Skip to content

Commit

Permalink
ambex: Remove usage of md5
Browse files Browse the repository at this point in the history
When trying to run emissary in crypto-restricted environments (e.g.
FIPS), usage of md5 can be problematic:

```
time="2024-10-17 19:20:29.7063" level=error msg="shut down with error error: PANIC: openssl: MD5 failed" func=github.com/emissary-ingress/emissary/v3/pkg/busy.Main file="github.com/emissary-ingress/emissary/v3/pkg/busy/busy.go:87" CMD=entrypoint PID=1
```

This replaces the usage with xxhash, which should avoid usage of
unsupport crypto libraries, but keep the deterministic behavior.
  • Loading branch information
wlynch committed Oct 18, 2024
1 parent ac2dc64 commit dc24c33
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 7 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -107,6 +107,8 @@ it will be removed; but as it won't be user-visible this isn't considered a brea
instead of the Mapping name, which could reduce the cache's effectiveness. This has been fixed so
that the correct key is used. ([Incorrect Cache Key for Mapping])

- Change: Changed Ambex suffix hashing algorithm to use xxhash64 instead of md5.

[Incorrect Cache Key for Mapping]: https://github.com/emissary-ingress/emissary/issues/5714

## [3.9.0] November 13, 2023
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ require (
github.com/Masterminds/sprig v2.22.0+incompatible
github.com/cenkalti/backoff/v4 v4.2.1
github.com/census-instrumentation/opencensus-proto v0.4.1
github.com/cespare/xxhash/v2 v2.2.0
github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4
github.com/datawire/dlib v1.3.1
github.com/datawire/dtest v0.0.0-20210928162311-722b199c4c2f
Expand Down Expand Up @@ -146,7 +147,6 @@ require (
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/chai2010/gettext-go v1.0.2 // indirect
github.com/cloudflare/circl v1.3.7 // indirect
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
Expand Down
11 changes: 6 additions & 5 deletions pkg/ambex/transforms.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,12 @@ package ambex
import (
// standard library
"context"
"crypto/md5"
"encoding/hex"
"encoding/json"
"fmt"
"strconv"

// third-party libraries
"github.com/cespare/xxhash/v2"
"google.golang.org/protobuf/proto"
"google.golang.org/protobuf/types/known/anypb"

Expand Down Expand Up @@ -146,9 +146,10 @@ func V3ListenerToRdsListener(lnr *v3listener.Listener) (*v3listener.Listener, []
// associated with a given listener.
filterChainMatch, _ := json.Marshal(fc.GetFilterChainMatch())

// Use MD5 because it's decently fast and cryptographic security isn't needed.
matchHash := md5.Sum(filterChainMatch)
matchKey := hex.EncodeToString(matchHash[:])
// Use xxhash64 because it's decently fast and cryptographic security isn't needed.
h := xxhash.New()
h.Write(filterChainMatch)
matchKey := strconv.FormatUint(h.Sum64(), 16)

rc.Name = fmt.Sprintf("%s-routeconfig-%s-%d", l.Name, matchKey, matchKeyIndex[matchKey])

Expand Down
2 changes: 1 addition & 1 deletion pkg/ambex/transforms_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ func TestV3ListenerToRdsListener(t *testing.T) {

for i, rc := range routes {
// Confirm that the route name was transformed to the hashed version
assert.Equal(t, fmt.Sprintf("emissary-ingress-listener-8080-routeconfig-8c82e45fa3f94ab4e879543e0a1a30ac-%d", i), rc.GetName())
assert.Equal(t, fmt.Sprintf("emissary-ingress-listener-8080-routeconfig-29865f40cbcf32dc-%d", i), rc.GetName())

// Make sure the virtual hosts are unmodified
virtualHosts := rc.GetVirtualHosts()
Expand Down

0 comments on commit dc24c33

Please sign in to comment.