FIPS compatibility

[voxik]

I am testing Thor in FIPS mode [1]. Unfortunately it fails with following error:

md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!

Would you please consider to use different hashing algorithm such as SHA256 to make Thor FIPS compatible?

[1] http://en.wikipedia.org/wiki/FIPS_140

[voxik]

This patch would solve my issues. Unfortunately it does not keep backward compatibility with systems with already installed Thor recipes.

diff --git a/lib/thor/runner.rb b/lib/thor/runner.rb
index e32ae9c..4e444e6 100644
--- a/lib/thor/runner.rb
+++ b/lib/thor/runner.rb
@@ -5,7 +5,7 @@ require 'thor/core_ext/file_binary_read'
 require 'fileutils'
 require 'open-uri'
 require 'yaml'
-require 'digest/md5'
+require 'digest'
 require 'pathname'

 class Thor::Runner < Thor #:nodoc:
@@ -82,7 +82,7 @@ class Thor::Runner < Thor #:nodoc:
     end

     thor_yaml[as] = {
-      :filename   => Digest::MD5.hexdigest(name + as),
+      :filename   => Digest::SHA256.hexdigest(name + as),
       :location   => location,
       :namespaces => Thor::Util.namespaces_in_content(contents, base)
     }
diff --git a/spec/runner_spec.rb b/spec/runner_spec.rb
index da1a27c..9d04388 100644
--- a/spec/runner_spec.rb
+++ b/spec/runner_spec.rb
@@ -218,7 +218,7 @@ describe Thor::Runner do
         FileUtils.stub!(:touch)
         $stdin.stub!(:gets).and_return("Y")

-        path = File.join(Thor::Util.thor_root, Digest::MD5.hexdigest(@location + "random"))
+        path = File.join(Thor::Util.thor_root, Digest::SHA256.hexdigest(@location + "random"))
         File.should_receive(:open).with(path, "w")
       end

[MarkDBlackwell]

A suggestion for improving your patch: Adding a FIPS or SHA256 mode to Thor (selected by an environment variable) seemingly would provide FIPS compatibility to you while maintaining backwards compatibility for existing Thor recipes.

[voxik]

MD5 is obsoleted and already disabled in Fedora and RHEL by default. Could you please consider replacing MD5 as way to the future?

[trevor-vaughan]

👍 This is still an issue and breaking on FIPS enabled systems. It would be great to use an updated cipher or be able to select a default.

However, it should not do 'require/md5' by default since that alone will break on a system with FIPS enabled.

[op-ct]

FIPS mode breaks thor and any application that uses it (e.g., bundler).

What need to be done to get this patch merged?

[david-a-wheeler]

MD5 was broken a long, long time ago. It's long past time to switch to a stronger algorithm like SHA256 or SHA-3. It's not just FIPS mode - MD5 isn't in FIPS because it's a bad idea. Please switch!

[stanhu]

I submitted #785. Maybe a pull request will get more attention.

I'm not sure how severe the backwards compatibility problem actually is.