OpenSSL shared library in FIPS mode

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL shared library in FIPS mode

OpenSSL - User mailing list
Hi All,

We have been trying to integrate FOM 2.0.13 with OpenSSL 1.0.2u for FIPS compliance. Post integration, we have been able to run in FIPS mode, with all self-tests passing as well. However, we seem to be encountering issues in creation and parsing of ECDSA keys.

A little background on how we build the shared libcrypto library:

TARGET: x86_64 
BUILD HOST: x86_64

We do not use the OpenSSL Makefile to build the OpenSSL source. Our build  infrastructure  creates multiple static archives from the OpenSSL crypto source and finally creates a libcrypto.a from these archives as required by fipsld. The fipscanister.o and libcrypto.a are archived to create the final libcrypto.a and passed onto fipsld for creation of a dynamic library, libcrypto.so. fips_premain_dso gets built as a part of the build process too for generation of signature. These steps mimic the OpenSSL opensource Makefile.

fipsld embeds the signature into the final libcrypto.so successfully and we are able to get into FIPS mode successfully at run time. Self-tests pass as well.

Issue:

While trying to use ECDSA host keys for OpenSSH, we noticed that parsing of ECDSA key fails. DSA and RSA key creation and parsing do not have this issue. Note that the ECDSA key was generated in FIPS mode and is being parsed in FIPS mode itself.

root@localhost:/home/admin#  openssl ec -in ssh_host_key_ecdsa -text -noout
read EC key
unable to load Key
140020611143360:error:10067066:elliptic curve routines:ec_GFp_simple_oct2point:invalid encoding:../../../../vendor/openssl-fips/crypto/ec/ecp_oct.c:370:
140020611143360:error:10092010:elliptic curve routines:d2i_ECPrivateKey:EC lib:../../../../vendor/openssl-fips/crypto/ec/ec_asn1.c:1172:
140020611143360:error:100D508E:elliptic curve routines:ECKEY_PRIV_DECODE:decode error:../../../../vendor/openssl-fips/crypto/ec/ec_ameth.c:256:
140020611143360:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error:../../../../vendor/openssl-fips/crypto/evp/evp_pkey.c:92:
140020611143360:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:../../../../vendor/openssl-fips/crypto/pem/pem_pkey.c:142:
root@localhost:/home/admin# 

A portion of the sample ECDSA key generated with curve secp384r1 via ssh-keygen with "ssh-keygen -t ecdsa -b 384 -f  ssh_host_key_ecdsa" is provided below:

-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDD
........
........
-----END PRIVATE KEY-----

 A few questions related to this:

1) Is there a specific need to build the OpenSSL source only via the provided Makefile? 
2) FIPS self test for ECDSA passes but the key creation/parsing fails. Could this indicate that the FIPS module APIs are not getting invoked in the case of ECDSA?

--
Thanks & Regards,
Shirisha.
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL shared library in FIPS mode

Dr Paul Dale
OpenSSL 1.0.2 ceased being supported at the beginning of this year.

If you are deviating in any way from the prescribed build instructions (you did read the security policy didn’t you?) you are not FIPS compliant.
Not using the OpenSSL Makefile is such a deviation.  My suspicion is that you are not and never have been FIPS compliant.



Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




On 7 Jul 2020, at 3:36 pm, Shirisha Dasari via openssl-users <[hidden email]> wrote:

Hi All,

We have been trying to integrate FOM 2.0.13 with OpenSSL 1.0.2u for FIPS compliance. Post integration, we have been able to run in FIPS mode, with all self-tests passing as well. However, we seem to be encountering issues in creation and parsing of ECDSA keys.

A little background on how we build the shared libcrypto library:

TARGET: x86_64 
BUILD HOST: x86_64

We do not use the OpenSSL Makefile to build the OpenSSL source. Our build  infrastructure  creates multiple static archives from the OpenSSL crypto source and finally creates a libcrypto.a from these archives as required by fipsld. The fipscanister.o and libcrypto.a are archived to create the final libcrypto.a and passed onto fipsld for creation of a dynamic library, libcrypto.so. fips_premain_dso gets built as a part of the build process too for generation of signature. These steps mimic the OpenSSL opensource Makefile.

fipsld embeds the signature into the final libcrypto.so successfully and we are able to get into FIPS mode successfully at run time. Self-tests pass as well.

