rpms/python3.14
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Support OpenSSL FIPS mode

Browse Source 
Disable the builtin hashlib hashes except blake2

Related: RHEL-120788
This commit is contained in:
Charalampos Stratakis 2026-01-09 05:05:03 +01:00
parent 9b2453c72b
commit 32108d9741
2 changed files with 825 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

803
00329-fips.patch Normal file
View File

@ -0,0 +1,803 @@
From f221281a0f983b36a214acc1d0159d97f4289d4b Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Thu, 12 Dec 2019 16:58:31 +0100
Subject: [PATCH 1/6] Expose blake2b and blake2s hashes from OpenSSL
These aren't as powerful as Python's own implementation, but they can be
used under FIPS.
---
Lib/test/test_hashlib.py | 6 ++
Modules/_hashopenssl.c | 43 ++++++++
Modules/clinic/_hashopenssl.c.h | 174 +++++++++++++++++++++++++++++++-
3 files changed, 222 insertions(+), 1 deletion(-)
diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
index 14a79a1..d27d919 100644
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -460,6 +460,12 @@ class HashLibTestCase(unittest.TestCase):
# 2 is for hashlib.name(...) and hashlib.new(name, ...)
self.assertGreaterEqual(len(constructors), 2)
for hash_object_constructor in constructors:
+
+ # OpenSSL's blake2b & blake2s don't support `key`
+ _name = hash_object_constructor.__name__
+ if 'key' in kwargs and _name.startswith('openssl_blake2'):
+ return
+
m = hash_object_constructor(data, **kwargs)
computed = m.hexdigest() if not shake else m.hexdigest(length)
self.assertEqual(
diff --git a/Modules/_hashopenssl.c b/Modules/_hashopenssl.c
index c8a76e1..acc514e 100644
--- a/Modules/_hashopenssl.c
+++ b/Modules/_hashopenssl.c
@@ -1180,6 +1180,47 @@ _hashlib_openssl_sha512_impl(PyObject *module, PyObject *data,
}
+/*[clinic input]
+_hashlib.openssl_blake2b
+
+ data: object(c_default="NULL") = b''
+ *
+ usedforsecurity: bool = True
+ string: object(c_default="NULL") = None
+
+Returns a blake2b hash object; optionally initialized with a string
+
+[clinic start generated code]*/
+
+static PyObject *
+_hashlib_openssl_blake2b_impl(PyObject *module, PyObject *data,
+ int usedforsecurity, PyObject *string)
+/*[clinic end generated code: output=095a91bfc9ed4f97 input=c57aef893a224b61]*/
+{
+ CALL_HASHLIB_NEW(module, Py_hash_blake2b, data, string, usedforsecurity);
+}
+
+/*[clinic input]
+_hashlib.openssl_blake2s
+
+ data: object(c_default="NULL") = b''
+ *
+ usedforsecurity: bool = True
+ string: object(c_default="NULL") = None
+
+Returns a blake2s hash object; optionally initialized with a string
+
+[clinic start generated code]*/
+
+static PyObject *
+_hashlib_openssl_blake2s_impl(PyObject *module, PyObject *data,
+ int usedforsecurity, PyObject *string)
+/*[clinic end generated code: output=cef59588c98df64c input=e8378f45ee417e8c]*/
+{
+ CALL_HASHLIB_NEW(module, Py_hash_blake2s, data, string, usedforsecurity);
+}
+
+
#ifdef PY_OPENSSL_HAS_SHA3
/*[clinic input]
@@ -2165,6 +2206,8 @@ static struct PyMethodDef EVP_functions[] = {
_HASHLIB_OPENSSL_SHA256_METHODDEF
_HASHLIB_OPENSSL_SHA384_METHODDEF
_HASHLIB_OPENSSL_SHA512_METHODDEF
+ _HASHLIB_OPENSSL_BLAKE2B_METHODDEF
+ _HASHLIB_OPENSSL_BLAKE2S_METHODDEF
_HASHLIB_OPENSSL_SHA3_224_METHODDEF
_HASHLIB_OPENSSL_SHA3_256_METHODDEF
_HASHLIB_OPENSSL_SHA3_384_METHODDEF
diff --git a/Modules/clinic/_hashopenssl.c.h b/Modules/clinic/_hashopenssl.c.h
index 6d55f46..d5db894 100644
