IMPALA-14385: Fix crashes using sha2() in FIPS CentOS 7

baggio000 · Impala Public Jenkins · commit e486f3e3c38d · 2025-09-04T21:00:50.000Z
This commit fixes a crash in the sha2() function that occurs when Impala is run on a FIPS enabled OS, particularly CentOS 7. Running sha2() with 384 or 512-bit lengths would cause the impalad to crash with an OpenSSL assertion failure: "Low level API call to digest SHA384 forbidden in FIPS mode!" The root cause was the direct use of low-level OpenSSL API calls like SHA384(), SHA512(). OpenSSL 1.0 (used in RHEL/CentOS 7) is particularly strict and forbids these calls in FIPS mode, causing the module to terminate the process. This patch changes to use the high-level, FIPS compliant EVP_Digest API to perform the hash in sha2() function implementation. Tests: Ran sha2() in FIPS enabled CentOs 7 after the change and succeeded. Passed exhaustive tests. Change-Id: I694532350285534fd935c92b7a78bed91ded3cb5 Reviewed-on: http://gerrit.cloudera.org:8080/23373 Reviewed-by: Impala Public Jenkins <impala-public-jenkins@cloudera.com> Tested-by: Impala Public Jenkins <impala-public-jenkins@cloudera.com>
diff --git a/be/src/exprs/utility-functions-ir.cc b/be/src/exprs/utility-functions-ir.cc
@@ -287,35 +287,40 @@ StringVal UtilityFunctions::Sha2(FunctionContext* ctx, const StringVal& input_st
     return StringVal::null();
   }
 
-  StringVal sha_hash;
+  const EVP_MD* md_alg = nullptr;
+  int digest_length = 0;
 
   switch(bit_len.val) {
     case 224:
-      sha_hash = StringVal(ctx, SHA224_DIGEST_LENGTH);
-      if (UNLIKELY(sha_hash.is_null)) return StringVal::null();
-      SHA224(input_str.ptr, input_str.len, sha_hash.ptr);
+      md_alg = EVP_sha224();
+      digest_length = SHA224_DIGEST_LENGTH;
       break;
     case 256:
-      sha_hash = StringVal(ctx, SHA256_DIGEST_LENGTH);
-      if (UNLIKELY(sha_hash.is_null)) return StringVal::null();
-      SHA256(input_str.ptr, input_str.len, sha_hash.ptr);
+      md_alg = EVP_sha256();
+      digest_length = SHA256_DIGEST_LENGTH;
       break;
     case 384:
-      sha_hash = StringVal(ctx, SHA384_DIGEST_LENGTH);
-      if (UNLIKELY(sha_hash.is_null)) return StringVal::null();
-      SHA384(input_str.ptr, input_str.len, sha_hash.ptr);
+      md_alg = EVP_sha384();
+      digest_length = SHA384_DIGEST_LENGTH;
       break;
     case 512:
-      sha_hash = StringVal(ctx, SHA512_DIGEST_LENGTH);
-      if (UNLIKELY(sha_hash.is_null)) return StringVal::null();
-      SHA512(input_str.ptr, input_str.len, sha_hash.ptr);
+      md_alg = EVP_sha512();
+      digest_length = SHA512_DIGEST_LENGTH;
       break;
     default:
       // Unsupported bit length.
       ctx->SetError(Substitute("Bit Length $0 is not supported", bit_len.val).c_str());
       return StringVal::null();
   }
 
+  StringVal sha_hash(ctx, digest_length);
+  if (UNLIKELY(sha_hash.is_null)) return StringVal::null();
+
+  // Do not use low-level calls like SHA384(), which can be forbidden in FIPS mode.
+  // This is the fips-compliant hashing implementation, which uses the high-level
+  // EVP_Digest function.
+  EVP_Digest(input_str.ptr, input_str.len, sha_hash.ptr, nullptr, md_alg, nullptr);
+
   return StringFunctions::Lower(ctx, MathFunctions::HexString(ctx, sha_hash));
 }
 
