[openssl-users] Using FIPS mode and modifying apps

Steve Marquess marquess at openssl.com
Tue Jan 27 14:15:50 UTC 2015 

On 01/26/2015 06:21 PM, jonetsu at teksavvy.com wrote:
> On Fri, 16 Jan 2015 10:16:48 -0500
> Steve Marquess <marquess at openssl.com> wrote:
> 
>> On 01/15/2015 05:52 AM, Marcus Meissner wrote:
> 
>>> On Linux usually triggered by /proc/sys/crypto/fips_enabled
>>> containing "1" or the environment variable
>>> OPENSSL_FORCE_FIPS_MODE=1 (at least for the certs done by SUSE and
>>> Redhat, which do not use the container blob).
> 
>> That is (presumably) true for the proprietary RH and SUSE distros,
>> not so for the open source based OpenSSL FIPS Object Module or other
>> Linux distros.
> 
> I'm afraid it does not come across clear to me.  So, maybe the
> following pondering is relevant - or not.  Basically, I'm looking at
> how to integrate a FIPS-enabled OpenSSL that will be used by some
> common Open Sources applications, as well as a 3rd party application
> (with source code provided).

Tom Francis nailed the answer to this one. We did design the FIPS module
+ "FIPS capable" OpenSSL combination to make it possible to have a
system wide "FIPS mode" capability, but that presumes that the system
maintainer (i.e. OS distribution maintainer) has done the review and
modification of each application that uses cryptography to make sure it
is compatible with the many restrictions of FIPS mode.

> So, does your comment mean that the paying versions of Red
> Hat and SuSE (proprietary) have open source applications modified to at
> least include the FIPS_mode_set() call ?  Why would these releases be
> different in FIPS SSL 'power-up' POST checks when compared to regular
> free releases ?

That is indeed the assumption: that commercial versions of RH and SuSE
have modified all impacted OSS applications to operate in FIPS mode. If
they haven't they are deceiving their customers and the U.S. government.

Note that such modifications are non-trivial for some applications, for
instance OpenSSH.

> If I compare with GnuTLS that our product also uses, and with which it
> will also go to certification, its FIPS mode is completly transparent,
> with FIPS checks done on library load.

Can't help you there as I know nothing of GnuTLS. But, applications
using GnuTLS will face exactly the same problem; if they were not
designed or modified to operate in FIPS mode you're probably going to
have undesirable outcomes.

> Based on the discussion in 'The I.G. 9.5 Issue', I took a look at
> 'Implementation Guidance for FIPS PUB 140-2 and the Cryptographic
> Module Validation Program', January 15 2015 release.  In section 9.10
> it states:...

Please read the first two sentences on that web page, right at the top.

-Steve M.

-- 
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at opensslfoundation.com
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list