René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Fallback md5 is used, when trying hard to only use OpenSSL","articleBody":"# Bug report\r\n\r\n### Bug description:\r\n\r\nWhen\r\n* OpenSSL is configured in FIPS mode\r\n* recommended config is used to only load \"base + fips\" providers\r\n* without the default provider\r\n* CPython is compiled with `--with-builtin-hashlib-hashes=blake2` to exclude fallback implementation of MD5\r\n\r\nupon importing hashlib fails to create MD5 construct.\r\n\r\n```python\r\n# python3.10 -c 'import hashlib'\r\nERROR:root:code for hash md5 was not found.\r\nTraceback (most recent call last):\r\n  File \"/usr/lib/python3.10/hashlib.py\", line 137, in __get_openssl_constructor\r\n    f(usedforsecurity=False)\r\nValueError: [digital envelope routines] unsupported\r\n\r\nDuring handling of the above exception, another exception occurred:\r\n\r\nTraceback (most recent call last):\r\n  File \"/usr/lib/python3.10/hashlib.py\", line 261, in \u003cmodule\u003e\r\n    globals()[__func_name] = __get_hash(__func_name)\r\n  File \"/usr/lib/python3.10/hashlib.py\", line 141, in __get_openssl_constructor\r\n    return __get_builtin_constructor(name)\r\n  File \"/usr/lib/python3.10/hashlib.py\", line 123, in __get_builtin_constructor\r\n    raise ValueError('unsupported hash type ' + name)\r\nValueError: unsupported hash type md5\r\n```\r\n\r\nReference implementation is upstream openssl 3.3.0, with enable-fips, fipsinstall completed and openssl.cnf set to\r\n```\r\n# cat /etc/ssl/openssl.cnf \r\nconfig_diagnostics = 1\r\nopenssl_conf = openssl_init\r\n\r\n.include /etc/ssl/fipsmodule.cnf\r\n\r\n[openssl_init]\r\nproviders = provider_sect\r\nalg_section = algorithm_sect\r\n\r\n[provider_sect]\r\nfips = fips_sect\r\nbase = base_sect\r\n\r\n[base_sect]\r\nactivate = 1\r\n\r\n[algorithm_sect]\r\ndefault_properties = fips=yes\r\n```\r\n\r\nIn essence, things work well only when \"default + fips\" providers are loaded, as then MD5 functions in OpenSSL are detected as available and are used at runtime and correctly get blocked.\r\n\r\nWhen only \"base + fips\" providers are loaded, ValueError is raised by OpenSSL constructor, and instead fallback implementation used from _md5 module if it was compiled in.\r\n\r\nIt seems like the above configuration was not tested, however it can be made to work. CPython should try to load  the \"default\" OpenSSL provider, to guarantee access to non-fips hashes.\r\n\r\n### Security concerns\r\n\r\nThis is FedRAMP/FIPS compliance by-pass. This issue may allow using md5 without specifying \"usedforsecurity=False\" on systems otherwise configured to be in FIPS-mode only. And is the primary reason why documentation mentions that certain distributors of python remove md5 module altogether.\r\n\r\n### CPython versions tested on:\r\n\r\n3.10, 3.11, 3.12\r\n\r\n### Operating systems tested on:\r\n\r\nLinux\r\n\r\n\u003c!-- gh-linked-prs --\u003e\r\n### Linked PRs\r\n* gh-118236\r\n* gh-118238\r\n* gh-118239\r\n* gh-118240\r\n* gh-118264\r\n* gh-127300\n\u003c!-- /gh-linked-prs --\u003e\r\n","author":{"url":"https://github.com/xnox","@type":"Person","name":"xnox"},"datePublished":"2024-04-24T12:49:43.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":24},"url":"https://github.com/118224/cpython/issues/118224"}