--- a/Modules/clinic/_hashopenssl.c.h
+++ b/Modules/clinic/_hashopenssl.c.h
@@ -850,6 +850,178 @@ exit:
return return_value;
}
+PyDoc_STRVAR(_hashlib_openssl_blake2b__doc__,
+"openssl_blake2b($module, /, data=b\'\', *, usedforsecurity=True,\n"
+" string=None)\n"
+"--\n"
+"\n"
+"Returns a blake2b hash object; optionally initialized with a string");
+
+#define _HASHLIB_OPENSSL_BLAKE2B_METHODDEF \
+ {"openssl_blake2b", _PyCFunction_CAST(_hashlib_openssl_blake2b), METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_blake2b__doc__},
+
+static PyObject *
+_hashlib_openssl_blake2b_impl(PyObject *module, PyObject *data,
+ int usedforsecurity, PyObject *string);
+
+static PyObject *
+_hashlib_openssl_blake2b(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames)
+{
+ PyObject *return_value = NULL;
+ #if defined(Py_BUILD_CORE) && !defined(Py_BUILD_CORE_MODULE)
+
+ #define NUM_KEYWORDS 3
+ static struct {
+ PyGC_Head _this_is_not_used;
+ PyObject_VAR_HEAD
+ Py_hash_t ob_hash;
+ PyObject *ob_item[NUM_KEYWORDS];
+ } _kwtuple = {
+ .ob_base = PyVarObject_HEAD_INIT(&PyTuple_Type, NUM_KEYWORDS)
+ .ob_hash = -1,
+ .ob_item = { &_Py_ID(data), &_Py_ID(usedforsecurity), &_Py_ID(string), },
+ };
+ #undef NUM_KEYWORDS
+ #define KWTUPLE (&_kwtuple.ob_base.ob_base)
+
+ #else // !Py_BUILD_CORE
+ # define KWTUPLE NULL
+ #endif // !Py_BUILD_CORE
+
+ static const char * const _keywords[] = {"data", "usedforsecurity", "string", NULL};
+ static _PyArg_Parser _parser = {
+ .keywords = _keywords,
+ .fname = "openssl_blake2b",
+ .kwtuple = KWTUPLE,
+ };
+ #undef KWTUPLE
+ PyObject *argsbuf[3];
+ Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0;
+ PyObject *data = NULL;
+ int usedforsecurity = 1;
+ PyObject *string = NULL;
+
+ args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser,
+ /*minpos*/ 0, /*maxpos*/ 1, /*minkw*/ 0, /*varpos*/ 0, argsbuf);
+ if (!args) {
+ goto exit;
+ }
+ if (!noptargs) {
+ goto skip_optional_pos;
+ }
+ if (args[0]) {
+ data = args[0];
+ if (!--noptargs) {
+ goto skip_optional_pos;
+ }
+ }
+skip_optional_pos:
+ if (!noptargs) {
+ goto skip_optional_kwonly;
+ }
+ if (args[1]) {
+ usedforsecurity = PyObject_IsTrue(args[1]);
+ if (usedforsecurity < 0) {
+ goto exit;
+ }
+ if (!--noptargs) {
+ goto skip_optional_kwonly;
+ }
+ }
+ string = args[2];
+skip_optional_kwonly:
+ return_value = _hashlib_openssl_blake2b_impl(module, data, usedforsecurity, string);
+
+exit:
+ return return_value;
+}
+
+PyDoc_STRVAR(_hashlib_openssl_blake2s__doc__,
+"openssl_blake2s($module, /, data=b\'\', *, usedforsecurity=True,\n"
+" string=None)\n"
+"--\n"
+"\n"
+"Returns a blake2s hash object; optionally initialized with a string");
+
+#define _HASHLIB_OPENSSL_BLAKE2S_METHODDEF \
+ {"openssl_blake2s", _PyCFunction_CAST(_hashlib_openssl_blake2s), METH_FASTCALL|METH_KEYWORDS, _hashlib_openssl_blake2s__doc__},
+
+static PyObject *
+_hashlib_openssl_blake2s_impl(PyObject *module, PyObject *data,
+ int usedforsecurity, PyObject *string);
+
+static PyObject *
+_hashlib_openssl_blake2s(PyObject *module, PyObject *const *args, Py_ssize_t nargs, PyObject *kwnames)
+{
+ PyObject *return_value = NULL;
+ #if defined(Py_BUILD_CORE) && !defined(Py_BUILD_CORE_MODULE)
+
+ #define NUM_KEYWORDS 3
+ static struct {
+ PyGC_Head _this_is_not_used;
+ PyObject_VAR_HEAD
+ Py_hash_t ob_hash;
+ PyObject *ob_item[NUM_KEYWORDS];
+ } _kwtuple = {
+ .ob_base = PyVarObject_HEAD_INIT(&PyTuple_Type, NUM_KEYWORDS)
+ .ob_hash = -1,
