Prefer stronger hash algorithms
Bug description
During Jingle transfer the weak hash function MD5 is used even when the contact supports strong hash function SHA2-512. This is because of a bug in __hash_support
in jingle.py
The current code is:
def __hash_support(self, contact):
if contact.supports(nbxmpp.NS_HASHES):
if contact.supports(nbxmpp.NS_HASHES_MD5):
return 'md5'
elif contact.supports(nbxmpp.NS_HASHES_SHA1):
return 'sha-1'
elif contact.supports(nbxmpp.NS_HASHES_SHA256):
return 'sha-256'
elif contact.supports(nbxmpp.NS_HASHES_SHA512):
return 'sha-512'
return None
The correct code should be:
def __hash_support(self, contact):
if contact.supports(nbxmpp.NS_HASHES):
if contact.supports(nbxmpp.NS_HASHES_SHA512):
return 'sha-512'
elif contact.supports(nbxmpp.NS_HASHES_SHA256):
return 'sha-256'
elif contact.supports(nbxmpp.NS_HASHES_SHA1):
return 'sha-1'
elif contact.supports(nbxmpp.NS_HASHES_MD5):
return 'md5'
return None
Steps to reproduce
Can be reproduced with Jingle file transfer