OpenSSL 3.0

classic Classic list List threaded Threaded
20 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL 3.0

Jason Schultz

Greetings. It has been several months since this blog post on OpenSSL 3.0:

 

https://www.openssl.org/blog/blog/2019/11/07/3.0-update/

 

We are now not expecting code completion to occur until the end of Q2 2020 with a final release in early Q4 2020.

 

Is OpenSSL 3.0 still expected to reach code completion at the end of Q2 this year? Also, by “final release” I’m assuming that means the first official, non-beta/dev release?


Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Matt Caswell-2


On 25/02/2020 19:07, Jason Schultz wrote:

> Greetings. It has been several months since this blog post on OpenSSL 3.0:
>
> https://www.openssl.org/blog/blog/2019/11/07/3.0-update/
>
> “We are now not expecting code completion to occur until the end of Q2
> 2020 with a final release in early Q4 2020.”
>
> Is OpenSSL 3.0 still expected to reach code completion at the end of Q2
> this year? Also, by “final release” I’m assuming that means the first
> official, non-beta/dev release?


Since the publication of the blog post we published a more detailed
timeline. See the list of alpha/beta release about 2/3 the way down this
page:

https://www.openssl.org/policies/releasestrat.html

alpha1, 2020-03-31: Basic functionality plus basic FIPS module
alpha2, 2020-04-21: Complete external provider support (serialization,
support for new algs, support for providers which only include
operations in a class)
alpha3, 2020-05-21: Aiming to test the API completeness before beta1
freezes it)
beta1, 2020-06-02: Code complete (API stable, feature freeze)
betaN: Other beta releases TBD
Final: 2020 early Q4

We are currently still on target for this timeline and are aiming for
alpha1 at the end of March, with a final release in Q4. The final
release does indeed mean the first official non-beta/dev release -
although note that actual validation of the FIPS module may follow
sometime later.

Matt
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Sam Roberts
On Tue, Feb 25, 2020 at 8:00 PM Matt Caswell <[hidden email]> wrote:
> alpha1, 2020-03-31: Basic functionality plus basic FIPS module

I'd like to give this a spin, to get an idea what's going to be
involved in porting from FIPS2.0 to 3.0, any pointers on where to
start?

Sam
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list
>    I'd like to give this a spin, to get an idea what's going to be
    involved in porting from FIPS2.0 to 3.0, any pointers on where to
    start?
 
Per the blog post, "most applications should just need to be recompiled." :)

Get the source via instructions here: https://www.openssl.org/source/


Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Sam Roberts
On Wed, Feb 26, 2020 at 8:36 AM Salz, Rich <[hidden email]> wrote:
>
> >    I'd like to give this a spin, to get an idea what's going to be
>     involved in porting from FIPS2.0 to 3.0, any pointers on where to
>     start?
>
> Per the blog post, "most applications should just need to be recompiled." :)
>
> Get the source via instructions here: https://www.openssl.org/source/

I want to build against ***FIPS3.0***. I don't find any routes to
FIPS3.0 in the above link.

We've already ported to openssl 1.1.1, so the non-FIPS APIs should be
fine when compiled against openssl-3.0 (the promise was API
compatible).

My expectations based on the blog posts and arch/design docs is the
FIPS3.0 will be an OpenSSL 3.0 provider, and I am guessing it will be
necessary, somehow?, to tell OpenSSL which provider to use, either
programmatically or via openssl.cfg?

Or maybe I'm off track, and its a configure mode, and the provider
will be hard-coded in if openssl-3.0 is built with FIPS? But again,
how to do that?

I've spent some time poking around in the source and git logs, and
(again, could have missed it), I didn't see any FIPS specific doc
changes or hints as what to do for FIPS3.0, and it wasn't clear where
to start.

Sam
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list
The 3.0 release is a work in progress and is not done yet.

FIPS 3.0 === OpenSSL 3.0, using a FIPS-validated crypto provider which will be part of OpenSSL 3.0.

The architecture documents are at https://www.openssl.org/docs

On 2/26/20, 2:40 PM, "Sam Roberts" <[hidden email]> wrote:

    On Wed, Feb 26, 2020 at 8:36 AM Salz, Rich <[hidden email]> wrote:
    >
    > >    I'd like to give this a spin, to get an idea what's going to be
    >     involved in porting from FIPS2.0 to 3.0, any pointers on where to
    >     start?
    >
    > Per the blog post, "most applications should just need to be recompiled." :)
    >
    > Get the source via instructions here: https://www.openssl.org/source/
   
    I want to build against ***FIPS3.0***. I don't find any routes to
    FIPS3.0 in the above link.
   