+ .ob_item = { &_Py_ID(data), &_Py_ID(usedforsecurity), &_Py_ID(string), },
+ };
+ #undef NUM_KEYWORDS
+ #define KWTUPLE (&_kwtuple.ob_base.ob_base)
+
+ #else // !Py_BUILD_CORE
+ # define KWTUPLE NULL
+ #endif // !Py_BUILD_CORE
+
+ static const char * const _keywords[] = {"data", "usedforsecurity", "string", NULL};
+ static _PyArg_Parser _parser = {
+ .keywords = _keywords,
+ .fname = "openssl_blake2s",
+ .kwtuple = KWTUPLE,
+ };
+ #undef KWTUPLE
+ PyObject *argsbuf[3];
+ Py_ssize_t noptargs = nargs + (kwnames ? PyTuple_GET_SIZE(kwnames) : 0) - 0;
+ PyObject *data = NULL;
+ int usedforsecurity = 1;
+ PyObject *string = NULL;
+
+ args = _PyArg_UnpackKeywords(args, nargs, NULL, kwnames, &_parser,
+ /*minpos*/ 0, /*maxpos*/ 1, /*minkw*/ 0, /*varpos*/ 0, argsbuf);
+ if (!args) {
+ goto exit;
+ }
+ if (!noptargs) {
+ goto skip_optional_pos;
+ }
+ if (args[0]) {
+ data = args[0];
+ if (!--noptargs) {
+ goto skip_optional_pos;
+ }
+ }
+skip_optional_pos:
+ if (!noptargs) {
+ goto skip_optional_kwonly;
+ }
+ if (args[1]) {
+ usedforsecurity = PyObject_IsTrue(args[1]);
+ if (usedforsecurity < 0) {
+ goto exit;
+ }
+ if (!--noptargs) {
+ goto skip_optional_kwonly;
+ }
+ }
+ string = args[2];
+skip_optional_kwonly:
+ return_value = _hashlib_openssl_blake2s_impl(module, data, usedforsecurity, string);
+
+exit:
+ return return_value;
+}
+
#if defined(PY_OPENSSL_HAS_SHA3)
PyDoc_STRVAR(_hashlib_openssl_sha3_224__doc__,
@@ -1984,4 +2156,4 @@ exit:
#ifndef _HASHLIB_SCRYPT_METHODDEF
#define _HASHLIB_SCRYPT_METHODDEF
#endif /* !defined(_HASHLIB_SCRYPT_METHODDEF) */
-/*[clinic end generated code: output=a863ec4166ed2fbb input=a9049054013a1b77]*/
+/*[clinic end generated code: output=6f4c186bcc85824b input=a9049054013a1b77]*/
--
2.52.0
From 47a026d66f7fc98b829a5d1c34522203badccd39 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Thu, 25 Jul 2019 17:19:06 +0200
Subject: [PATCH 2/6] Disable Python's hash implementations in FIPS mode,
forcing OpenSSL
---
Lib/hashlib.py | 11 +++++++----
Lib/test/test_hashlib.py | 15 ++++++++++++++-
Modules/blake2module.c | 3 +++
Modules/hashlib.h | 19 +++++++++++++++++++
configure.ac | 5 ++++-
5 files changed, 47 insertions(+), 6 deletions(-)
diff --git a/Lib/hashlib.py b/Lib/hashlib.py
index 0e9bd98..d4cf89c 100644
--- a/Lib/hashlib.py
+++ b/Lib/hashlib.py
@@ -70,14 +70,17 @@ __all__ = __always_supported + ('new', 'algorithms_guaranteed',
__builtin_constructor_cache = {}
-# Prefer our blake2 implementation
+# Prefer our blake2 implementation (unless in FIPS mode)
# OpenSSL 1.1.0 comes with a limited implementation of blake2b/s. The OpenSSL
# implementations neither support keyed blake2 (blake2 MAC) nor advanced
# features like salt, personalization, or tree hashing. OpenSSL hash-only
# variants are available as 'blake2b512' and 'blake2s256', though.
-__block_openssl_constructor = {
- 'blake2b', 'blake2s',
-}
+import _hashlib
+if _hashlib.get_fips_mode():
+ __block_openssl_constructor = set()
+else:
+ __block_openssl_constructor = {'blake2b', 'blake2s'}
+
def __get_builtin_constructor(name):
cache = __builtin_constructor_cache
diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
index d27d919..fe19d1a 100644
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -37,8 +37,15 @@ else:
builtin_hash_names = builtin_hashes.strip('"').lower().split(",")
builtin_hashes = set(map(str.strip, builtin_hash_names))
-# Public 'hashlib' module with OpenSSL backend for PBKDF2.
