Red Hat Bugzilla – Bug 1004754
In FIPS-mode, EVP_DigestInit / EVP_DigestUpdate allows MD5
Last modified: 2013-09-05 08:29:49 EDT
Created attachment 794252 [details]
Description of problem:
Net-SNMP uses OpenSSL EVP API without calling OpenSSL_add_all_digests() or similar function and it is able to compute MD5 hashes in FIPS mode.
See attached reproducer.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. enable FIPS mode
2. gcc -o test test.c -lssl -lcrypto
OpenSSL computes MD5 digest of something.
EVP_DigestInit_ex failed, MD5 not found.
EVP_DigestInit_ex() correctly fails if OpenSSL_add_all_digests() is called before.
man 3 EVP_DigestInit mentions that OpenSSL_add_all_digests() is necessary only when EVP_get_digestbyname(), EVP_get_digestbynid() or EVP_get_digestbyobj() are used and they are not in my reproducer (and in Net-SNMP).
EVP_DigestInit_ex() should either fail if OpenSSL was not initialized properly or it should attempt to initialize by itself. Computing MD5 in FIPS mode is IMHO wrong.
You have to call the OpenSSL_add_all_digests or similar initialization function otherwise you're outside of the OpenSSL FIPS module policy.
Another thing is that due to a new NIST guidance the new validation of OpenSSL will require to initialize the FIPS mode without this call directly from library constructor which means that in RHEL-6.5 this call will not be necessary.
But anyway this is not a bug in OpenSSL.