Issue:

While trying to use ECDSA host keys for OpenSSH, we noticed that parsing of ECDSA key fails. DSA and RSA key creation and parsing do not have this issue. Note that the ECDSA key was generated in FIPS mode and is being parsed in FIPS mode itself.

root@localhost:/home/admin#  openssl ec -in ssh_host_key_ecdsa -text -noout
read EC key
unable to load Key
140020611143360:error:10067066:elliptic curve routines:ec_GFp_simple_oct2point:invalid encoding:../../../../vendor/openssl-fips/crypto/ec/ecp_oct.c:370:
140020611143360:error:10092010:elliptic curve routines:d2i_ECPrivateKey:EC lib:../../../../vendor/openssl-fips/crypto/ec/ec_asn1.c:1172:
140020611143360:error:100D508E:elliptic curve routines:ECKEY_PRIV_DECODE:decode error:../../../../vendor/openssl-fips/crypto/ec/ec_ameth.c:256:
140020611143360:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error:../../../../vendor/openssl-fips/crypto/evp/evp_pkey.c:92:
140020611143360:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:../../../../vendor/openssl-fips/crypto/pem/pem_pkey.c:142:
root@localhost:/home/admin# 

A portion of the sample ECDSA key generated with curve secp384r1 via ssh-keygen with "ssh-keygen -t ecdsa -b 384 -f  ssh_host_key_ecdsa" is provided below:

-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDD
........
........
-----END PRIVATE KEY-----

 A few questions related to this:

1) Is there a specific need to build the OpenSSL source only via the provided Makefile? 
2) FIPS self test for ECDSA passes but the key creation/parsing fails. Could this indicate that the FIPS module APIs are not getting invoked in the case of ECDSA?

--
Thanks & Regards,
Shirisha.

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL shared library in FIPS mode

Murugesh
In reply to this post by OpenSSL - User mailing list
Hi,

Yes. You have to use openssl provided build files.

Thanks,
Murugesh P.

On 7/7/20, Shirisha Dasari via openssl-users <[hidden email]> wrote:

> Hi All,
>
> We have been trying to integrate FOM 2.0.13 with OpenSSL 1.0.2u for FIPS
> compliance. Post integration, we have been able to run in FIPS mode, with
> all self-tests passing as well. However, we seem to be encountering issues
> in creation and parsing of ECDSA keys.
>
> A little background on how we build the shared libcrypto library:
>
> TARGET: x86_64
> BUILD HOST: x86_64
>
> We do not use the OpenSSL Makefile to build the OpenSSL source. Our build
> infrastructure  creates multiple static archives from the OpenSSL crypto
> source and finally creates a libcrypto.a from these archives as required by
> fipsld. The fipscanister.o and libcrypto.a are archived to create the final
> libcrypto.a and passed onto fipsld for creation of a dynamic library,
> libcrypto.so. fips_premain_dso gets built as a part of the build process
> too for generation of signature. These steps mimic the OpenSSL opensource
> Makefile.
>
> fipsld embeds the signature into the final libcrypto.so successfully and we
> are able to get into FIPS mode successfully at run time. Self-tests pass as
> well.
>
> Issue:
>
> While trying to use ECDSA host keys for OpenSSH, we noticed that parsing of
> ECDSA key fails. DSA and RSA key creation and parsing do not have this
> issue. Note that the ECDSA key was generated in FIPS mode and is being
> parsed in FIPS mode itself.
>
> root@localhost:/home/admin#  openssl ec -in ssh_host_key_ecdsa -text -noout
> read EC key
> unable to load Key
> 140020611143360:error:10067066:elliptic curve
> routines:ec_GFp_simple_oct2point:invalid
> encoding:../../../../vendor/openssl-fips/crypto/ec/ecp_oct.c:370:
> 140020611143360:error:10092010:elliptic curve routines:d2i_ECPrivateKey:EC
> lib:../../../../vendor/openssl-fips/crypto/ec/ec_asn1.c:1172:
> 140020611143360:error:100D508E:elliptic curve
> routines:ECKEY_PRIV_DECODE:decode
> error:../../../../vendor/openssl-fips/crypto/ec/ec_ameth.c:256:
> 140020611143360:error:0606F091:digital envelope
> routines:EVP_PKCS82PKEY:private key decode
> error:../../../../vendor/openssl-fips/crypto/evp/evp_pkey.c:92:
> 140020611143360:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1
> lib:../../../../vendor/openssl-fips/crypto/pem/pem_pkey.c:142:
> root@localhost:/home/admin#
>
> A portion of the sample ECDSA key generated with curve secp384r1 via
> ssh-keygen with "ssh-keygen -t ecdsa -b 384 -f  ssh_host_key_ecdsa" is
> provided below:
>
> -----BEGIN PRIVATE KEY-----
> MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDD
> ........
> ........
> -----END PRIVATE KEY-----
>
>  A few questions related to this:
>
> 1) Is there a specific need to build the OpenSSL source only via the
> provided Makefile?
> 2) FIPS self test for ECDSA passes but the key creation/parsing fails.
> Could this indicate that the FIPS module APIs are not getting invoked in
> the case of ECDSA?
>
> --
> Thanks & Regards,
> Shirisha.
>
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL shared library in FIPS mode

