[openssl-users] Using FIPS mode and modifying apps

jonetsu at teksavvy.com jonetsu at teksavvy.com
Mon Jan 26 23:21:41 UTC 2015

On Fri, 16 Jan 2015 10:16:48 -0500
Steve Marquess <marquess at openssl.com> wrote:

> On 01/15/2015 05:52 AM, Marcus Meissner wrote:

>> On Linux usually triggered by /proc/sys/crypto/fips_enabled
>> containing "1" or the environment variable
>> OPENSSL_FORCE_FIPS_MODE=1 (at least for the certs done by SUSE and
>> Redhat, which do not use the container blob).

> That is (presumably) true for the proprietary RH and SUSE distros,
> not so for the open source based OpenSSL FIPS Object Module or other
> Linux distros.

I'm afraid it does not come across clear to me.  So, maybe the
following pondering is relevant - or not.  Basically, I'm looking at
how to integrate a FIPS-enabled OpenSSL that will be used by some
common Open Sources applications, as well as a 3rd party application
(with source code provided).

So, does your comment mean that the paying versions of Red
Hat and SuSE (proprietary) have open source applications modified to at
least include the FIPS_mode_set() call ?  Why would these releases be
different in FIPS SSL 'power-up' POST checks when compared to regular
free releases ?

If I compare with GnuTLS that our product also uses, and with which it
will also go to certification, its FIPS mode is completly transparent,
with FIPS checks done on library load.

Based on the discussion in 'The I.G. 9.5 Issue', I took a look at
'Implementation Guidance for FIPS PUB 140-2 and the Cryptographic
Module Validation Program', January 15 2015 release.  In section 9.10
it states:

  "The power-on self-tests of the module shall be triggered from
  within that library function or code block. This execution paradigm
  satisfies AS09.08 and AS09.09 for a validated module."

This would make it OK for OpenSSL to automatically run the FIPS checks
when an application loads the library.  Are the issues noted in the
'I.G. 9.5 Issue' still relevant ?  For instance, the first paragraph
of Q4 refers to an application using the library before the library
itself has finished doing the FIPS POST checks.  Hmmm.  without
knowing the details I must say, it 'looks like' GnuTLS has solved this
problem - or will it simply fail certification lab testing ?

Further in the CMVP IG, there is mention that ('DEP' is a default
entry point) :

  "The presence of a library DEP forces the OS loader to call the DEP
  when it loads the library on behalf of the application linking it.
  The DEP is executed automatically and independently of the
  application code before the OS loader hands control back to the
  application. The OS loader utilizes a standard mechanism for
  invoking the DEP, which is agnostic of the library programming
  interface and completely independent of the application code."

Wouldn't this mechanism be solving the problems raised in Q4 ?


More information about the openssl-users mailing list