FIPS compatible hashing in Event Store

igor.segodnya · February 6, 2018, 4:51pm

Hi,

We at Snow Software use EventStore in some of the company’s projects and are excited about the capabilities of the product. However, some of our customers are obliged to run machines in FIPS-140-2 enforcing (compliant) mode. It forbids usage of any incompliant implementations of cryptographic algorithms, and MD5 hashing is among them.

When we start EventStore on such machine, we see the issues caused by MD5 in:

https://github.com/valeriob/EventStore-1/blob/master/src/EventStore/EventStore.Core/TransactionLog/Chunks/TFChunk/TFChunk.cs

A possible solution would be to replace MD5 with SHA1 or another compliant encryption algorithm implementation.

Have you faced a similar problem before, and what’s your view on FIPS compliance for Event Store?

We consider forking the project and researching changes required to run it on a machine that runs in FIPS compliant mode. Would you be interested in this contribution and possibly incorporate it into the project’s main branch?

Are you aware of any challenges or blockers that can make this hard to achieve?

Thanks!

igor.segodnya · February 6, 2018, 4:56pm

the link I provided might not be the best to illustrate the issue since it leads to a fork of the repo, here is a better one:

https://github.com/EventStore/EventStore/blob/daddeca886f43e40489efd7d9f45cb6ddd4aed8a/src/EventStore.Core/TransactionLog/Chunks/TFChunk/TFChunk.cs

Greg_Young1 · February 6, 2018, 5:30pm

It is pretty trivial to switch actually if you look in tfchunk.cs you can switch it out with any other available hash.

The more nasty part would be handling if people changed it on an existing database. Just switching it is a one line change + adding a command line parameter