Swift uses the insecure MD5 algorithm in etag and content-md5 and image checksum.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
New
|
Undecided
|
Unassigned |
Bug Description
High level description: Swift uses the insecure MD5 algorithm in etag and content-md5.SHA256, SHA512, or other more secure algorithms should be used.
Pre-conditions: NA
Step-by-step reproduction steps: NA
Expected output: NA
Actual output: NA
Version: Train
Environment: NA
Perceived severity: NA
Tags (Affected component): NA
Attachments: Swift uses the insecure MD5 algorithm in etag and content-md5 and image checksum.
For example:
swift/common/
response_headers = [(h, v) for h, v in response_headers
etag = md5()
for seg_dict in segments:
etag.
response_
swift.common.
def check_md5(self, body):
if 'HTTP_CONTENT_MD5' not in self.environ:
raise InvalidRequest(
digest = base64.
if self.environ[
raise BadDigest(