Caller can specify a different algorithm.
 * Caller specifies the key size.
-* TODO - what uses this utility class in Barbican, and do any override the default algorithm?
+* This class isn't currently used anywhere within Barbican.
 ||
 * barbican/openstack/common/crypto/utils.py:SymmetricCrypto