ACIL FM
Dark
Refresh
Current DIR:
/usr/share/doc/python3-cryptography/docs
/
usr
share
doc
python3-cryptography
docs
Upload
Zip Selected
Delete Selected
Pilih semua
Nama
Ukuran
Permission
Aksi
development
-
chmod
Open
Rename
Delete
hazmat
-
chmod
Open
Rename
Delete
x509
-
chmod
Open
Rename
Delete
_ext
-
chmod
Open
Rename
Delete
_static
-
chmod
Open
Rename
Delete
api-stability.rst
2.93 MB
chmod
View
DL
Edit
Rename
Delete
changelog.rst
30 B
chmod
View
DL
Edit
Rename
Delete
community.rst
589 B
chmod
View
DL
Edit
Rename
Delete
conf.py
6.17 MB
chmod
View
DL
Edit
Rename
Delete
doing-a-release.rst
3.71 MB
chmod
View
DL
Edit
Rename
Delete
exceptions.rst
853 B
chmod
View
DL
Edit
Rename
Delete
faq.rst
9.79 MB
chmod
View
DL
Edit
Rename
Delete
fernet.rst
11.33 MB
chmod
View
DL
Edit
Rename
Delete
glossary.rst
4.62 MB
chmod
View
DL
Edit
Rename
Delete
index.rst
2.64 MB
chmod
View
DL
Edit
Rename
Delete
installation.rst
11.71 MB
chmod
View
DL
Edit
Rename
Delete
limitations.rst
2.12 MB
chmod
View
DL
Edit
Rename
Delete
make.bat
4.99 MB
chmod
View
DL
Edit
Rename
Delete
Makefile
5.46 MB
chmod
View
DL
Edit
Rename
Delete
openssl.rst
4.6 MB
chmod
View
DL
Edit
Rename
Delete
random-numbers.rst
1.55 MB
chmod
View
DL
Edit
Rename
Delete
security.rst
3.51 MB
chmod
View
DL
Edit
Rename
Delete
spelling_wordlist.txt
1.22 MB
chmod
View
DL
Edit
Rename
Delete
Edit file: /usr/share/doc/python3-cryptography/docs/limitations.rst
Known security limitations ========================== Secure memory wiping -------------------- `Memory wiping`_ is used to protect secret data or key material from attackers with access to deallocated memory. This is a defense-in-depth measure against vulnerabilities that leak application memory. Many ``cryptography`` APIs which accept ``bytes`` also accept types which implement the buffer interface. Thus, users wishing to do so can pass ``memoryview`` or another mutable type to ``cryptography`` APIs, and overwrite the contents once the data is no longer needed. However, ``cryptography`` does not clear memory by default, as there is no way to clear immutable structures such as ``bytes``. As a result, ``cryptography``, like almost all software in Python is potentially vulnerable to this attack. The `CERT secure coding guidelines`_ assesses this issue as "Severity: medium, Likelihood: unlikely, Remediation Cost: expensive to repair" and we do not consider this a high risk for most users. RSA PKCS1 v1.5 constant time decryption --------------------------------------- RSA decryption has several different modes, one of which is PKCS1 v1.5. When used in online contexts, a secure protocol implementation requires that peers not be able to tell whether RSA PKCS1 v1.5 decryption failed or succeeded, even by timing variability. ``cryptography`` does not provide an API that makes this possible, due to the fact that RSA decryption raises an exception on failure, which takes a different amount of time than returning a value in the success case. For this reason, at present, we recommend not implementing online protocols that use RSA PKCS1 v1.5 decryption with ``cryptography`` -- independent of this limitation, such protocols generally have poor security properties due to their lack of forward security. If a constant time RSA PKCS1 v1.5 decryption API is truly required, you should contribute one to ``cryptography``. .. _`Memory wiping`: https://devblogs.microsoft.com/oldnewthing/?p=4223 .. _`CERT secure coding guidelines`: https://wiki.sei.cmu.edu/confluence/display/c/MEM03-C.+Clear+sensitive+information+stored+in+reusable+resources
Simpan
Batal
Isi Zip:
Unzip
Create
Buat Folder
Buat File
Terminal / Execute
Run
Chmod Bulk
All File
All Folder
All File dan Folder
Apply