    We've already ported to openssl 1.1.1, so the non-FIPS APIs should be
    fine when compiled against openssl-3.0 (the promise was API
    compatible).
   
    My expectations based on the blog posts and arch/design docs is the
    FIPS3.0 will be an OpenSSL 3.0 provider, and I am guessing it will be
    necessary, somehow?, to tell OpenSSL which provider to use, either
    programmatically or via openssl.cfg?
   
    Or maybe I'm off track, and its a configure mode, and the provider
    will be hard-coded in if openssl-3.0 is built with FIPS? But again,
    how to do that?
   
    I've spent some time poking around in the source and git logs, and
    (again, could have missed it), I didn't see any FIPS specific doc
    changes or hints as what to do for FIPS3.0, and it wasn't clear where
    to start.
   
    Sam
   

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Sam Roberts
On Wed, Feb 26, 2020 at 11:44 AM Salz, Rich <[hidden email]> wrote:
>
> The 3.0 release is a work in progress and is not done yet.
>
> FIPS 3.0 === OpenSSL 3.0, using a FIPS-validated crypto provider which will be part of OpenSSL 3.0.
>
> The architecture documents are at https://www.openssl.org/docs

Rich, I've seen all that, Matt says

> alpha1, 2020-03-31: Basic functionality plus basic FIPS module

That's 5 weeks from now, I'd thought the basic structure might be present now.

I'm willing to start some testing now to give early feedback, and to
get a sense of what will involved in porting Node.js.

If asking for information is too distracting, no problem, I'll wait
another month for the alpha and hope it contains some info on how to
do this:

> using a FIPS-validated crypto provider

Cheers,
Sam
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list
>     That's 5 weeks from now, I'd thought the basic structure might be present now.
   
It is.   You probably have to look at the tests to see how to use things.

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Dr Paul Dale
You should be able to set the environment variable OPENSSL_CONF to test/fips.cnf which will then load a FIPS only configuration.

Teething problems are expected.  Not everything has been activated in the FIPS module but enough has to do some TLS.


Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




On 27 Feb 2020, at 6:00 am, Salz, Rich via openssl-users <[hidden email]> wrote:

   That's 5 weeks from now, I'd thought the basic structure might be present now.

It is.   You probably have to look at the tests to see how to use things.


Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Matt Caswell-2


On 26/02/2020 21:06, Dr Paul Dale wrote:
> You should be able to set the environment variable OPENSSL_CONF to
> test/fips.cnf which will then load a FIPS only configuration.
>
> Teething problems are expected.  Not everything has been activated in
> the FIPS module but enough has to do some TLS.

It would probably be a good idea for us to pull together a "Getting
Started" guide on the Wiki with some basic information on how to get
things going, with some links to the various man pages etc where more
detailed information is required.

We should certainly plan to have this in place by alpha1 IMO.

Matt


>
>
> Pauli
> -- 
> Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
> Phone +61 7 3031 7217
> Oracle Australia
>
>
>
>
>> On 27 Feb 2020, at 6:00 am, Salz, Rich via openssl-users
>> <[hidden email] <mailto:[hidden email]>> wrote:
>>
>>>    That's 5 weeks from now, I'd thought the basic structure might be
>>> present now.
>>
>> It is.   You probably have to look at the tests to see how to use things.
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list

>    It would probably be a good idea for us to pull together a "Getting
    Started" guide on the Wiki with some basic information on how to get
    things going, with some links to the various man pages etc where more
    detailed information is required.
 
This needs to be real user documentation as part of the FIPS deliverable, right?

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Jason Schultz
Thanks for all of the responses. This question has led to other related topics, so I have another one. According to this blog:


The OpenSSL FIPS Object Module will be moved to the CMVP historical list as of 9/1/2020. Since there is no OpenSSL 3.0 until Q4 2020, and a FIPS Module will be after that sometime, where does this leave 1.0.2 users who need a FIPS validated object module past that date? 




From: openssl-users <[hidden email]> on behalf of Salz, Rich via openssl-users <[hidden email]>
Sent: Thursday, February 27, 2020 1:31 PM
To: Matt Caswell <[hidden email]>; [hidden email] <[hidden email]>
Subject: Re: OpenSSL 3.0
 

>    It would probably be a good idea for us to pull together a "Getting
    Started" guide on the Wiki with some basic information on how to get
    things going, with some links to the various man pages etc where more
    detailed information is required.
 
This needs to be real user documentation as part of the FIPS deliverable, right?

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list
  • The OpenSSL FIPS Object Module will be moved to the CMVP historical list as of 9/1/2020. Since there is no OpenSSL 3.0 until Q4 2020, and a FIPS Module will be after that sometime, where does this leave 1.0.2 users who need a FIPS validated object module past that date? 

 

Without their free lunch?

