Dedicated check for signature hash algorithms (#6931)

* Dedicated check for signature hash algorithms Move the check for FIPS mode and blocked SHA1 signature algorithm into the backend code. Some distros will block SHA1 for RSA signatures in the near future. The new ``signature_hash_supported()`` method will allow us to flip the switch in one place. Note: The ban of SHA1 signatures does not affect MGF1's inner hash algorithm. Signed-off-by: Christian Heimes <christian@python.org> * Address flake issues * Update src/cryptography/hazmat/backends/openssl/backend.py
author: Christian Heimes <christian@python.org> 2022-03-18 06:47:33 +0200
committer: GitHub <noreply@github.com> 2022-03-18 12:47:33 +0800
commit: decec8795ae10ca30e5be0a00fb53db2fe867dfb (patch)
tree: c2780c1b339ef7f9735700187c166b90caa7f01c /src/cryptography
parent: b0df70cd2deb8ae8d893a4701f3cb27bda04d5de (diff)
download: cryptography-decec8795ae10ca30e5be0a00fb53db2fe867dfb.tar.gz
1 files changed, 12 insertions, 2 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 543db5f28..8a77cb78a 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -326,6 +326,15 @@ class Backend:
         evp_md = self._evp_md_from_algorithm(algorithm)
         return evp_md != self._ffi.NULL
 
+    def signature_hash_supported(
+        self, algorithm: hashes.HashAlgorithm
+    ) -> bool:
+        # Dedicated check for hashing algorithm use in message digest for
+        # signatures, e.g. RSA PKCS#1 v1.5 SHA1 (sha1WithRSAEncryption).
+        if self._fips_enabled and isinstance(algorithm, hashes.SHA1):
+            return False
+        return self.hash_supported(algorithm)
+
     def scrypt_supported(self) -> bool:
         if self._fips_enabled:
             return False
@@ -723,7 +732,8 @@ class Backend:
         if isinstance(padding, PKCS1v15):
             return True
         elif isinstance(padding, PSS) and isinstance(padding._mgf, MGF1):
-            # SHA1 is permissible in MGF1 in FIPS
+            # SHA1 is permissible in MGF1 in FIPS even when SHA1 is blocked
+            # as signature algorithm.
             if self._fips_enabled and isinstance(
                 padding._mgf._algorithm, hashes.SHA1
             ):
@@ -854,7 +864,7 @@ class Backend:
     def dsa_hash_supported(self, algorithm: hashes.HashAlgorithm) -> bool:
         if not self.dsa_supported():
             return False
-        return self.hash_supported(algorithm)
+        return self.signature_hash_supported(algorithm)
 
     def cmac_algorithm_supported(self, algorithm) -> bool:
         return self.cipher_supported(
author	Christian Heimes <christian@python.org>	2022-03-18 06:47:33 +0200
committer	GitHub <noreply@github.com>	2022-03-18 12:47:33 +0800
commit	decec8795ae10ca30e5be0a00fb53db2fe867dfb (patch)
tree	c2780c1b339ef7f9735700187c166b90caa7f01c /src/cryptography
parent	b0df70cd2deb8ae8d893a4701f3cb27bda04d5de (diff)
download	cryptography-decec8795ae10ca30e5be0a00fb53db2fe867dfb.tar.gz