[openssl-dev] OpenSSL 1.1.0 and FIPS

Steve Marquess marquess at openssl.com
Mon Feb 22 20:22:36 UTC 2016 

On 02/22/2016 01:58 PM, Dr. Stephen Henson wrote:
> On Mon, Feb 22, 2016, Wall, Stephen wrote:
> 
>> I wonder if I could get the thoughts of some of you developers on how
>> difficult it would be to build an engine for OpenSSL 1.1.0 that makes use of
>> the current (2.0.11?) fipscanister.o.  Also, opinions on if this would be a
>> legitimate way to get FIPS in 1.1.0.
>>
> 
> Just to add a few thoughts to this.
> 
> It would be very tricky and rather messy. The 2.0.x module uses various
> shortcuts (which were pretty much essential given the time pressure on its
> development) such as keeping structure compatible with OpenSSL. For 1.1.0 many
> structures have changed considerably and many are opaque so this wont work.
> 
> Add to that that it isn't just a case of having an external ENGINE. There
> needs to be some extensive glue code in OpenSSL itself to (for example) ensure
> that the correct imeplementation is used and to block unapproved APIs and
> algorithms. 
> ...

This last point is worth emphasizing. While the formal FIPS validation
is more or less done in a vacuum (or perhaps I should say "reality
independent context"), it has to be used in a real world setting with
application code (probably legacy code developed to use stock OpenSSL).
That means a) using it with OpenSSL, because the FIPS module alone is
too impoverished an API for direct use, and b) making sure your
application does only FIPS allowed cryptography while FIPS mode is
enabled. That latter step is a lot harder than it looks. While some
vendors won't care as long as they have some minimal level of buzzword
compliance, some do.

With the "FIPS enabled" OpenSSL converting your existing application for
FIPS 140-2 can be as simple as throwing in a FIPS_mode_set() call. With
a stock OpenSSL and hand-jammed FIPS module you'd need to manually vet
all application code; the stock OpenSSL won't let you know when your
application uses non-allowed cryptography.

-Steve M.

-- 
Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-dev mailing list