+# RHEL: `_hashlib` is always importable and `hashlib` can't be imported
+# without it.
openssl_hashlib = import_fresh_module('hashlib', fresh=['_hashlib'])
+try:
+ builtin_hashlib = import_fresh_module('hashlib', blocked=['_hashlib'])
+except ImportError:
+ builtin_hashlib = None
+else:
+ raise AssertionError('hashlib is importable without _hashlib')
try:
import _hashlib
@@ -119,6 +126,12 @@ class HashLibTestCase(unittest.TestCase):
error,
exc_info=error,
)
+ except ImportError:
+ if get_fips_mode() and module_name == '_blake2':
+ # blake2b & blake2s disabled under FIPS
+ return None
+ else:
+ raise
return None
def __init__(self, *args, **kwargs):
diff --git a/Modules/blake2module.c b/Modules/blake2module.c
index ae37e2d..8114381 100644
--- a/Modules/blake2module.c
+++ b/Modules/blake2module.c
@@ -303,6 +303,7 @@ static struct PyModuleDef blake2_module = {
PyMODINIT_FUNC
PyInit__blake2(void)
{
+ FAIL_RETURN_IN_FIPS_MODE(PyExc_ImportError, "blake2");
return PyModuleDef_Init(&blake2_module);
}
@@ -459,6 +460,8 @@ py_blake2b_or_s_new(PyTypeObject *type, PyObject *data, int digest_size,
Blake2Object *self = NULL;
Py_buffer buf;
+ FAIL_RETURN_IN_FIPS_MODE(PyExc_ValueError, "_blake2");
+
self = new_Blake2Object(type);
if (self == NULL) {
goto error;
diff --git a/Modules/hashlib.h b/Modules/hashlib.h
index a80b195..3b9e96c 100644
--- a/Modules/hashlib.h
+++ b/Modules/hashlib.h
@@ -1,5 +1,9 @@
/* Common code for use by all hashlib related modules. */
+// RHEL: use OpenSSL to turn off unsupported modules under FIPS mode
+// EVP_default_properties_is_fips_enabled() on OpenSSL 3.0+
+#include <openssl/evp.h>
+
#include "pycore_lock.h" // PyMutex
/*
@@ -105,3 +109,18 @@ _Py_hashlib_data_argument(PyObject **res, PyObject *data, PyObject *string)
return -1;
}
}
+
+// RHEL: FIPS mode detection (OpenSSL 3.0+ only)
+__attribute__((__unused__))
+static int
+_Py_hashlib_fips_error(PyObject *exc, char *name) {
+ if (EVP_default_properties_is_fips_enabled(NULL)) {
+ PyErr_Format(exc, "%s is not available in FIPS mode", name);
+ return 1;
+ }
+ return 0;
+}
+
+#define FAIL_RETURN_IN_FIPS_MODE(exc, name) do { \
+ if (_Py_hashlib_fips_error(exc, name)) return NULL; \
+} while (0)
diff --git a/configure.ac b/configure.ac
index b09c4a9..3c8204b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8086,7 +8086,10 @@ PY_HACL_CREATE_MODULE([MD5], [_md5], [test "$with_builtin_md5" = yes])
PY_HACL_CREATE_MODULE([SHA1], [_sha1], [test "$with_builtin_sha1" = yes])
PY_HACL_CREATE_MODULE([SHA2], [_sha2], [test "$with_builtin_sha2" = yes])
PY_HACL_CREATE_MODULE([SHA3], [_sha3], [test "$with_builtin_sha3" = yes])
-PY_HACL_CREATE_MODULE([BLAKE2], [_blake2], [test "$with_builtin_blake2" = yes])
+dnl RHEL: _blake2 needs OpenSSL for FIPS mode detection
+PY_STDLIB_MOD([_blake2], [test "$with_builtin_blake2" = yes], [],
+ [$LIBHACL_CFLAGS $OPENSSL_INCLUDES],
+ [\$(LIBHACL_BLAKE2_LIB_$LIBHACL_LDEPS_LIBTYPE) $OPENSSL_LDFLAGS $OPENSSL_LDFLAGS_RPATH $OPENSSL_LIBS])
dnl HMAC builtin library does not need OpenSSL for now. In the future
dnl we might want to rely on OpenSSL EVP/NID interface or implement
--
2.52.0
From 68be1b88dfef6eaff8c3ce00eade25578ae3f3e4 Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Fri, 29 Jan 2021 14:16:21 +0100
Subject: [PATCH 3/6] Use python's fall back crypto implementations only if we
are not in FIPS mode
---
Lib/hashlib.py | 8 +++++---
Lib/test/test_hashlib.py | 22 +++++++++++++++++++++-
2 files changed, 26 insertions(+), 4 deletions(-)
diff --git a/Lib/hashlib.py b/Lib/hashlib.py
