Dims, Right I think I have heard pycrypto was dead, which sort of prompted the question. Thanks for the response!
Regards, -steve From: Davanum Srinivas <[email protected]> Reply-To: "OpenStack Development Mailing List (not for usage questions)" <[email protected]> Date: Sunday, November 6, 2016 at 7:39 AM To: "OpenStack Development Mailing List (not for usage questions)" <[email protected]> Subject: Re: [openstack-dev] [requirements][kolla][security] pycrypto vs cryptography Steve, pycrypto is almost dead. The replacement is pycryptodome. BUT both cannot be installed at the same time, so there is a struggle to get all projects to work correctly with pycryptodome, Last i checked the status was this: http://git.openstack.org/cgit/openstack/requirements/tree/global-requirements.txt#n188 cryptography has been there in requirements since 2014: https://review.openstack.org/#/c/93794/ So, i'd support projects wanting to use cryptography directly. fwiw, i don't see a claim to support FIPS-140-2 in cryptography: https://cryptography.io/en/latest/development/test-vectors/ https://github.com/pyca/cryptography/tree/master/vectors/cryptography_vectors/asymmetric/ECDSA Thanks, Dims On Sun, Nov 6, 2016 at 3:05 AM, Steven Dake (stdake) <[email protected]<mailto:[email protected]>> wrote: Requirements team, Currently Kolla uses pycrypto in our requirements. I see a lot of big tent projects moving to cryptography. Is this just my imagination, or was there a decision on this from the requirements team? We are happy to comply with whatever dep management is considered appropriate for OpenStack ESPECIALLY as it relates to security and crypto libraries. I’d just like confirmation if we should move off pycrypto to cryptography, or if these two things offer similar functionality, or if I’m way off base here J. An orthogonal question I have received from one of our community members (Pavo on irc) is whether pycrypto (or if we move to cryptography) provide FIPS-140-2 compliance. Regards -steve __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]<mailto:[email protected]>?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Davanum Srinivas :: https://twitter.com/dims __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]<mailto:[email protected]>?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
