CDPD-49116: [py3] Update default SAML signing algorithm from SHA1 to …

…SHA256 (#3389) (cherry picked from commit eab9142) (cherry picked from commit 75b1968)
cloudera · Jul 17, 2023 · 45d13f5 · 45d13f5
1 parent fd9a695
commit 45d13f5
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/desktop/core/ext-py3/pysaml2-7.3.1/src/saml2/xmldsig/__init__.py b/desktop/core/ext-py3/pysaml2-7.3.1/src/saml2/xmldsig/__init__.py
@@ -21,7 +21,7 @@
 DIGEST_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#sha384"
 DIGEST_SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512"
 DIGEST_RIPEMD160 = "http://www.w3.org/2001/04/xmlenc#ripemd160"
-digest_default = DIGEST_SHA1
+digest_default = DIGEST_SHA256
 DIGEST_ALLOWED_ALG = (
     ("DIGEST_SHA1", DIGEST_SHA1),
     ("DIGEST_SHA224", DIGEST_SHA224),
@@ -46,7 +46,7 @@
 SIG_RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"
 SIG_RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
 SIG_RSA_RIPEMD160 = "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160"
-sig_default = SIG_RSA_SHA1
+sig_default = SIG_RSA_SHA256
 SIG_ALLOWED_ALG = (
     ("SIG_RSA_SHA1", SIG_RSA_SHA1),
     ("SIG_RSA_SHA224", SIG_RSA_SHA224),