1. Python CFFI
  2. Untitled project
  3. cffi
  4. Issues
Issue #15 resolved

stamp out all md5

Daniel Holth
created an issue

Please use any other hashing function such as sha256 (OK to truncate). Many US government systems are configured to crash when md5 is called, to prevent md5 from being accidentally used for cryptography.

Comments (6)

  1. Armin Rigo

    You can change it simply by patching cffi/verify.py:19.

    The Python 2.7 documentation for hashlib states:

    """Constructors for hash algorithms that are always present in this module are md5(), ..."""

    So while I see the reasoning behind always crashing, according to the official docs it is still a bug in your installation rather than in CFFI. If anything, you should write to bugs.python.org asking for a way to instantiate some specific algorithms asking for a non-cryptographic version. Indeed, if I pick any other algorithm, how can I know that next year it will still be cryptographically valid? I cannot of course, and I'd have to update my applications --- but why does this include applications where cryptography is not relevant?

    I'm fine if you propose instead a good way to combine several calls to zlib.crc32() in a way that is not crypographically secure at all but that offers a similar protection against any accidental collision.

  2. Daniel Holth reporter

    SHA is on the FIPS list, and md5 is not. That is all that matters for this application. And md5 has been obsolete since 1996, use anything else and regain your pride.

    The SHA-2 attacks aren't really useful.

    Your speed will drop though. For short messages according to 'openssl speed', SHA-256 can only create about 6 million digests per second, down from the 8 million md5 can do.

  3. Log in to comment