| Alex Gaynor | 99b69d9 | 2013-10-19 17:52:58 -0700 | [diff] [blame] | 1 | Security |
| 2 | ======== |
| 3 | |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 4 | We take the security of ``cryptography`` seriously. The following are a set of |
| 5 | policies we have adopted to ensure that security issues are addressed in a |
| 6 | timely fashion. |
| 7 | |
| Alex Gaynor | 940c92f | 2016-02-19 06:34:39 -0500 | [diff] [blame^] | 8 | What is a security issue? |
| 9 | ------------------------- |
| 10 | |
| 11 | Anytime it's possible to write code using ``cryptography``'s public API which |
| 12 | does not provide the guarntees that a reasonable developer would expect it to |
| 13 | based on our documentation. |
| 14 | |
| 15 | That's a bit academic, but basically it means the scope of what we consider a |
| 16 | vulnerability is broad, and we do not require a proof of concept or even a |
| 17 | specific exploit, merely a reasonable threat model under which ``cryptography`` |
| 18 | could be attacked. |
| 19 | |
| 20 | To give a few examples of things we would consider security issues: |
| 21 | |
| 22 | * If a recipe, such as Fernet, made it easy for a user to bypass |
| 23 | confidentiality or integrity with the public API (e.g. if the API let a user |
| 24 | reuse nonces). |
| 25 | * If, under any circumstances, we used a CSPRNG which wasn't fork-safe. |
| 26 | * If ``cryptography`` used an API in an underlying C library and failed to |
| 27 | handle error conditions safely. |
| 28 | |
| 29 | Examples of things we wouldn't consider security issues: |
| 30 | |
| 31 | * Offering ECB mode for symmetric encryption. Though ECB is critically weak, it |
| 32 | is documented as being weak in our documentation. |
| 33 | * Using a variable time comparison somewhere, if it's not possible to |
| 34 | articulate any particular program in which this would result in problematic |
| 35 | information disclosure. |
| 36 | |
| 37 | In general, if you're unsure, we request that you to default to treating things |
| 38 | as security issues and handling them sensitively, the worst thing that can |
| 39 | happen is that we'll ask you to file a bug issue. |
| 40 | |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 41 | Reporting a security issue |
| 42 | -------------------------- |
| 43 | |
| 44 | We ask that you do not report security issues to our normal GitHub issue |
| 45 | tracker. |
| 46 | |
| 47 | If you believe you've identified a security issue with ``cryptography``, please |
| Alex Gaynor | 09dd287 | 2014-10-22 14:15:43 -0700 | [diff] [blame] | 48 | report it to ``alex.gaynor@gmail.com``. Messages may be optionally encrypted |
| 49 | with PGP using key fingerprint |
| Alex Gaynor | 940c92f | 2016-02-19 06:34:39 -0500 | [diff] [blame^] | 50 | ``F7FC 698F AAE2 D2EF BECD E98E D1B3 ADC0 E023 8CA6`` (this public key is |
| Alex Gaynor | 09dd287 | 2014-10-22 14:15:43 -0700 | [diff] [blame] | 51 | available from most commonly-used key servers). |
| Alex Gaynor | 99b69d9 | 2013-10-19 17:52:58 -0700 | [diff] [blame] | 52 | |
| Alex Gaynor | 9cd4b21 | 2014-01-10 06:54:21 -0800 | [diff] [blame] | 53 | Once you've submitted an issue via email, you should receive an acknowledgment |
| Alex Gaynor | 99b69d9 | 2013-10-19 17:52:58 -0700 | [diff] [blame] | 54 | within 48 hours, and depending on the action to be taken, you may receive |
| Alex Gaynor | 59075df | 2014-01-10 11:40:03 -0800 | [diff] [blame] | 55 | further follow-up emails. |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 56 | |
| 57 | Supported Versions |
| 58 | ------------------ |
| 59 | |
| 60 | At any given time, we will provide security support for the `master`_ branch |
| Alex Gaynor | 940c92f | 2016-02-19 06:34:39 -0500 | [diff] [blame^] | 61 | as well as the most recent release. |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 62 | |
| Terry Chia | 81fed66 | 2014-07-07 11:25:51 +0800 | [diff] [blame] | 63 | New releases for OpenSSL updates |
| 64 | -------------------------------- |
| 65 | |
| Alex Gaynor | 84cd139 | 2015-09-25 10:06:30 -0400 | [diff] [blame] | 66 | As of version 0.5, ``cryptography`` statically links OpenSSL on Windows, and as |
| 67 | of version 1.0.1 on OS X, to ease installation. Due to this, ``cryptography`` |
| 68 | will release a new version whenever OpenSSL has a security or bug fix release to |
| 69 | avoid shipping insecure software. |
| Terry Chia | 81fed66 | 2014-07-07 11:25:51 +0800 | [diff] [blame] | 70 | |
| 71 | Like all our other releases, this will be announced on the mailing list and we |
| 72 | strongly recommend that you upgrade as soon as possible. |
| 73 | |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 74 | Disclosure Process |
| 75 | ------------------ |
| 76 | |
| 77 | Our process for taking a security issue from private discussion to public |
| 78 | disclosure involves multiple steps. |
| 79 | |
| 80 | Approximately one week before full public disclosure, we will send advance |
| 81 | notification of the issue to a list of people and organizations, primarily |
| 82 | composed of operating-system vendors and other distributors of |
| Ayrx | ead04a4 | 2014-06-06 00:59:18 +0800 | [diff] [blame] | 83 | ``cryptography``. This notification will consist of an email message |
| 84 | containing: |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 85 | |
| 86 | * A full description of the issue and the affected versions of |
| 87 | ``cryptography``. |
| 88 | * The steps we will be taking to remedy the issue. |
| Ayrx | 189f170 | 2014-06-05 18:16:36 +0800 | [diff] [blame] | 89 | * The patches, if any, that will be applied to ``cryptography``. |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 90 | * The date on which the ``cryptography`` team will apply these patches, issue |
| Alex Gaynor | e2f523a | 2014-06-05 13:09:47 -0700 | [diff] [blame] | 91 | new releases, and publicly disclose the issue. |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 92 | |
| 93 | Simultaneously, the reporter of the issue will receive notification of the date |
| 94 | on which we plan to take the issue public. |
| 95 | |
| 96 | On the day of disclosure, we will take the following steps: |
| 97 | |
| Ayrx | 189f170 | 2014-06-05 18:16:36 +0800 | [diff] [blame] | 98 | * Apply the relevant patches to the ``cryptography`` repository. The commit |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 99 | messages for these patches will indicate that they are for security issues, |
| 100 | but will not describe the issue in any detail; instead, they will warn of |
| 101 | upcoming disclosure. |
| Ayrx | 189f170 | 2014-06-05 18:16:36 +0800 | [diff] [blame] | 102 | * Issue the relevant releases. |
| Ayrx | ffd8d43 | 2014-06-05 17:11:59 +0800 | [diff] [blame] | 103 | * Post a notice to the cryptography mailing list that describes the issue in |
| 104 | detail, point to the new release and crediting the reporter of the issue. |
| 105 | |
| 106 | If a reported issue is believed to be particularly time-sensitive – due to a |
| 107 | known exploit in the wild, for example – the time between advance notification |
| 108 | and public disclosure may be shortened considerably. |
| 109 | |
| 110 | The list of people and organizations who receives advanced notification of |
| 111 | security issues is not and will not be made public. This list generally |
| 112 | consists of high profile downstream distributors and is entirely at the |
| 113 | discretion of the ``cryptography`` team. |
| 114 | |
| 115 | .. _`master`: https://github.com/pyca/cryptography |