|
| 1 | +# Security Policy |
| 2 | + |
| 3 | +## Supported Versions |
| 4 | + |
| 5 | +Only the latest released version is supported. |
| 6 | +Alpha and beta releases are always unsupported with security fixes. |
| 7 | + |
| 8 | +The project uses semantic versioning, as such, minor version changes are API compatible. |
| 9 | + |
| 10 | +| Version | Supported | |
| 11 | +| -------- | ------------------ | |
| 12 | +| 0.18.x | :white_check_mark: | |
| 13 | +| < 0.18 | :x: | |
| 14 | + |
| 15 | +## Support Scope |
| 16 | + |
| 17 | +This library was not designed with security in mind. If you are processing data that needs |
| 18 | +to be protected we suggest you use a quality wrapper around OpenSSL. |
| 19 | +[`pyca/cryptography`](https://cryptography.io/) is one example of such a wrapper. |
| 20 | +The primary use-case of this library is as a portable library for interoperability testing |
| 21 | +and as a teaching tool. |
| 22 | + |
| 23 | +**This library does not protect against side-channel attacks.** |
| 24 | + |
| 25 | +Do not allow attackers to measure how long it takes you to generate a key pair or sign a message. |
| 26 | +Do not allow attackers to run code on the same physical machine when key pair generation or |
| 27 | +signing is taking place (this includes virtual machines). |
| 28 | +Do not allow attackers to measure how much power your computer uses while generating the key pair |
| 29 | +or signing a message. Do not allow attackers to measure RF interference coming from your computer |
| 30 | +while generating a key pair or signing a message. Note: just loading the private key will cause |
| 31 | +key pair generation. Other operations or attack vectors may also be vulnerable to attacks. |
| 32 | +For a sophisticated attacker observing just one operation with a private key will be sufficient |
| 33 | +to completely reconstruct the private key. |
| 34 | + |
| 35 | +Fixes for side-channel vulerabilities will not be developed. |
| 36 | + |
| 37 | +Please also note that any Pure-python cryptographic library will be vulnerable to the same |
| 38 | +side-channel attacks. This is because Python does not provide side-channel secure primitives |
| 39 | +(with the exception of [`hmac.compare_digest()`](https://docs.python.org/3/library/hmac.html#hmac.compare_digest)), |
| 40 | +making side-channel secure programming impossible. |
| 41 | + |
| 42 | +This library depends upon a strong source of random numbers. Do not use it on a system |
| 43 | +where `os.urandom()` does not provide cryptographically secure random numbers. |
| 44 | + |
| 45 | +## Reporting a Vulnerability |
| 46 | + |
| 47 | +If you find a security vulnerability in this library, you can report it using the "Report a vulnerability" button on the Security tab in github UI. |
| 48 | +Alternatively, you can contact the project maintainer at hkario at redhat dot com. |
0 commit comments