From 3cbe11a45195a4dcf6f3c385eac2965d1ab1fb72 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Wed, 30 Apr 2014 16:28:08 -0500
Subject: remove hash check in verifier as this isn't a proper restriction

---
 cryptography/hazmat/primitives/asymmetric/dsa.py |  9 +--------
 tests/hazmat/primitives/test_dsa.py              | 25 ------------------------
 2 files changed, 1 insertion(+), 33 deletions(-)

diff --git a/cryptography/hazmat/primitives/asymmetric/dsa.py b/cryptography/hazmat/primitives/asymmetric/dsa.py
index 0f7cf21a..57a7ef3d 100644
--- a/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -18,7 +18,7 @@ import six
 from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat.backends.interfaces import DSABackend
-from cryptography.hazmat.primitives import hashes, interfaces
+from cryptography.hazmat.primitives import interfaces
 
 
 def _check_dsa_parameters(modulus, subgroup_order, generator):
@@ -157,13 +157,6 @@ class DSAPublicKey(object):
                 "Backend object does not implement DSABackend",
                 _Reasons.BACKEND_MISSING_INTERFACE
             )
-        if not isinstance(algorithm, (hashes.SHA1, hashes.SHA224,
-                          hashes.SHA256, hashes.SHA384, hashes.SHA512)):
-            raise UnsupportedAlgorithm(
-                "Unsupported Hash Algorithm, please use one of these: "
-                "SHA1, SHA224, SHA256, SHA384, SHA512",
-                _Reasons.UNSUPPORTED_HASH
-            )
 
         return backend.create_dsa_verification_ctx(self, signature,
                                                    algorithm)
diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py
index e9c9ca24..3f65fd5a 100644
--- a/tests/hazmat/primitives/test_dsa.py
+++ b/tests/hazmat/primitives/test_dsa.py
@@ -766,31 +766,6 @@ class TestDSAVerification(object):
             with pytest.raises(AlreadyFinalized):
                 verifier.update(b"more data")
 
-    @pytest.mark.parametrize(
-        "vector",
-        load_vectors_from_file(
-            os.path.join(
-                "asymmetric", "DSA", "FIPS_186-3", "SigVer.rsp"),
-            load_fips_dsa_sig_vectors
-        )
-    )
-    def test_dsa_verifier_invalid_digest_algorithm(self, vector, backend):
-        digest_algorithm = vector['digest_algorithm'].replace("-", "")
-        algorithm = self._algorithms_dict[digest_algorithm]
-        if (not backend.dsa_parameters_supported(vector['p'], vector['q'])
-                or not backend.dsa_hash_supported(algorithm)):
-            pytest.skip(
-                "{0} does not support the provided parameters".format(backend)
-            )
-
-        public_key = dsa.DSAPublicKey(
-            vector['p'], vector['q'], vector['g'], vector['y']
-        )
-        sig = der_encode_dsa_signature(vector['r'], vector['s'])
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_HASH):
-            public_key.verifier(sig, hashes.MD5(), backend)
-
     def test_dsa_verifier_invalid_backend(self, backend):
         pretend_backend = object()
         params = dsa.DSAParameters.generate(1024, backend)
-- 
cgit v1.2.3