Project

Profile

Help

Story #5440

closed

As a user I can disable checksum types like md5

Added by daviddavis over 5 years ago. Updated about 4 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Problem

Some users may not be comfortable with the use of certain algorithms that have known vulnerabilities such as md5 and sha1. Also, some security standards discourage use of certain hash algorithms.

Solution

Allow users to set a `HASH_ALGORITHMS` setting before they run Pulp for the first time that includes a list of hash algorithms they wish to use. This list should act as a whitelist.

1. Create a constant of the hash algorithms that we support (eg AVAILABLE_HASH_ALGORITHMS) and validate that each HASH_ALGORITHMS item is in AVAILABLE_HASH_ALGORITHMS
2. Validate that sha256 is in HASH_ALGORITHMS. We use this to verify the uniqueness of artifacts.
3. Make all checksum fields on Artifact nullable except sha256
4. Look for places in core and pulp_file that use hashlib and make sure they don't use hash algorithms outside of HASH_ALGORITHMS
5. Test that artifact workflows still work
6. Test (or open an issue) to ensure that pulp_rpm properly supports HASH_ALGORITHMS
7. Document the HASH_ALGORITHMS setting and note that it must be set before Pulp is run for the first time


Related issues

Is duplicate of Pulp - Story #5216: As a user, I can configure which checksum types I want to use in PulpCLOSED - CURRENTRELEASEggainey

Actions
Actions #1

Updated by bmbouter over 5 years ago

  • Sprint/Milestone changed from 71 to 3.0.0
Actions #2

Updated by daviddavis about 5 years ago

  • Description updated (diff)
Actions #3

Updated by daviddavis about 5 years ago

  • Description updated (diff)
Actions #4

Updated by bmbouter about 5 years ago

This all looks good. Is the first-time requirement coming from the idea that you'll never re-check the data in the db if it were changed later?

Actions #5

Updated by daviddavis about 5 years ago

If you change HASH_ALGORITHMS and add another checksum type later, the existing artifacts in the database won't have values for this checksum type. I think we'd have to have some sort of script/migration to fill in these missing values if we allowed users to change HASH_ALGORITHMS.

Actions #6

Updated by bmbouter about 5 years ago

I agree and we can for now say that you can't change it on an installation. Is there any other motivation behind that requirement for users for this setting? I can't think of any, just checking for my understanding.

Actions #7

Updated by daviddavis about 5 years ago

I haven't really thought through it TBH. Would there be some problems for example if you sync down content in RPM and then remove the checksum type that the content is using?

Actions #8

Updated by bmbouter about 5 years ago

  • Sprint/Milestone deleted (3.0.0)

Removing from 3.0 blockers due to no user requesting this and FIPS support not being required for 3.0.

Actions #9

Updated by daviddavis about 4 years ago

  • Status changed from NEW to CLOSED - DUPLICATE
Actions #10

Updated by daviddavis about 4 years ago

  • Is duplicate of Story #5216: As a user, I can configure which checksum types I want to use in Pulp added

Also available in: Atom PDF