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Jason Schultz
That's fair. So the only option is to use another module? Extended 1.0.2 support does not resolve this either, correct?


From: Salz, Rich <[hidden email]>
Sent: Thursday, February 27, 2020 8:49 PM
To: Jason Schultz <[hidden email]>; [hidden email] <[hidden email]>
Subject: Re: OpenSSL 3.0
 
  • The OpenSSL FIPS Object Module will be moved to the CMVP historical list as of 9/1/2020. Since there is no OpenSSL 3.0 until Q4 2020, and a FIPS Module will be after that sometime, where does this leave 1.0.2 users who need a FIPS validated object module past that date? 

 

Without their free lunch?

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Neptune
In reply to this post by Jason Schultz
You essentially have three choices:
1. Stay on the 1.0.2 branch to continue FIPS compliance, but go the entire
year without support or security patches.
2. Pay OpenSSL for a premium support contract ($50,000 per year) to continue
to receive patches on 1.0.2 for the remainder of the year.
3. Pay SafeLogic for support contract to receive 1.0.2 security patches
through the year. Cost is roughly half what OpenSSL is asking, but you may
be able to negotiate.

These are the only options of which I am aware.




--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list
In reply to this post by Jason Schultz
  • That's fair. So the only option is to use another module? Extended 1.0.2 support does not resolve this either, correct?

 

I do not think that is the only option.  For example, you might be able to use 3.0 and say it’s “in evaluation.” There might be other options, that was all I could think of while composing this email.

 

HOWEVER, note that the set of validated platforms for 3.0 is very different from the current FOM.  Someone officially with the project will have to provide details on that, not me.

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Jason Schultz
In reply to this post by Neptune
For option 2, we have a support contract in place. But does this actually help us as far as the FIPS Object Module?



From: openssl-users <[hidden email]> on behalf of Neptune <[hidden email]>
Sent: Thursday, February 27, 2020 8:56 PM
To: [hidden email] <[hidden email]>
Subject: Re: OpenSSL 3.0
 
You essentially have three choices:
1. Stay on the 1.0.2 branch to continue FIPS compliance, but go the entire
year without support or security patches.
2. Pay OpenSSL for a premium support contract ($50,000 per year) to continue
to receive patches on 1.0.2 for the remainder of the year.
3. Pay SafeLogic for support contract to receive 1.0.2 security patches
through the year. Cost is roughly half what OpenSSL is asking, but you may
be able to negotiate.

These are the only options of which I am aware.




--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

OpenSSL - User mailing list
In reply to this post by Neptune
None of those choices address what happens in the 1.0.2 module goes to historic on Sept 1.  See https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules for details.



Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Walter Paley
In reply to this post by Jason Schultz
To clarify an important distinction - SafeLogic Extended Support for 1.0.2 architecture will not keep the OpenSSL FOM validated past 9/1/2020. SafeLogic does offer a compatible drop-in replacement module that is validated, will remain validated past the 186-2 deprecation on 9/1/2020, and is available with RapidCert, an accelerated validation in your company’s name, but that is a separate offering.

- Walt



Walter Paley
[hidden email]