index d4cf89c..c41805c 100644
--- a/Lib/hashlib.py
+++ b/Lib/hashlib.py
@@ -83,6 +83,8 @@ else:
def __get_builtin_constructor(name):
+ if _hashlib.get_fips_mode():
+ raise ValueError('unsupported hash type ' + name + ' (in FIPS mode)')
cache = __builtin_constructor_cache
constructor = cache.get(name)
if constructor is not None:
@@ -178,21 +180,21 @@ try:
except ImportError:
_hashlib = None
new = __py_new
- __get_hash = __get_builtin_constructor
+ raise # importing _hashlib should never fail on RHEL
try:
# OpenSSL's PKCS5_PBKDF2_HMAC requires OpenSSL 1.0+ with HMAC and SHA
from _hashlib import pbkdf2_hmac
__all__ += ('pbkdf2_hmac',)
except ImportError:
- pass
+ raise # importing _hashlib should never fail on RHEL
try:
# OpenSSL's scrypt requires OpenSSL 1.1+
from _hashlib import scrypt # noqa: F401
except ImportError:
- pass
+ raise # importing _hashlib should never fail on RHEL
def file_digest(fileobj, digest, /, *, _bufsize=2**18):
diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
index fe19d1a..da03826 100644
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -175,7 +175,13 @@ class HashLibTestCase(unittest.TestCase):
constructors.add(constructor)
def add_builtin_constructor(name):
- constructor = getattr(hashlib, "__get_builtin_constructor")(name)
+ try:
+ constructor = getattr(hashlib, "__get_builtin_constructor")(name)
+ except ValueError:
+ if get_fips_mode():
+ return
+ else:
+ raise
self.constructors_to_test[name].add(constructor)
_md5 = self._conditional_import_module('_md5')
@@ -339,6 +345,20 @@ class HashLibTestCase(unittest.TestCase):
def test_new_upper_to_lower(self):
self.assertEqual(hashlib.new("SHA256").name, "sha256")
+ @unittest.skipUnless(get_fips_mode(), "Builtin constructor only usable in FIPS mode")
+ def test_get_builtin_constructor_fips(self):
+ get_builtin_constructor = getattr(hashlib,
+ '__get_builtin_constructor')
+ with self.assertRaises(ValueError):
+ get_builtin_constructor('md5')
+ with self.assertRaises(ValueError):
+ get_builtin_constructor('sha256')
+ with self.assertRaises(ValueError):
+ get_builtin_constructor('blake2s')
+ with self.assertRaises(ValueError):
+ get_builtin_constructor('test')
+
+ @unittest.skipIf(get_fips_mode(), "No builtin constructors in FIPS mode")
@support.thread_unsafe("modifies sys.modules")
def test_get_builtin_constructor(self):
get_builtin_constructor = getattr(hashlib,
--
2.52.0
From 969d20afa822159152e695e63e206cfaf3a3fa3f Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Wed, 31 Jul 2019 15:43:43 +0200
Subject: [PATCH 4/6] Test equivalence of hashes for the various digests with
usedforsecurity=True/False
---
Lib/test/test_fips.py | 24 ++++++++++++++++++++++++
Lib/test/test_hashlib.py | 39 ++++++++++++++++++++++++++++++++++-----
2 files changed, 58 insertions(+), 5 deletions(-)
create mode 100644 Lib/test/test_fips.py
diff --git a/Lib/test/test_fips.py b/Lib/test/test_fips.py
new file mode 100644
index 0000000..1f99dd7
--- /dev/null
+++ b/Lib/test/test_fips.py
@@ -0,0 +1,24 @@
+import unittest
+import hashlib, _hashlib
+
+
+
+class HashlibFipsTests(unittest.TestCase):
+
+ @unittest.skipUnless(_hashlib.get_fips_mode(), "Test only when FIPS is enabled")
+ def test_fips_imports(self):
+ """blake2s and blake2b should fail to import in FIPS mode
+ """
+ with self.assertRaises(ValueError, msg='blake2s not available in FIPS'):
+ m = hashlib.blake2s()
+ with self.assertRaises(ValueError, msg='blake2b not available in FIPS'):
+ m = hashlib.blake2b()
+
