[OLPC Security] [Techteam] Crypto export and python-crypto

[C. Scott Ananian]

In email, Morgan writes:
> Jameson Chema Quinn is basing his crypto code for bundle signing on python-crypto: http://www.amk.ca/python/code/crypto.html

I personally would prefer that crypto code be based on the same
algorithms and formats we use elsewhere, as documented at:
  http://wiki.laptop.org/go/Firmware_Key_and_Signature_Formats#Antitheft.2FActivation_Lease

I took great care to ensure that the every bit in the format is
documented, and traceable in most cases to best practices outlined in
a standards document.  This is in marked contrast to places where
you'll find handwaving about "an RSA signature" (say) when there are
multiple ways to use RSA to generate a signature, many of them in fact
terribly bad.  (For example, OpenPGP uses an RSA signature scheme
vulnerable to an adaptive chosen ciphertext attack, and the known
covert channels in DSA signatures became very problematic in the
recent Debian/OpenSSL issues.)

Python bindings are at
http://dev.laptop.org/git?p=bios-crypto;a=summary and are available in
the olpccontents RPM on the XO.

Avoiding the need to declare additional crypto code for export is a
pleasant side effect of using the existing audited codebase; Michael
can tell you the extent to which that is (or is not) necessary in the
case of python-crypto.  I don't see anything in python-crypto which is
not included in bios-crypto; most of what python-crypto provides is
either out-of-date (should not be used in new applications) or
duplicates functionality already provided by the standard python
libraries (http://docs.python.org/lib/crypto.html).

Security-sensitive code should also be reviewed on the security list.