> On Feb 27, 2020, at 12:59 PM, [hidden email] wrote:
>
> Send openssl-users mailing list submissions to
>    [hidden email]
>
> To subscribe or unsubscribe via the World Wide Web, visit
>    https://mta.openssl.org/mailman/listinfo/openssl-users
> or, via email, send a message with subject or body 'help' to
>    [hidden email]
>
> You can reach the person managing the list at
>    [hidden email]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of openssl-users digest..."
>
>
> Today's Topics:
>
>   1. Re: OpenSSL 3.0 (Salz, Rich)
>   2. Re: OpenSSL 3.0 (Neptune)
>   3. Re: OpenSSL 3.0 (Salz, Rich)
>   4. Re: OpenSSL 3.0 (Jason Schultz)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 27 Feb 2020 20:49:33 +0000
> From: "Salz, Rich" <[hidden email]>
> To: Jason Schultz <[hidden email]>, "[hidden email]"
>    <[hidden email]>
> Subject: Re: OpenSSL 3.0
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset="utf-8"
>
>  *   The OpenSSL FIPS Object Module will be moved to the CMVP historical list as of 9/1/2020. Since there is no OpenSSL 3.0 until Q4 2020, and a FIPS Module will be after that sometime, where does this leave 1.0.2 users who need a FIPS validated object module past that date?
>
> Without their free lunch?
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200227/6e69ca80/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Thu, 27 Feb 2020 13:56:10 -0700 (MST)
> From: Neptune <[hidden email]>
> To: [hidden email]
> Subject: Re: OpenSSL 3.0
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset=us-ascii
>
> You essentially have three choices:
> 1. Stay on the 1.0.2 branch to continue FIPS compliance, but go the entire
> year without support or security patches.
> 2. Pay OpenSSL for a premium support contract ($50,000 per year) to continue
> to receive patches on 1.0.2 for the remainder of the year.
> 3. Pay SafeLogic for support contract to receive 1.0.2 security patches
> through the year. Cost is roughly half what OpenSSL is asking, but you may
> be able to negotiate.
>
> These are the only options of which I am aware.
>
>
>
>
> --
> Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
>
>
> ------------------------------
>
> Message: 3
> Date: Thu, 27 Feb 2020 20:58:10 +0000
> From: "Salz, Rich" <[hidden email]>
> To: Jason Schultz <[hidden email]>, "[hidden email]"
>    <[hidden email]>
> Subject: Re: OpenSSL 3.0
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset="utf-8"
>
>  *   That's fair. So the only option is to use another module? Extended 1.0.2 support does not resolve this either, correct?
>
> I do not think that is the only option.  For example, you might be able to use 3.0 and say it?s ?in evaluation.? There might be other options, that was all I could think of while composing this email.
>
> HOWEVER, note that the set of validated platforms for 3.0 is very different from the current FOM.  Someone officially with the project will have to provide details on that, not me.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200227/985830ee/attachment-0001.html>
>
> ------------------------------
>
> Message: 4
> Date: Thu, 27 Feb 2020 20:58:36 +0000
> From: Jason Schultz <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Subject: Re: OpenSSL 3.0
> Message-ID:
>    <[hidden email]>
>    
> Content-Type: text/plain; charset="iso-8859-1"
>
> For option 2, we have a support contract in place. But does this actually help us as far as the FIPS Object Module?
>
>
> ________________________________
> From: openssl-users <[hidden email]> on behalf of Neptune <[hidden email]>
> Sent: Thursday, February 27, 2020 8:56 PM
> To: [hidden email] <[hidden email]>
> Subject: Re: OpenSSL 3.0
>
> You essentially have three choices:
> 1. Stay on the 1.0.2 branch to continue FIPS compliance, but go the entire
> year without support or security patches.
> 2. Pay OpenSSL for a premium support contract ($50,000 per year) to continue
> to receive patches on 1.0.2 for the remainder of the year.
> 3. Pay SafeLogic for support contract to receive 1.0.2 security patches
> through the year. Cost is roughly half what OpenSSL is asking, but you may
> be able to negotiate.
>
> These are the only options of which I am aware.
>
>
>
>
> --
> Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200227/ea0d384b/attachment.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> openssl-users mailing list
> [hidden email]
> https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
> ------------------------------
>
> End of openssl-users Digest, Vol 63, Issue 44
> *********************************************
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL 3.0

Matt Caswell-2
In reply to this post by Jason Schultz


On 27/02/2020 20:37, Jason Schultz wrote:
> Thanks for all of the responses. This question has led to other related
> topics, so I have another one. According to this blog:
>
> https://keypair.us/2019/12/rip-fips-186-2/
>
> The OpenSSL FIPS Object Module will be moved to the CMVP historical list
> as of 9/1/2020. Since there is no OpenSSL 3.0 until Q4 2020, and a FIPS
> Module will be after that sometime, where does this leave 1.0.2 users
> who need a FIPS validated object module past that date?

Going to the historic list will not impact existing deployments at all.
If you already have the old module deployed you can continue to use it,
even if it is on the historic list as I understand it.

You will not be able to make *new* deployments if it goes historic.

The problem is with FIPS 186-2 RSA Key gen. Modules now need to be FIPS
186-4 compliant. But the OpenSSL FIPS Object Module 2.0 is not 186-4 and
will not updated to be so. One option is to update the validation to
remove RSA as an approved algorithm (this can be done as a purely
paperwork exercise). But doing that has implications for existing
deployments. The OMC discussed this some months ago but decided not to
take any action at that time. I'm sure it will be discussed again next
time we have a f2f.

Matt



>
>
>
> ------------------------------------------------------------------------
> *From:* openssl-users <[hidden email]> on behalf of
> Salz, Rich via openssl-users <[hidden email]>
> *Sent:* Thursday, February 27, 2020 1:31 PM
> *To:* Matt Caswell <[hidden email]>; [hidden email]
> <[hidden email]>
> *Subject:* Re: OpenSSL 3.0
>  
>
>>    It would probably be a good idea for us to pull together a "Getting
>     Started" guide on the Wiki with some basic information on how to get
>     things going, with some links to the various man pages etc where more
>     detailed information is required.
>  
> This needs to be real user documentation as part of the FIPS
> deliverable, right?
>