+ @unittest.skipIf(_hashlib.get_fips_mode(), "blake2 hashes are not available under FIPS")
+ def test_blake2_hashes(self):
+ self.assertEqual(hashlib.blake2b(b'abc').hexdigest(), _hashlib.openssl_blake2b(b'abc').hexdigest())
+ self.assertEqual(hashlib.blake2s(b'abc').hexdigest(), _hashlib.openssl_blake2s(b'abc').hexdigest())
+
+
+if __name__ == "__main__":
+ unittest.main()
diff --git a/Lib/test/test_hashlib.py b/Lib/test/test_hashlib.py
index da03826..a2854e9 100644
--- a/Lib/test/test_hashlib.py
+++ b/Lib/test/test_hashlib.py
@@ -26,6 +26,7 @@ from test.support.import_helper import import_fresh_module
from test.support import requires_resource
from test.support import threading_helper
from http.client import HTTPException
+from functools import partial
default_builtin_hashes = {'md5', 'sha1', 'sha2', 'sha3', 'blake2'}
@@ -60,6 +61,11 @@ if not get_fips_mode:
def get_fips_mode():
return 0
+if get_fips_mode():
+ FIPS_DISABLED = {'md5'}
+else:
+ FIPS_DISABLED = set()
+
try:
import _blake2
except ImportError:
@@ -101,6 +107,14 @@ def read_vectors(hash_name):
parts[0] = bytes.fromhex(parts[0])
yield parts
+def _get_constructor_name(constructor):
+ if isinstance(constructor, partial):
+ constructor = constructor.func
+ return getattr(constructor, '__name__', repr(constructor))
+
+def _is_blake2_constructor(constructor):
+ return _get_constructor_name(constructor).startswith('openssl_blake2')
+
class HashLibTestCase(unittest.TestCase):
supported_hash_names = ( 'md5', 'MD5', 'sha1', 'SHA1',
@@ -268,7 +282,7 @@ class HashLibTestCase(unittest.TestCase):
@unittest.skipIf(get_fips_mode(), "skip in FIPS mode")
def test_clinic_signature(self):
for constructor in self.hash_constructors:
- with self.subTest(constructor.__name__):
+ with self.subTest(_get_constructor_name(constructor)):
constructor(b'')
constructor(data=b'')
constructor(string=b'') # should be deprecated in the future
@@ -327,7 +341,7 @@ class HashLibTestCase(unittest.TestCase):
]:
for constructor in self.hash_constructors:
digest_name = constructor(b'').name
- with self.subTest(constructor.__name__, args=args, kwds=kwds):
+ with self.subTest(_get_constructor_name(constructor), args=args, kwds=kwds):
with self.assertRaisesRegex(TypeError, errmsg):
constructor(*args, **kwds)
with self.subTest(digest_name, args=args, kwds=kwds):
@@ -420,6 +434,8 @@ class HashLibTestCase(unittest.TestCase):
self.assertIn(h.name, self.supported_hash_names)
else:
self.assertNotIn(h.name, self.supported_hash_names)
+ if not h.name.startswith('blake2') and h.name not in FIPS_DISABLED:
+ self.assertEqual(h.name, hashlib.new(h.name).name)
self.assertEqual(
h.name,
hashlib.new(h.name, usedforsecurity=False).name
@@ -495,9 +511,11 @@ class HashLibTestCase(unittest.TestCase):
for hash_object_constructor in constructors:
# OpenSSL's blake2b & blake2s don't support `key`
- _name = hash_object_constructor.__name__
- if 'key' in kwargs and _name.startswith('openssl_blake2'):
- return
+ if (
+ 'key' in kwargs
+ and _is_blake2_constructor(hash_object_constructor)
+ ):
+ continue
m = hash_object_constructor(data, **kwargs)
computed = m.hexdigest() if not shake else m.hexdigest(length)
@@ -1133,6 +1151,17 @@ class HashLibTestCase(unittest.TestCase):
with self.assertRaisesRegex(TypeError, "immutable type"):
hash_type.value = False
+ @unittest.skipUnless(get_fips_mode(), 'Needs FIPS mode.')
+ def test_usedforsecurity_repeat(self):
+ # Repeat 3 times to catch state leakage: the successful
+ # usedforsecurity=False call must not affect subsequent calls.
