[CSHARP-4032] MD5.Create Method Use of Broken Cryptographic Algorithms Created: 01/Feb/22 Updated: 27/Oct/23 Resolved: 17/Feb/22 |
|
| Status: | Closed |
| Project: | C# Driver |
| Component/s: | API |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Bug | Priority: | Critical - P2 |
| Reporter: | Femi Osibote | Assignee: | Robert Stam |
| Resolution: | Gone away | Votes: | 0 |
| Labels: | Hashing, MD5, Violation | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Description |
SummaryMD5 Hashing Violation was found in Mongo Driver C#. https://docs.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca5351 The hashing algorithm used, MD5, has been found by researchers to be unsafe for protecting sensitive data with today's technology. Please provide the version of the driver. If applicable, please provide the MongoDB server version and topology (standalone, replica set, or sharded cluster)..NET Driver Version 2.14.1 How to ReproduceSteps to reproduce. If possible, please include a Short, Self Contained, Correct (Compilable), Example. Additional BackgroundPlease provide any additional background information that may be helpful in diagnosing the bug. *AuthenticationHelper.cs* mongo-csharp-driver/blob/master/src/MongoDB.Driver.Core/Core/Authentication/AuthenticationHelper.cs private static string MongoPasswordDigest(string username, byte[] passwordBytes) var buffer = new byte[prefixBytes.Length + passwordBytes.Length]; using (var md5 = MD5.Create()) { var hash = md5.ComputeHash(buffer); return BsonUtils.ToHexString(hash); }} } |
| Comments |
| Comment by PM Bot [ 17/Feb/22 ] |
|
There hasn't been any recent activity on this ticket, so we're resolving it. Thanks for reaching out! Please feel free to comment on this if you're able to provide more information. |
| Comment by Robert Stam [ 02/Feb/22 ] |
|
Hi Femi, Thank you for reporting this issue. It looks like you found this using static code analysis. This use of MD5 is only used when using older authentication mechanisms. You can avoid this code path entirely by using the SCRAM-SHA-256 authentication mechanism. We can't really remove this (yet at least) because in some installations it is still in use. There is a lot more information you can read about in the linked SECURITY-768 ticket (which was also created by you). |