Thomas Dwyer III
In reply to this post by Dr Paul Dale
On Tue, Jul 7, 2020 at 12:48 AM Dr Paul Dale <[hidden email]> wrote:
OpenSSL 1.0.2 ceased being supported at the beginning of this year.

If you are deviating in any way from the prescribed build instructions (you did read the security policy didn’t you?) you are not FIPS compliant.

Can you confirm whether that statement applies to the entirety of building libcrypto, or whether it's just the fipscanister.o component that requires strict adherence to the build instructions documented in the security policy?


Thanks,
Tom.III

 
Not using the OpenSSL Makefile is such a deviation.  My suspicion is that you are not and never have been FIPS compliant.



Pauli
-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia




On 7 Jul 2020, at 3:36 pm, Shirisha Dasari via openssl-users <[hidden email]> wrote:

Hi All,

We have been trying to integrate FOM 2.0.13 with OpenSSL 1.0.2u for FIPS compliance. Post integration, we have been able to run in FIPS mode, with all self-tests passing as well. However, we seem to be encountering issues in creation and parsing of ECDSA keys.

A little background on how we build the shared libcrypto library:

TARGET: x86_64 
BUILD HOST: x86_64

We do not use the OpenSSL Makefile to build the OpenSSL source. Our build  infrastructure  creates multiple static archives from the OpenSSL crypto source and finally creates a libcrypto.a from these archives as required by fipsld. The fipscanister.o and libcrypto.a are archived to create the final libcrypto.a and passed onto fipsld for creation of a dynamic library, libcrypto.so. fips_premain_dso gets built as a part of the build process too for generation of signature. These steps mimic the OpenSSL opensource Makefile.

fipsld embeds the signature into the final libcrypto.so successfully and we are able to get into FIPS mode successfully at run time. Self-tests pass as well.

Issue:

While trying to use ECDSA host keys for OpenSSH, we noticed that parsing of ECDSA key fails. DSA and RSA key creation and parsing do not have this issue. Note that the ECDSA key was generated in FIPS mode and is being parsed in FIPS mode itself.

root@localhost:/home/admin#  openssl ec -in ssh_host_key_ecdsa -text -noout
read EC key
unable to load Key
140020611143360:error:10067066:elliptic curve routines:ec_GFp_simple_oct2point:invalid encoding:../../../../vendor/openssl-fips/crypto/ec/ecp_oct.c:370:
140020611143360:error:10092010:elliptic curve routines:d2i_ECPrivateKey:EC lib:../../../../vendor/openssl-fips/crypto/ec/ec_asn1.c:1172:
140020611143360:error:100D508E:elliptic curve routines:ECKEY_PRIV_DECODE:decode error:../../../../vendor/openssl-fips/crypto/ec/ec_ameth.c:256:
140020611143360:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error:../../../../vendor/openssl-fips/crypto/evp/evp_pkey.c:92:
140020611143360:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:../../../../vendor/openssl-fips/crypto/pem/pem_pkey.c:142:
root@localhost:/home/admin# 

A portion of the sample ECDSA key generated with curve secp384r1 via ssh-keygen with "ssh-keygen -t ecdsa -b 384 -f  ssh_host_key_ecdsa" is provided below:

-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDD
........
........
-----END PRIVATE KEY-----

 A few questions related to this:

1) Is there a specific need to build the OpenSSL source only via the provided Makefile? 
2) FIPS self test for ECDSA passes but the key creation/parsing fails. Could this indicate that the FIPS module APIs are not getting invoked in the case of ECDSA?