+ for i in range(3):
+ for cons in hashlib.md5, partial(hashlib.new, 'md5'):
+ self.assertRaises(ValueError, cons)
+ self.assertRaises(ValueError, partial(cons, usedforsecurity=True))
+ self.assertEqual(cons(usedforsecurity=False).hexdigest(),
+ 'd41d8cd98f00b204e9800998ecf8427e')
+
class KDFTests(unittest.TestCase):
--
2.52.0
From fba19a5e48259da8f5d471db48397ad1d53b0046 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pviktori@redhat.com>
Date: Mon, 26 Aug 2019 19:39:48 +0200
Subject: [PATCH 5/6] Guard against Python HMAC in FIPS mode
---
Lib/hmac.py | 13 +++++++++----
Lib/test/test_hmac.py | 9 +++++++++
2 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/Lib/hmac.py b/Lib/hmac.py
index 16022c9..cda0780 100644
--- a/Lib/hmac.py
+++ b/Lib/hmac.py
@@ -18,8 +18,9 @@ try:
except ImportError:
_hmac = None
-trans_5C = bytes((x ^ 0x5C) for x in range(256))
-trans_36 = bytes((x ^ 0x36) for x in range(256))
+if _hashopenssl is None or not _hashopenssl.get_fips_mode():
+ trans_5C = bytes((x ^ 0x5C) for x in range(256))
+ trans_36 = bytes((x ^ 0x36) for x in range(256))
# The size of the digests returned by HMAC depends on the underlying
# hashing module used. Use digest_size from the instance of HMAC instead.
@@ -77,12 +78,13 @@ class HMAC:
self.__init(key, msg, digestmod)
def __init(self, key, msg, digestmod):
- if _hashopenssl and isinstance(digestmod, (str, _functype)):
+ if _hashopenssl and (_hashopenssl.get_fips_mode() or isinstance(digestmod, (str, _functype))):
try:
self._init_openssl_hmac(key, msg, digestmod)
return
except _hashopenssl.UnsupportedDigestmodError: # pragma: no cover
- pass
+ if _hashopenssl.get_fips_mode():
+ raise
if _hmac and isinstance(digestmod, str):
try:
self._init_builtin_hmac(key, msg, digestmod)
@@ -106,6 +108,9 @@ class HMAC:
self.block_size = self._hmac.block_size
def _init_old(self, key, msg, digestmod):
+ if _hashopenssl is not None and _hashopenssl.get_fips_mode():
+ # In FIPS mode, use OpenSSL anyway: raise the appropriate error
+ return self._init_openssl_hmac(key, msg, digestmod)
import warnings
digest_cons = _get_digest_constructor(digestmod)
diff --git a/Lib/test/test_hmac.py b/Lib/test/test_hmac.py
index 344c6dd..82d5694 100644
--- a/Lib/test/test_hmac.py
+++ b/Lib/test/test_hmac.py
@@ -24,6 +24,7 @@ import random
import types
import unittest
import warnings
+from _hashlib import get_fips_mode
from _operator import _compare_digest as operator_compare_digest
from test.support import _4G, bigmemtest
from test.support import check_disallow_instantiation
@@ -721,6 +722,7 @@ class RFCTestCaseMixin(HashFunctionsTrait, AssertersMixin):
)
+@unittest.skipIf(get_fips_mode(), "_init_old redirects to OpenSSL in FIPS mode")
class PurePythonInitHMAC(PyModuleMixin, HashFunctionsTrait):
@classmethod
@@ -1218,6 +1220,7 @@ class CopyBaseTestCase:
raise NotImplementedError
+@unittest.skipIf(get_fips_mode(), "_init_old redirects to OpenSSL in FIPS mode")
@hashlib_helper.requires_hashdigest('sha256')
class PythonCopyTestCase(CopyBaseTestCase, unittest.TestCase):
@@ -1480,6 +1483,11 @@ class PyMiscellaneousTests(unittest.TestCase):
def digest(self):
return self._x.digest()
+ if get_fips_mode():
+ with self.assertRaises(ValueError):
+ hmac.HMAC(b'a', b'b', digestmod=MockCrazyHash)
+ return
+
with warnings.catch_warnings():
warnings.simplefilter('error', RuntimeWarning)
with self.assertRaises(RuntimeWarning):
@@ -1491,6 +1499,7 @@ class PyMiscellaneousTests(unittest.TestCase):
hmac.HMAC(b'a', b'b', digestmod=MockCrazyHash)
self.fail('Expected warning about small block_size')
+ @unittest.skipIf(get_fips_mode(), "No builtin constructors in FIPS mode")
@hashlib_helper.requires_hashdigest('sha256')
def test_with_fallback(self):
cache = getattr(hashlib, '__builtin_constructor_cache')
--
2.52.0
From 81fdd9d6786ee51fa4dcf7055906459fa487d048 Mon Sep 17 00:00:00 2001
From: Charalampos Stratakis <cstratak@redhat.com>
Date: Sat, 10 Jan 2026 23:24:10 +0100
Subject: [PATCH 6/6] Disable _hmac when not all builtin hash modules are built
---
configure.ac | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 3c8204b..084502b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8097,7 +8097,11 @@ dnl our own for algorithm resolution.
dnl
dnl For Emscripten, we disable HACL* HMAC as it is tricky to make it work.
dnl See https://github.com/python/cpython/issues/133042.
