Update library used to generate IDs in the Report constructor to be FIPS compliant #174798
Assignees
Labels
Feature:FIPS
FIPS mode for Kibana
Feature:Reporting
Reporting (PDF, CSV, ..) feature
Team:SharedUX
Team label for AppEx-SharedUX (formerly Global Experience)
Comments
kc13greiner
added
Feature:Reporting
|
Pinging @elastic/appex-sharedux (Team:SharedUX) |
1 task
tsullivan
added a commit
that referenced
this issue
Jan 24, 2024
…porting plugin (#174809) ## Summary Closes #174798 ### Checklist Delete any items that are not applicable to this PR. ### Risk Matrix Delete this section if it is not applicable to this PR. ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
|
@kc13greiner this was picked up by a community member and the fix was just merged. Is there anything else needed as part of this? |
lcawl
pushed a commit
to lcawl/kibana
that referenced
this issue
Jan 26, 2024
…porting plugin (elastic#174809) ## Summary Closes elastic#174798 ### Checklist Delete any items that are not applicable to this PR. ### Risk Matrix Delete this section if it is not applicable to this PR. ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
CoenWarmer
pushed a commit
to CoenWarmer/kibana
that referenced
this issue
Feb 15, 2024
…porting plugin (elastic#174809) ## Summary Closes elastic#174798 ### Checklist Delete any items that are not applicable to this PR. ### Risk Matrix Delete this section if it is not applicable to this PR. ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
CoenWarmer
pushed a commit
to CoenWarmer/kibana
that referenced
this issue
Feb 15, 2024
…porting plugin (elastic#174809) ## Summary Closes elastic#174798 ### Checklist Delete any items that are not applicable to this PR. ### Risk Matrix Delete this section if it is not applicable to this PR. ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Tim Sullivan <tsullivan@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature:
Currently the Report class constructor is generating IDs using the puid library, specifically the puid.generate() function. This function uses md5, which is not FIPS compliant.
Describe a specific use case for the feature:
To be FIPS compliant, we need to remove all uses of insecure hashing algorithms, which includes md5.
A similar fix to #170177 would be ideal.
Acceptable hash algorithms can be found here on pg. 18 in Table 8
The text was updated successfully, but these errors were encountered: