Bug #85535 for Digest-MD5: Disabling MD5 in FIPS mode

Wed May 22 02:27:05 2013 ppisar [...] redhat.com - Ticket created

Subject:

Disabling MD5 in FIPS mode

FIPS 140-2 standard declares MD5 as insecure. The common practice is to disable all insecure algorithms when running a system in FIPS mode. I'm thinking how to extend Digest-MD5 to disable its service in FIPS mode. First I wanted to modify new() constructor that would return undef instead of Digest::MD5 object. However this return value is not documented and thus not expected by Digest::MD5 users. Although this approach would make sense. (However there is no way how to pass the reason for this error to the caller). Digest-MD5 provides functional interface too which means we have to affect these subroutines either. Another approach is to check for FIPS mode and die at Digest::MD5 load time. Actually Digest::MD5 can already die (e.g. if it cannot load the XS module and there is not pure-Perl implementation). However again, this case is not documented so nobody expects it. It would also require to change any application to make using Digest::MD5 optional and keep the state to the point where the MD5 is used in the application. OTOH, one could say modern way how to use any digest algorithm is via Digest->new(), but can we rely on that? What's you opinion? Where can you see the best place the Digest::MD5 should fail?

Wed May 22 17:19:06 2013 GAAS [...] cpan.org - Correspondence added

What is FIPS mode? Is this a mode selected by an environment variable or some global system setting?

If it's a global system configuration; why have Digest-MD5 installed at all in FIPS mode? I would suggest you just remove the module.

If you want the module to be installed, croaking when the module is loaded/used seems to be the way to go. This is certainly an exceptional condition (which makes raising an exception appropriate).

Wed May 22 17:19:07 2013 The RT System itself - Status changed from 'new' to 'open'

Thu May 23 01:51:28 2013 ppisar [...] redhat.com - Correspondence added

Subject:	Re: [rt.cpan.org #85535] Disabling MD5 in FIPS mode
Date:	Thu, 23 May 2013 07:51:08 +0200
To:	Gisle_Aas via RT <bug-Digest-MD5 [...] rt.cpan.org>
From:	Petr Pisar <ppisar [...] redhat.com>

On Wed, May 22, 2013 at 05:19:07PM -0400, Gisle_Aas via RT wrote: Show quoted text

> <URL: https://rt.cpan.org/Ticket/Display.html?id=85535 > > > What is FIPS mode? Is this a mode selected by an environment variable or some > global system setting? >

It can be both. At least I think. I know it's possible to put some cryptographic libraries into FIPS mode explicitly, however I aim to global system settings. E.g. In my case you can put a `fips=1' argument to Linux kernel and then the fact is availble in /proc/sys/crypto/fips_enabled pseudo-file. Show quoted text

> If it's a global system configuration; why have Digest-MD5 installed at all in > FIPS mode? I would suggest you just remove the module. >

There is problem in dependencies. Various Perl CPAN distributions states the Digest::MD5 a dependency, so you have to module in your system, otherwise you would not able to install desired Perl application. Show quoted text

> If you want the module to be installed, croaking when the module is > loaded/used seems to be the way to go. This is certainly an exceptional > condition (which makes raising an exception appropriate). >

I thought so. Thank you for your opinion. -- Petr

Download (untitled)
application/pgp-signature 230b

Message body not shown because it is not plain text.

Mon Jan 12 16:02:18 2015 GAAS [...] cpan.org - Status changed from 'open' to 'stalled'

Sat Sep 12 00:21:26 2020 TODDR [...] cpan.org - Correspondence added

Isn't the real problem that Digest::MD5 is shipped by perl and depended on by various mouldes? It seems to me you need to address this there first. https://github.com/perl/perl5

Sat Sep 12 00:21:27 2020 The RT System itself - Status changed from 'stalled' to 'open'

Mon Sep 14 04:36:50 2020 ppisar [...] redhat.com - Correspondence added

Dne So 12.zář.2020 00:21:26, TODDR napsal(a): Show quoted text

> Isn't the real problem that Digest::MD5 is shipped by perl and > depended on by various mouldes? It seems to me you need to address > this there first. https://github.com/perl/perl5

While lessening the use of Digest::MD5 is definitely welcomed, uninstalling an MD5-providing cryptographic library is not the way how real systems deal with the FIPS mode. FIPS is a boot option and the well-established cryptographic libraries, like OpenSSL or GnuTLS, handle it by returning an error when entering their MD5 functions. There are few reasons for it: First, you cannot uninstall the libraries, because it would break the dependencies, and because uninstalling a software during a system startup based on a boot option is not the best practice how to administer a system. Second, it's much easier to have the MD5 kill-switch implemented in the few cryptographic libraries, than to patch every existing user of theirs. Third, there is still a need for MD5 for different that cryptographic purposes. There are e.g. file formats that rely on it, or programs that use it for managing data storages. Then the implementation is be kept installed, and the few non-cryptographic usages are patched to signal their non-cryptographic purpose and unlock MD5 in the libraries. I know this scaffold approach sounds scary, but it is how it works the non-ideal world. By the way, this issue affects also Digest::SHA. I can imagine how Perl5 porters would react on the proposal to remove the Digest modules from core Perl.

Mon Oct 05 10:46:11 2020 TODDR [...] cpan.org - Correspondence added

Ticket migrated to github as https://github.com/Dual-Life/digest-md5/issues/10

Mon Oct 05 10:46:12 2020 TODDR [...] cpan.org - Status changed from 'open' to 'resolved'