|
 |
8a5b2a |
From d250d169e87168903a543248d0bfd6c37f2f6841 Mon Sep 17 00:00:00 2001
|
|
|
8a5b2a |
From: Christian Heimes <christian@python.org>
|
|
|
8a5b2a |
Date: Tue, 22 Feb 2022 00:37:32 +0200
|
|
|
8a5b2a |
Subject: [PATCH 1/5] Block TripleDES in FIPS mode (#6879)
|
|
|
8a5b2a |
|
|
|
8a5b2a |
* Block TripleDES in FIPS mode
|
|
|
8a5b2a |
|
|
|
8a5b2a |
NIST SP-800-131A rev 2 lists TripleDES Encryption as disallowed in FIPS 140-3
|
|
|
8a5b2a |
decryption as legacy use. Three-key TDEA is listed as deprecated
|
|
|
8a5b2a |
throughout 2023 and disallowed after 2023.
|
|
|
8a5b2a |
|
|
|
8a5b2a |
For simplicity we block all use of TripleDES in FIPS mode.
|
|
|
8a5b2a |
|
|
|
8a5b2a |
Fixes: #6875
|
|
|
8a5b2a |
Signed-off-by: Christian Heimes <christian@python.org>
|
|
|
8a5b2a |
|
|
|
8a5b2a |
* Fix flake
|
|
|
8a5b2a |
---
|
|
|
8a5b2a |
src/cryptography/hazmat/backends/openssl/backend.py | 13 ++++++-------
|
|
|
8a5b2a |
tests/hazmat/primitives/utils.py | 4 ++++
|
|
|
8a5b2a |
2 files changed, 10 insertions(+), 7 deletions(-)
|
|
|
8a5b2a |
|
|
|
8a5b2a |
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
|
|
|
8a5b2a |
index 736452392..f38269e26 100644
|
|
|
8a5b2a |
--- a/src/cryptography/hazmat/backends/openssl/backend.py
|
|
|
8a5b2a |
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
|
|
|
8a5b2a |
@@ -134,7 +134,9 @@ class Backend(BackendInterface):
|
|
|
8a5b2a |
b"aes-192-gcm",
|
|
|
8a5b2a |
b"aes-256-gcm",
|
|
|
8a5b2a |
}
|
|
|
8a5b2a |
- _fips_ciphers = (AES, TripleDES)
|
|
|
8a5b2a |
+ # TripleDES encryption is disallowed/deprecated throughout 2023 in
|
|
|
8a5b2a |
+ # FIPS 140-3. To keep it simple we denylist any use of TripleDES (TDEA).
|
|
|
8a5b2a |
+ _fips_ciphers = (AES,)
|
|
|
8a5b2a |
# Sometimes SHA1 is still permissible. That logic is contained
|
|
|
8a5b2a |
# within the various *_supported methods.
|
|
|
8a5b2a |
_fips_hashes = (
|
|
|
8a5b2a |
@@ -323,12 +325,9 @@ class Backend(BackendInterface):
|
|
|
8a5b2a |
|
|
|
8a5b2a |
def cipher_supported(self, cipher, mode):
|
|
|
8a5b2a |
if self._fips_enabled:
|
|
|
8a5b2a |
- # FIPS mode requires AES or TripleDES, but only CBC/ECB allowed
|
|
|
8a5b2a |
- # in TripleDES mode.
|
|
|
8a5b2a |
- if not isinstance(cipher, self._fips_ciphers) or (
|
|
|
8a5b2a |
- isinstance(cipher, TripleDES)
|
|
|
8a5b2a |
- and not isinstance(mode, (CBC, ECB))
|
|
|
8a5b2a |
- ):
|
|
|
8a5b2a |
+ # FIPS mode requires AES. TripleDES is disallowed/deprecated in
|
|
|
8a5b2a |
+ # FIPS 140-3.
|
|
|
8a5b2a |
+ if not isinstance(cipher, self._fips_ciphers):
|
|
|
8a5b2a |
return False
|
|
|
8a5b2a |
|
|
|
8a5b2a |
try:
|
|
|
8a5b2a |
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
|
|
|
8a5b2a |
index 93f117828..a367343ca 100644
|
|
|
8a5b2a |
--- a/tests/hazmat/primitives/utils.py
|
|
|
8a5b2a |
+++ b/tests/hazmat/primitives/utils.py
|
|
|
8a5b2a |
@@ -469,6 +469,10 @@ def _kbkdf_cmac_counter_mode_test(backend, prf, ctr_loc, params):
|
|
|
8a5b2a |
algorithm = supported_cipher_algorithms.get(prf)
|
|
|
8a5b2a |
assert algorithm is not None
|
|
|
8a5b2a |
|
|
|
8a5b2a |
+ # TripleDES is disallowed in FIPS mode.
|
|
|
8a5b2a |
+ if backend._fips_enabled and algorithm is algorithms.TripleDES:
|
|
|
8a5b2a |
+ pytest.skip("TripleDES is not supported in FIPS mode.")
|
|
|
8a5b2a |
+
|
|
|
8a5b2a |
ctrkdf = KBKDFCMAC(
|
|
|
8a5b2a |
algorithm,
|
|
|
8a5b2a |
Mode.CounterMode,
|
|
|
8a5b2a |
--
|
|
|
8a5b2a |
2.35.1
|
|
|
8a5b2a |
|