[CSHARP-4032] MD5.Create Method Use of Broken Cryptographic Algorithms Created: 01/Feb/22  Updated: 27/Oct/23  Resolved: 17/Feb/22

Status: Closed
Project: C# Driver
Component/s: API
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Critical - P2
Reporter: Femi Osibote Assignee: Robert Stam
Resolution: Gone away Votes: 0
Labels: Hashing, MD5, Violation
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Duplicate
duplicates CSHARP-3729 Connection fails when using authentic... Closed

 Description   

Summary

MD5 Hashing Violation was found in Mongo Driver C#.
See Microsoft security rule CA5351

https://docs.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca5351

The hashing algorithm used, MD5, has been found by researchers to be unsafe for protecting sensitive data with today's technology.

Please provide the version of the driver. If applicable, please provide the MongoDB server version and topology (standalone, replica set, or sharded cluster).

.NET Driver Version 2.14.1

How to Reproduce

Steps to reproduce. If possible, please include a Short, Self Contained, Correct (Compilable), Example.

Additional Background

Please provide any additional background information that may be helpful in diagnosing the bug.
**Line affected in **

*AuthenticationHelper.cs*

mongo-csharp-driver/blob/master/src/MongoDB.Driver.Core/Core/Authentication/AuthenticationHelper.cs

private static string MongoPasswordDigest(string username, byte[] passwordBytes)
{
var prefixString = username + ":mongo:";
var prefixBytes = Utf8Encodings.Strict.GetBytes(prefixString);

var buffer = new byte[prefixBytes.Length + passwordBytes.Length];
var bufferHandle = GCHandle.Alloc(buffer, GCHandleType.Pinned);
try
{
Buffer.BlockCopy(prefixBytes, 0, buffer, 0, prefixBytes.Length);
Buffer.BlockCopy(passwordBytes, 0, buffer, prefixBytes.Length, passwordBytes.Length);

using (var md5 = MD5.Create())

{ var hash = md5.ComputeHash(buffer); return BsonUtils.ToHexString(hash); }

}
finally

{ Array.Clear(buffer, 0, buffer.Length); bufferHandle.Free(); }

}



 Comments   
Comment by PM Bot [ 17/Feb/22 ]

There hasn't been any recent activity on this ticket, so we're resolving it. Thanks for reaching out! Please feel free to comment on this if you're able to provide more information.

Comment by Robert Stam [ 02/Feb/22 ]

Hi Femi,

Thank you for reporting this issue.

It looks like you found this using static code analysis. This use of MD5 is only used when using older authentication mechanisms. You can avoid this code path entirely by using the SCRAM-SHA-256 authentication mechanism.

We can't really remove this (yet at least) because in some installations it is still in use.

There is a lot more information you can read about in the linked SECURITY-768 ticket (which was also created by you).

Generated at Wed Feb 07 21:47:00 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.