72 lines
2.7 KiB
Diff
72 lines
2.7 KiB
Diff
|
From d250d169e87168903a543248d0bfd6c37f2f6841 Mon Sep 17 00:00:00 2001
|
||
|
From: Christian Heimes <christian@python.org>
|
||
|
Date: Tue, 22 Feb 2022 00:37:32 +0200
|
||
|
Subject: [PATCH 1/5] Block TripleDES in FIPS mode (#6879)
|
||
|
|
||
|
* Block TripleDES in FIPS mode
|
||
|
|
||
|
NIST SP-800-131A rev 2 lists TripleDES Encryption as disallowed in FIPS 140-3
|
||
|
decryption as legacy use. Three-key TDEA is listed as deprecated
|
||
|
throughout 2023 and disallowed after 2023.
|
||
|
|
||
|
For simplicity we block all use of TripleDES in FIPS mode.
|
||
|
|
||
|
Fixes: #6875
|
||
|
Signed-off-by: Christian Heimes <christian@python.org>
|
||
|
|
||
|
* Fix flake
|
||
|
---
|
||
|
src/cryptography/hazmat/backends/openssl/backend.py | 13 ++++++-------
|
||
|
tests/hazmat/primitives/utils.py | 4 ++++
|
||
|
2 files changed, 10 insertions(+), 7 deletions(-)
|
||
|
|
||
|
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
|
||
|
index 736452392..f38269e26 100644
|
||
|
--- a/src/cryptography/hazmat/backends/openssl/backend.py
|
||
|
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
|
||
|
@@ -134,7 +134,9 @@ class Backend(BackendInterface):
|
||
|
b"aes-192-gcm",
|
||
|
b"aes-256-gcm",
|
||
|
}
|
||
|
- _fips_ciphers = (AES, TripleDES)
|
||
|
+ # TripleDES encryption is disallowed/deprecated throughout 2023 in
|
||
|
+ # FIPS 140-3. To keep it simple we denylist any use of TripleDES (TDEA).
|
||
|
+ _fips_ciphers = (AES,)
|
||
|
# Sometimes SHA1 is still permissible. That logic is contained
|
||
|
# within the various *_supported methods.
|
||
|
_fips_hashes = (
|
||
|
@@ -323,12 +325,9 @@ class Backend(BackendInterface):
|
||
|
|
||
|
def cipher_supported(self, cipher, mode):
|
||
|
if self._fips_enabled:
|
||
|
- # FIPS mode requires AES or TripleDES, but only CBC/ECB allowed
|
||
|
- # in TripleDES mode.
|
||
|
- if not isinstance(cipher, self._fips_ciphers) or (
|
||
|
- isinstance(cipher, TripleDES)
|
||
|
- and not isinstance(mode, (CBC, ECB))
|
||
|
- ):
|
||
|
+ # FIPS mode requires AES. TripleDES is disallowed/deprecated in
|
||
|
+ # FIPS 140-3.
|
||
|
+ if not isinstance(cipher, self._fips_ciphers):
|
||
|
return False
|
||
|
|
||
|
try:
|
||
|
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
|
||
|
index 93f117828..a367343ca 100644
|
||
|
--- a/tests/hazmat/primitives/utils.py
|
||
|
+++ b/tests/hazmat/primitives/utils.py
|
||
|
@@ -469,6 +469,10 @@ def _kbkdf_cmac_counter_mode_test(backend, prf, ctr_loc, params):
|
||
|
algorithm = supported_cipher_algorithms.get(prf)
|
||
|
assert algorithm is not None
|
||
|
|
||
|
+ # TripleDES is disallowed in FIPS mode.
|
||
|
+ if backend._fips_enabled and algorithm is algorithms.TripleDES:
|
||
|
+ pytest.skip("TripleDES is not supported in FIPS mode.")
|
||
|
+
|
||
|
ctrkdf = KBKDFCMAC(
|
||
|
algorithm,
|
||
|
Mode.CounterMode,
|
||
|
--
|
||
|
2.35.1
|
||
|
|