--
Thanks & Regards,
Shirisha.

Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL shared library in FIPS mode

OpenSSL - User mailing list
In reply to this post by Murugesh
Thanks Murugesh. I just wanted to add that the FOM (OpenSSL FIPS object module) is built using the instructions provided by the User Guide:

./config
make
make install

The built fipscanister.o is integrated into the OpenSSL distribution via our own build infrastructure by mimicking the OpenSSL makefiles (including invoking fipsld to embed the signature into the library).

On Tue, Jul 7, 2020 at 8:39 PM murugesh pitchaiah <[hidden email]> wrote:
Hi,

Yes. You have to use openssl provided build files.

Thanks,
Murugesh P.

On 7/7/20, Shirisha Dasari via openssl-users <[hidden email]> wrote:
> Hi All,
>
> We have been trying to integrate FOM 2.0.13 with OpenSSL 1.0.2u for FIPS
> compliance. Post integration, we have been able to run in FIPS mode, with
> all self-tests passing as well. However, we seem to be encountering issues
> in creation and parsing of ECDSA keys.
>
> A little background on how we build the shared libcrypto library:
>
> TARGET: x86_64
> BUILD HOST: x86_64
>
> We do not use the OpenSSL Makefile to build the OpenSSL source. Our build
> infrastructure  creates multiple static archives from the OpenSSL crypto
> source and finally creates a libcrypto.a from these archives as required by
> fipsld. The fipscanister.o and libcrypto.a are archived to create the final
> libcrypto.a and passed onto fipsld for creation of a dynamic library,
> libcrypto.so. fips_premain_dso gets built as a part of the build process
> too for generation of signature. These steps mimic the OpenSSL opensource
> Makefile.
>
> fipsld embeds the signature into the final libcrypto.so successfully and we
> are able to get into FIPS mode successfully at run time. Self-tests pass as
> well.
>
> Issue:
>
> While trying to use ECDSA host keys for OpenSSH, we noticed that parsing of
> ECDSA key fails. DSA and RSA key creation and parsing do not have this
> issue. Note that the ECDSA key was generated in FIPS mode and is being
> parsed in FIPS mode itself.
>
> root@localhost:/home/admin#  openssl ec -in ssh_host_key_ecdsa -text -noout
> read EC key
> unable to load Key
> 140020611143360:error:10067066:elliptic curve
> routines:ec_GFp_simple_oct2point:invalid
> encoding:../../../../vendor/openssl-fips/crypto/ec/ecp_oct.c:370:
> 140020611143360:error:10092010:elliptic curve routines:d2i_ECPrivateKey:EC
> lib:../../../../vendor/openssl-fips/crypto/ec/ec_asn1.c:1172:
> 140020611143360:error:100D508E:elliptic curve
> routines:ECKEY_PRIV_DECODE:decode
> error:../../../../vendor/openssl-fips/crypto/ec/ec_ameth.c:256:
> 140020611143360:error:0606F091:digital envelope
> routines:EVP_PKCS82PKEY:private key decode
> error:../../../../vendor/openssl-fips/crypto/evp/evp_pkey.c:92:
> 140020611143360:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1
> lib:../../../../vendor/openssl-fips/crypto/pem/pem_pkey.c:142:
> root@localhost:/home/admin#
>
> A portion of the sample ECDSA key generated with curve secp384r1 via
> ssh-keygen with "ssh-keygen -t ecdsa -b 384 -f  ssh_host_key_ecdsa" is
> provided below:
>
> -----BEGIN PRIVATE KEY-----
> MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDD
> ........
> ........
> -----END PRIVATE KEY-----
>
>  A few questions related to this:
>
> 1) Is there a specific need to build the OpenSSL source only via the
> provided Makefile?
> 2) FIPS self test for ECDSA passes but the key creation/parsing fails.
> Could this indicate that the FIPS module APIs are not getting invoked in
> the case of ECDSA?
>
> --
> Thanks & Regards,
> Shirisha.
>


--
Thanks & Regards,
Shirisha.