[openssl-dev] OpenSSL 1.1.0 and FIPS

[Richard Levitte]

In message <20160222185829.GA19490 at openssl.org> on Mon, 22 Feb 2016 18:58:29 +0000, "Dr. Stephen Henson" <steve at openssl.org> said:

steve> On Mon, Feb 22, 2016, Wall, Stephen wrote:
steve> 
steve> > I wonder if I could get the thoughts of some of you developers on how
steve> > difficult it would be to build an engine for OpenSSL 1.1.0 that makes use of
steve> > the current (2.0.11?) fipscanister.o.  Also, opinions on if this would be a
steve> > legitimate way to get FIPS in 1.1.0.
steve> > 
steve> 
steve> Just to add a few thoughts to this.
steve> 
steve> It would be very tricky and rather messy. The 2.0.x module uses various
steve> shortcuts (which were pretty much essential given the time pressure on its
steve> development) such as keeping structure compatible with OpenSSL. For 1.1.0 many
steve> structures have changed considerably and many are opaque so this wont work.
steve> 
steve> Add to that that it isn't just a case of having an external ENGINE. There
steve> needs to be some extensive glue code in OpenSSL itself to (for example) ensure
steve> that the correct imeplementation is used and to block unapproved APIs and
steve> algorithms. 
steve> 
steve> So while I think it is theoretically possible I think handling this as part of
steve> a new validation effort would be the best approach. We could then incorporate
steve> some of the new FIPS 140-2 requirements and add some new algorithms.

This is where I go dreamy eyed with a desire to make all our built in
algorithm into an engine, loadable like any other engine.  The current
retrofit we do because we want to support having the low level
functions as dispatchers into a loaded engine still gives me the heeby
jeebies.

With that kind of setup, wouldn't it be incredibly easy to have the
approved FIPS 140-2 engine?

(if this ever happens, it's in the far future, folks)

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/