Feature #6943
closed
Added by vo.x (Vit Ondruch) about 12 years ago.
Updated about 8 years ago.
Description
Is there any chance to make PStore compatible with FIPS mode? PStore is using MD5 for data checksum, but MD5 is unsupported algorithm in FIPS mode unfortunately. It would be easy to use different hash algorithm, but I am afraid that backward compatibility would be lost. Thank you.
Related issues
1 (1 open — 0 closed)
- Target version set to 2.6
- Status changed from Open to Assigned
- Assignee set to MartinBosslet (Martin Bosslet)
- Assignee changed from MartinBosslet (Martin Bosslet) to 7150
Ping? Any chance to change the hashing algorithm?
lib/pstore.rb uses digest/md5, and it uses own implementation (ext/digest/md5/md5.c) if there's no openssl
or it doesn't support MD5, it extconf.rb works correctly.
Using internal implementation is just hiding the issue. I don't think this would be acceptable solution for FIPS certification, what would be the point then? It is quite easy to generate colliding hashes these days. It might not be that critical for PStore though ...
- Status changed from Assigned to Closed
Applied in changeset r56284.
PStore: select checksum algorithm
- lib/pstore.rb (PStore::CHECKSUM_ALGO): find available hashing
algorithm for checksum. MD5 is not available in FIPS mode.
[Feature #6943]
Also available in: Atom
PDF
Like0
Like0Like0Like0Like0Like0Like0Like0Like0
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by