[CSHARP-573] Change MD5 Hash for Machine Key to Something FIPS Compliant Created: 17/Sep/12 Updated: 18/Jun/20 Resolved: 22/Jun/15 |
|
| Status: | Closed |
| Project: | C# Driver |
| Component/s: | None |
| Affects Version/s: | 1.6 |
| Fix Version/s: | 2.0 |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Craig Wilson | Assignee: | Craig Wilson |
| Resolution: | Done | Votes: | 3 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Backwards Compatibility: | Minor Change | ||||||||||||||||||||||||
| Description |
|
See |
| Comments |
| Comment by Craig Wilson [ 22/Jun/15 ] | |||||||
|
Since we've actually solved the problem identified by this ticket, I've opened | |||||||
| Comment by Craig Wilson [ 22/Jun/15 ] | |||||||
|
Apparently, we changed MD5 for SHA256Managed which, while SHA-256 is FIPS compliant, this particular implementation hasn't been validated. We need to change to using the SHA256CryptoServiceProvider instead, which is FIPS validated. | |||||||
| Comment by Jeremy Herman [ 22/Jun/15 ] | |||||||
|
I'm still seeing this error. Any advice?
| |||||||
| Comment by Githook User [ 17/Apr/14 ] | |||||||
|
Author: {u'username': u'craiggwilson', u'name': u'Craig Wilson', u'email': u'craiggwilson@gmail.com'}Message: | |||||||
| Comment by Craig Wilson [ 25/Sep/13 ] | |||||||
|
If this is a new project, then another option is to not use ObjectIds and instead use Guids. We'll keep your needs in mine and perhaps accelerate a fix for this. | |||||||
| Comment by Paul Judson [ 25/Sep/13 ] | |||||||
|
Understood - that doesn't relate to how we are using Mongo so I didn't think of that. I think it was mentioned in the original thread for this that it would be nice to have a configuration setting that could be used so if a client wanted to use a Mongo supplied FIPS algorithm they could - so have two code paths that depend on the configuration setting. That would allow people who wanted to accept the side-effects to do so. For us it would be a big win because we have federal customers who require FIPS. As a short term fix we are hoping they will accept us using the .NET configuration to ignore FIPS since the MD5 is only for generating unique ids and not for anything security related. | |||||||
| Comment by Craig Wilson [ 25/Sep/13 ] | |||||||
|
ObjectId provides access to the individual components. We don't necessarily compare them internally, but it is potentially useful to determine if 2 documents were created on the same machine. Unless we switch to a hash that generates the first 3 bytes identically to how MD5 does, then it is no longer possible to do this. Probably not a large concern, but it is one. In addition, other drivers also use MD5 to generate the machine hash, so we'd no longer be generating identical ObjectIds. Again, not sure how important this is. | |||||||
| Comment by Paul Judson [ 25/Sep/13 ] | |||||||
|
The hash is only used to generate new IDs so I'm not sure I understand where you would be comparing an existing ID with a newly generated one (I may be missing your point here). Also, the method is just returning the first 3 bytes of the hash as part of the generation process so as long as the new hash algorithm still generated a relatively unique first 3 bytes I'm not sure there would be much difference from the client's point of view. | |||||||
| Comment by Craig Wilson [ 25/Sep/13 ] | |||||||
|
MD5 is used in two places in the driver, one for calculating the Machine Hash and one for authentication. As long as you aren't using authentication, then changing the Machine hash to something other than MD5 will allow compliance with FIPS. The problem with changing MD5 in the has has to do with loading up ObjectIds that were created before the change. The same machine will have 2 different hashes and thus comparing 2 ObjectIds becomes hit or miss. Thoughts? | |||||||
| Comment by Paul Judson [ 25/Sep/13 ] | |||||||
|
I have a question about this change. Is this directed at the method GetMachineHash in the default constructor of ObjectId()? We don't use authentication but obviously any time you want to let Mongo generate a new ID it eventually calls that default constructor which throws an exception. It doesn't sound to me like this would be related to authentication with the server but if it is I would like to understand how. The reason I'm asking is it seems like changing just this method wouldn't require a server change since all it's being used for is generating a unique ID and we were hoping we might get a fix for this sooner than the next stable server release. Thanks, Paul |