-PY_HACL_CREATE_MODULE([HMAC], [_hmac], [test "$ac_sys_system" != "Emscripten"])
+dnl
+dnl _hmac requires all HACL* hash modules (LIBHACL_HMAC_OBJS includes
+dnl MD5, SHA1, SHA2, SHA3, BLAKE2). Disable if not all are built.
+PY_HACL_CREATE_MODULE([HMAC], [_hmac],
+ [test "$with_builtin_md5" = yes -a "$with_builtin_sha1" = yes -a "$with_builtin_sha2" = yes -a "$with_builtin_sha3" = yes -a "$with_builtin_blake2" = yes -a "$ac_sys_system" != "Emscripten"])
### end(cryptographic primitives)
PY_STDLIB_MOD([_ctypes],
--
2.52.0

28
python3.14.spec
View File

@ -49,7 +49,7 @@ URL: https://www.python.org/
#global prerel ...
%global upstream_version %{general_version}%{?prerel}
Version: %{general_version}%{?prerel:~%{prerel}}
Release: 2%{?dist}
Release: 3%{?dist}
License: Python-2.0.1
@ -369,6 +369,21 @@ Source11: idle3.appdata.xml
# pypa/distutils integration: https://github.com/pypa/distutils/pull/70
Patch251: 00251-change-user-install-location.patch
# 00329 #
# Support OpenSSL FIPS mode
# - In FIPS mode, OpenSSL wrappers are always used in hashlib
# - The "usedforsecurity" keyword argument can be used to the various digest
# algorithms in hashlib so that you can whitelist a callsite with
# "usedforsecurity=False"
# - OpenSSL wrappers for the hashes blake2{b512,s256},
# - In FIPS mode, the blake2 hashes use OpenSSL wrappers
# and do not offer extended functionality (keys, tree hashing, custom digest size)
#
# - In FIPS mode, hmac.HMAC can only be instantiated with an OpenSSL wrapper
# or a string with OpenSSL hash name as the "digestmod" argument.
# The argument must be specified (instead of defaulting to md5).
Patch329: 00329-fips.patch
# 00464 # 292acffec7a379cb6d1f3c47b9e5a2f170bbadb6
# Enable PAC and BTI protections for aarch64
#
@ -1051,6 +1066,7 @@ BuildPython() {
--with-dtrace \
--with-lto \
--with-ssl-default-suites=openssl \
--with-builtin-hashlib-hashes=blake2 \
--without-static-libpython \
%if %{with rpmwheels}
--with-wheel-pkg-dir=%{python_wheel_dir} \
@ -1618,14 +1634,12 @@ CheckPython freethreading
%{1}/_elementtree.%{2}.so\
%{1}/_hashlib.%{2}.so\
%{1}/_heapq.%{2}.so\
%{1}/_hmac.%{2}.so\
%{1}/_interpchannels.%{2}.so\
%{1}/_interpqueues.%{2}.so\
%{1}/_interpreters.%{2}.so\
%{1}/_json.%{2}.so\
%{1}/_lsprof.%{2}.so\
%{1}/_lzma.%{2}.so\
%{1}/_md5.%{2}.so\
%{1}/_multibytecodec.%{2}.so\
%{1}/_multiprocessing.%{2}.so\
%{1}/_pickle.%{2}.so\
@ -1634,9 +1648,6 @@ CheckPython freethreading
%{1}/_queue.%{2}.so\
%{1}/_random.%{2}.so\
%{1}/_remote_debugging.%{2}.so\
%{1}/_sha1.%{2}.so\
%{1}/_sha2.%{2}.so\
%{1}/_sha3.%{2}.so\
%{1}/_socket.%{2}.so\
%{1}/_sqlite3.%{2}.so\
%{1}/_ssl.%{2}.so\
@ -1961,6 +1972,11 @@ CheckPython freethreading
# ======================================================
%changelog
* Mon Jan 19 2026 Charalampos Stratakis <cstratak@redhat.com> - 3.14.2-3
- Support OpenSSL FIPS mode
- Disable the builtin hashlib hashes except blake2
Related: RHEL-120788
* Mon Jan 12 2026 Karolina Surma <ksurma@redhat.com> - 3.14.2-2
- Explicitly require expat >= 2.7.2