From d250d169e87168903a543248d0bfd6c37f2f6841 Mon Sep 17 00:00:00 2001
From: Christian Heimes <christian@python.org>
Date: Tue, 22 Feb 2022 00:37:32 +0200
Subject: [PATCH 1/5] Block TripleDES in FIPS mode (#6879)
* Block TripleDES in FIPS mode
NIST SP-800-131A rev 2 lists TripleDES Encryption as disallowed in FIPS 140-3
decryption as legacy use. Three-key TDEA is listed as deprecated
throughout 2023 and disallowed after 2023.
For simplicity we block all use of TripleDES in FIPS mode.
Fixes: #6875
Signed-off-by: Christian Heimes <christian@python.org>
* Fix flake
---
src/cryptography/hazmat/backends/openssl/backend.py | 13 ++++++-------
tests/hazmat/primitives/utils.py | 4 ++++
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 736452392..f38269e26 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -134,7 +134,9 @@ class Backend(BackendInterface):
b"aes-192-gcm",
b"aes-256-gcm",
}
- _fips_ciphers = (AES, TripleDES)
+ # TripleDES encryption is disallowed/deprecated throughout 2023 in
+ # FIPS 140-3. To keep it simple we denylist any use of TripleDES (TDEA).
+ _fips_ciphers = (AES,)
# Sometimes SHA1 is still permissible. That logic is contained
# within the various *_supported methods.
_fips_hashes = (
@@ -323,12 +325,9 @@ class Backend(BackendInterface):
def cipher_supported(self, cipher, mode):
if self._fips_enabled:
- # FIPS mode requires AES or TripleDES, but only CBC/ECB allowed
- # in TripleDES mode.
- if not isinstance(cipher, self._fips_ciphers) or (
- isinstance(cipher, TripleDES)
- and not isinstance(mode, (CBC, ECB))
- ):
+ # FIPS mode requires AES. TripleDES is disallowed/deprecated in
+ # FIPS 140-3.
+ if not isinstance(cipher, self._fips_ciphers):
return False
try:
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index 93f117828..a367343ca 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -469,6 +469,10 @@ def _kbkdf_cmac_counter_mode_test(backend, prf, ctr_loc, params):
algorithm = supported_cipher_algorithms.get(prf)
assert algorithm is not None
+ # TripleDES is disallowed in FIPS mode.
+ if backend._fips_enabled and algorithm is algorithms.TripleDES:
+ pytest.skip("TripleDES is not supported in FIPS mode.")
+
ctrkdf = KBKDFCMAC(
algorithm,
Mode.CounterMode,
--
2.35.1