mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-10-09 16:34:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 17

bpo-9216: Add usedforsecurity to hashlib constructors (GH-16044)

Browse source 
The usedforsecurity keyword only argument added to the hash constructors is useful for FIPS builds and similar restrictive environment with non-technical requirements that legacy algorithms be forbidden by their implementations without being explicitly annotated as not being used for any security related purposes.  Linux distros with FIPS support benefit from this being standard rather than making up their own way(s) to do it.

Contributed and Signed-off-by: Christian Heimes christian@python.org
This commit is contained in:
Christian Heimes 2019-09-13 02:30:00 +02:00 committed by Gregory P. Smith
parent 3a4f66707e
commit 7cad53e6b0
20 changed files with 495 additions and 165 deletions
Download patch file Download diff file Expand all files Collapse all files

7
Lib/uuid.py
View file

@ -772,8 +772,11 @@ def uuid1(node=None, clock_seq=None):
def uuid3(namespace, name):
"""Generate a UUID from the MD5 hash of a namespace UUID and a name."""
from hashlib import md5
hash = md5(namespace.bytes + bytes(name, "utf-8")).digest()
return UUID(bytes=hash[:16], version=3)
digest = md5(
namespace.bytes + bytes(name, "utf-8"),
usedforsecurity=False
).digest()
return UUID(bytes=digest[:16], version=3)
def uuid4():
"""Generate a random UUID."""