Formpost middleware should support stronger hash functions

Bug #1794601 reported by Tim Burke
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Object Storage (swift)

Bug Description

Currently, formpost only uses SHA1 [1] when computing HMACs. People have been sounding the alarm for a while now [2], and not so long ago Google announced a practical attack on SHA1 [3]. We've already enabled SHA-256 and SHA-512 for tempurl [4], so let's do something similar for formpost.


Revision history for this message
Tim Burke (1-tim-z) wrote :

Yeah, I think the tempurl work at will be a really good guide. This is nice and self-contained; good first-contribution material. The main points we'd look for in a patch would be:

* new config option listed in etc/proxy-server.conf-sample,
* formpost's filter_factory parsing the new option, including it in the call to register_swift_info, and passing it on to the actual filter,
* formpost's filter growing some new parsing so it can differentiate between hash functions and validate any of the configured digests,
* updated docs in the formpost middleware's docstring, and
* unit tests to demonstrate the new functionality.

Might be an opportunity to pull some logic from common/middleware/ out to common/ and use it here too, but it's really optional.

tags: added: low-hanging-fruit
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers