Open kc13greiner opened 1 month ago
Pinging @elastic/kibana-security (Team:Security)
Pinging @elastic/response-ops-cases (Feature:Cases)
Heya ~@christos68k~ / @vadimkibana ! Are you able to help me here?
Pinging the right Christos: @cnasikas
@cnasikas The flag is available. Ive updated the Description above - please let me know if I can provide any more info!
Ty @kc13greiner! I will put it in our backlog for 8.16.
Describe the feature:
The current file hashing algorithms that are being used are:
'md5', 'sha1', 'sha256'
See the following code https://github.com/elastic/kibana/blob/4fc13a4a586db2b3cc351e6a3d87f2c6471c5a55/x-pack/plugins/cases/server/files/index.ts#L29
We would like this functionality to be available when running in FIPS mode, but understand that the functionality utilizing
md5
is user facing and may be required.We have exposed a flag from Core Setup > Security, called
fips.isEnabled()
. This could be used to disable that functionality when KB is running in FIPS mode.Describe a specific use case for the feature:
To be FIPS compliant, we need to remove all uses of insecure hashing algorithms, which includes md5.
Acceptable hash algorithms can be found here on pg. 18 in Table 8