Bro 2.5 and FIPS

Hello,

I'm attempting to run Bro 2.5 on a system that is in FIPS 140-2 compliance mode. However, any time that I attempt to run anything Bro related, I end up with MD5 Digest errors, such as:

md5_dgst.c(80): OpenSSL internal error, assertion failed: Digest MD5 forbidden in FIPS mode!

Is there any configuration in Bro somewhere that I can change to solve this, where Bro is compatible with a system that's FIPS enabled? Is that something I would only be able to deal with when compiling Bro from source, or is there a way to run Bro at all in FIPS mode?

Thanks,
- Gary

The problem is caused by the fact that Bro needs to process certs that make use of md5 and in order to do that it uses the portions of OpenSSL that handle md5...which have been disabled. As for the fix? I'm not actually sure. No matter how you swing it, you really do want to be able to use those portions of the library for network monitoring purposes. The only thing I can think of that might get you out of this is to link against an alternate version of OpenSSL that you use solely for Bro that disables FIPS mode... that way you have it enabled for most applications, but disabled for Bro. I didn't have long to look into how FIPS mode is set, but it looks like in your case it may have been a build time option.

Actually, MD5 certificates don't really happen anymore in practice, and OpenSSL would do the verification itself, which probably won't give an assertion.

While we don't support a configuration of Bro out of the Box that does not use MD5, I think you might actually be able to accomplish this without changing too much. I would try downloading the source, going into scripts/base and commenting all calls that look like...

Files::add_analyzer(f, Files::ANALYZER_MD5);

There only are a few places that do that (mainly certificates are hashed by default); however, I don't think we really need that. You probably also need to stay away from using bloom filters. But - that might be good enough to eliminate all traditional digest MD5 calls in the base configuration.

Johanna

Unfortunately it doesn't seem to be that simple. Commenting out all the references to ANALYZER_MD5 in the scripts didn't make any difference in attempting to run the program, and it seems anything that uses the openssl md5 wrapper probably is what gets stopped. I'm going through the code trying to see what happens if I just try to remove all the md5 usage for that wrapper, but honestly my current expectation is that this won't even succeed in make.

v/r
Gary W. Weasel, Jr. | Computer Engineer
Incident Response and Recovery Team, RE62
COM: 717.267.5777

Gary,

Is creating a policy exception possible for you? Honestly, I work in similar environments and it I would advise against making major modifications to Bro's source code. Document the fact that in the event of a vulnerability in your system you won't be able to be as responsive to the vulnerability. Significant source code modifications will hamper your ability to pull a patch in quickly. Since Bro doesn't use md5 anywhere that this really matters... I would hope that your compliance team is willing to be reasonable about this.

Thanks,

Stephen