Finally moving away from weak hash algorithms (and extra-files while we are at it) #25876
Comments
|
This issue was discussed during the opam-repository maintainer meeting and we decided that this should go ahead. Further discussions and such can happen in the different PRs that this issue is manifesting as. |
|
Dear everyone (cc'ing manually @shonfeder @kit-ty-kate @raphael-proust), I've also done the third and fourth step. And for you to have an easier time to validate the results (well, and me verifying that I didn't break anything), there's now a tool -- https://github.com/hannesm/opam-check-checksum -- You run it with the current opam repository (use 6ed19e3) on the one side ( What does opam-check-checksum do? Well, it will read all opam files in For me this ran without issues after I fixed a silly mistake (it should retain the sha512 if it was present) in the migration command. To give some motivation, if we merge that branch, the MD5-only checksums go down from 12577 to 70 (measured with It would be great if you could either merge the opam-source-archives PR and my branch (named extra-file-to-extra-source), or tell me whether there are any steps I should do before this can be merged. You can of course take your time and look at the diff, or reproduce the results -- as mentioned, the two big commits are automated, the in-between one was a manual move to reconcile the fix-gcc patch. |
|
If you'd like to read the diff for opam-repository, I recommend to use |
|
FYI, #25960 added hashes to |
Dear values maintainers and OCaml developers and watchers of this repository,
since a long time it has been known that MD5 is a weak hash algorithm. drum beat
Finally there's a CI lint check to avoid fresh md5 checksums being added to this repository (ref ocurrent/opam-repo-ci#304). \o/
Now, there's a bit of legacy: we have around 19099 occurences of the string "md5=" in this repository.
This is distributed across the URL field of opam files and extra-files of opam files. Furthermore, extra-files are slightly painful, and the extra-source fields are preferred. I propose to change the following in one PR:
(preferably under the ocaml or ocaml-opam github organisation)EDIT: I'll just use theopam-source-archivesrepository for that, and use sha256 as checksum for these files,(Of course, we can as well use sha512 if someone knows about feasible attacks on sha256, the former is unfortunately way slower esp. on e.g. Raspberry Pi hardware.)
For the first two items, based on
opam adminfrom opam 2.2 I have OCaml code that does this automatically (see https://github.com/hannesm/opam/tree/migrate-extra-files). I'm also fine to submit a opam-repo-ci PR for the lint check.The only leftover question is whether there is any pushback or concerns? (I'm curious whether this must wait for opam 2.1.6 since earlier versions are not able to remove files on some operating systems (such as macOS)?) -- any insights?
Please raise your concerns via comments, and express your support (👍🏾) or not support (👎🏾) via reactions here.
(PS: I proposed an earlier document/PR at #25874 - where @mseri gave positive feedback, but I believe when we do such a change, let's do it at once.)
Earlier discussion at #17315 https://discuss.ocaml.org/t/opam-repository-security-and-data-integrity-posture/6478 -- Now 4 years later, I think we can act.
This is as well a necessary step for getting cryptographic signatures -- well, or at least it simplifies the design tremendously -- both having non-weak checksums of external data, and also not having arbitrary files around.
Regards from the security engine room
Update: this has been discussed and approved in the 2024 May 22nd opam-repository meeting https://github.com/ocaml/opam-repository/wiki/Meeting-notes#2024-05-22 -- there's no blocker to move forward.
Tasks to do:
The text was updated successfully, but these errors were encountered: