MD5 Usage in Case File Upload not compatible with FIPS mode - Githubissues

elastic / kibana

Your window into the Elastic Stack

https://www.elastic.co/products/kibana

Other

19.5k stars 8.06k forks source link

MD5 Usage in Case File Upload not compatible with FIPS mode #185600

Open kc13greiner opened 1 month ago

kc13greiner commented 1 month ago

Describe the feature:

The current file hashing algorithms that are being used are: 'md5', 'sha1', 'sha256'

See the following code https://github.com/elastic/kibana/blob/4fc13a4a586db2b3cc351e6a3d87f2c6471c5a55/x-pack/plugins/cases/server/files/index.ts#L29

We would like this functionality to be available when running in FIPS mode, but understand that the functionality utilizing md5 is user facing and may be required.

We have exposed a flag from Core Setup > Security, called fips.isEnabled(). This could be used to disable that functionality when KB is running in FIPS mode.

Screenshot 2024-06-20 at 9 55 17 PM

Describe a specific use case for the feature:

To be FIPS compliant, we need to remove all uses of insecure hashing algorithms, which includes md5.

Acceptable hash algorithms can be found here on pg. 18 in Table 8

elasticmachine commented 1 month ago

Pinging @elastic/kibana-security (Team:Security)

elasticmachine commented 1 month ago

Pinging @elastic/response-ops-cases (Feature:Cases)

kc13greiner commented 1 month ago

Heya ~@christos68k~ / @vadimkibana ! Are you able to help me here?

legrego commented 1 month ago

Pinging the right Christos: @cnasikas

kc13greiner commented 1 week ago

@cnasikas The flag is available. Ive updated the Description above - please let me know if I can provide any more info!

cnasikas commented 1 week ago

Ty @kc13greiner! I will put it in our backlog for 8.16.