pstore in FIPS mode
Is there any chance to make PStore compatible with FIPS mode? PStore is using MD5 for data checksum, but MD5 is unsupported algorithm in FIPS mode unfortunately. It would be easy to use different hash algorithm, but I am afraid that backward compatibility would be lost. Thank you.
PStore: select checksum algorithm
- lib/pstore.rb (PStore::CHECKSUM_ALGO): find available hashing algorithm for checksum. MD5 is not available in FIPS mode. [Feature #6943]
#6 [ruby-core:76174] Updated by vo.x (Vit Ondruch) 10 months ago
Using internal implementation is just hiding the issue. I don't think this would be acceptable solution for FIPS certification, what would be the point then? It is quite easy to generate colliding hashes these days. It might not be that critical for PStore though ...
#7 [ruby-core:76178] Updated by nobu (Nobuyoshi Nakada) 10 months ago
Seems nothing to block, since md5 seems used just to see if the data is modified.