Jump to: navigation, search

Security/Juno/Barbican

< Security‎ | Juno
Revision as of 19:17, 25 April 2014 by Nkinder (talk | contribs) (Encryption Algorithms)

This page documents security related details for the Barbican project in the OpenStack Juno release.

Implemented Crypto

Used Crypto

Libraries

  • PyCrypto

Encryption Algorithms

Algorithm Purpose Configurable Implementation Details Source
AES symmetric crypto yes PyCrypto
  • Used as the default encryption/decryption algorithm for symmetric crypto utility class.
  • Caller can specify a different algorithm.
  • Caller specifies the key size.
  • This class isn't currently used anywhere within Barbican.
  • barbican/openstack/common/crypto/utils.py:SymmetricCrypto

Hashing Algorithms

Algorithm Purpose Configurable Implementation Details Source
sha256 HKDF Yes PyCrypto
  • Used as the default algorithm for HMAC-based Key Derivation Function (HKDF) utility class.
  • Caller can specify a different hashing algorithm.
  • This class isn't currently used anywhere within Barbican.
  • barbican/openstack/common/crypto/utils.py:HKDF
sha256 symmetric crypto signing Yes PyCrypto
  • Used as the default signing (HMAC) algorithm for symmetric crypto utility class.
  • Caller can specify a different hashing algorithm.
  • This class isn't currently used anywhere within Barbican.
  • barbican/openstack/common/crypto/utils.py:SymmetricCrypto

Sensitive Data

Keys/Certificates

Passwords

Potential Improvements

Retrieved from "https://wiki.openstack.org/w/index.php?title=Security/Juno/Barbican&oldid=50058"