Will my application be FIPS 140-2 Certified under following conditions?

classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

Will my application be FIPS 140-2 Certified under following conditions?

Dipak B
Dear Experts,

Can you please help me with the following question?

My win32 desktop application uses 'libcurl' to interact with web service, in order to get my application FIPS 140-2 certified, following is the plan which I arrived at after going through the 'User Guide' and 'Security Policy' pdfs.

Plan:
a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to generate fipscanister.lib (FOM) as windows static library.
b. Build libcurl as windows static library using above fipscanister.lib
c. Link my desktop application with above libcurl.lib after adding FIPS_mode_set()

Questions:
a. On following points a, b,c, can I confirm that my application is FIPS 140-2 certified?
b.  fipscanister.lib is always static library and it can be substituted for libssl.lib / ssleay.lib?

Thank you,
Deepak
Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

Kyle Hamilton
Step a. needs to verified the digest with an existing FIPS 140-2 validated cryptography implementation.  Otherwise, to my understanding, this is the correct sequence of events.

Do note that after building the fipscanister.lib, you will want to digest it and print it on a certification letter that it was built as specified in the Security Policy, signed and dated by the person who built it (preferably also with details of the build chain).  Also, when you build anything that links that library, you will want to verify the digest against that letter before linking, and write a new letter specifying the product name and version, the digest of the output, and that it was also built in accordance with the Security Policy.  This should also be signed and dated.  (these letters will help establish for FIPS-requiring procurement agencies that FIPS 140-2 conformance is achieved in,what they are procuring from you.)

-Kyle H


On Wed, Jul 3, 2019, 11:55 Dipak B <[hidden email]> wrote:
Dear Experts,

Can you please help me with the following question?

My win32 desktop application uses 'libcurl' to interact with web service, in order to get my application FIPS 140-2 certified, following is the plan which I arrived at after going through the 'User Guide' and 'Security Policy' pdfs.

Plan:
a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to generate fipscanister.lib (FOM) as windows static library.
b. Build libcurl as windows static library using above fipscanister.lib
c. Link my desktop application with above libcurl.lib after adding FIPS_mode_set()

Questions:
a. On following points a, b,c, can I confirm that my application is FIPS 140-2 certified?
b.  fipscanister.lib is always static library and it can be substituted for libssl.lib / ssleay.lib?

Thank you,
Deepak
Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

Kyle Hamilton
In reply to this post by Dipak B
Also, on question b: No.  You need to build a compatible version of openssl as specified in the User Guide, and link that version.  FIPS_mode_set() tells the library to always and only use the implementations in the FIPS canister; the canister does not replace the library entirely.

-Kyle H

On Wed, Jul 3, 2019, 11:55 Dipak B <[hidden email]> wrote:
Dear Experts,

Can you please help me with the following question?

My win32 desktop application uses 'libcurl' to interact with web service, in order to get my application FIPS 140-2 certified, following is the plan which I arrived at after going through the 'User Guide' and 'Security Policy' pdfs.

Plan:
a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to generate fipscanister.lib (FOM) as windows static library.
b. Build libcurl as windows static library using above fipscanister.lib
c. Link my desktop application with above libcurl.lib after adding FIPS_mode_set()

Questions:
a. On following points a, b,c, can I confirm that my application is FIPS 140-2 certified?
b.  fipscanister.lib is always static library and it can be substituted for libssl.lib / ssleay.lib?

Thank you,
Deepak
Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

FooCrypt
Deepak

Just take note of the FIPS 140-2 sunset, and rise of FIPS 140-3

140-3 Takes Effect: 9/22/19
140-3 New Testing Begins: 9/22/20
140-2 Sunset: 9/21/21
140-3 Mandated: 9/22/21

And best of luck ;)


-- 

Regards,

Mark A. Lane   

© Mark A. Lane 1980 - 2019, All Rights Reserved.
© FooCrypt 1980 - 2019, All Rights Reserved.
© FooCrypt, A Tale of Cynical Cyclical Encryption. 1980 - 2019, All Rights Reserved.
© Cryptopocalypse 1980 - 2019, All Rights Reserved.

On 4 Jul 2019, at 12:09, Kyle Hamilton <[hidden email]> wrote:

Also, on question b: No.  You need to build a compatible version of openssl as specified in the User Guide, and link that version.  FIPS_mode_set() tells the library to always and only use the implementations in the FIPS canister; the canister does not replace the library entirely.

-Kyle H

On Wed, Jul 3, 2019, 11:55 Dipak B <[hidden email]> wrote:
Dear Experts,

Can you please help me with the following question?

My win32 desktop application uses 'libcurl' to interact with web service, in order to get my application FIPS 140-2 certified, following is the plan which I arrived at after going through the 'User Guide' and 'Security Policy' pdfs.

Plan:
a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to generate fipscanister.lib (FOM) as windows static library.
b. Build libcurl as windows static library using above fipscanister.lib
c. Link my desktop application with above libcurl.lib after adding FIPS_mode_set()

Questions:
a. On following points a, b,c, can I confirm that my application is FIPS 140-2 certified?
b.  fipscanister.lib is always static library and it can be substituted for libssl.lib / ssleay.lib?

Thank you,
Deepak

Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

OpenSSL - User mailing list
In reply to this post by Kyle Hamilton
Is the use of OpenSSL an actual legal requirement of the certification of
the FIPS object module, or just the easiest way to use it?

Difference would be particularly significant in case someone created code
to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
enhancements (as the project itself has indicated no desire to do so).

On 04/07/2019 04:09, Kyle Hamilton wrote:

> Also, on question b: No.  You need to build a compatible version of
> openssl as specified in the User Guide, and link that version. 
> FIPS_mode_set() tells the library to always and only use the
> implementations in the FIPS canister; the canister does not replace
> the library entirely.
>
> -Kyle H
>
> On Wed, Jul 3, 2019, 11:55 Dipak B <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Dear Experts,
>
>     Can you please help me with the following question?
>
>     My win32 desktop application uses 'libcurl' to interact with web
>     service, in order to get my application FIPS 140-2 certified,
>     following is the plan which I arrived at after going through the
>     'User Guide' and 'Security Policy' pdfs.
>
>     Plan:
>     a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build
>     it to generate fipscanister.lib (FOM) as windows static library.
>     b. Build libcurl as windows static library using above
>     fipscanister.lib
>     c. Link my desktop application with above libcurl.lib after adding
>     FIPS_mode_set()
>
>     Questions:
>     a. On following points a, b,c, can I confirm that my application
>     is FIPS 140-2 certified?
>     b.  fipscanister.lib is always static library and it can be
>     substituted for libssl.lib / ssleay.lib?
>

Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

Dr Paul Dale
The FOM is stand alone in theory.  I.e. it isn’t mandatory to use OpenSSL 1.0 but the two are designed to work together and are very closely intertwined.

Moving the FIPS canister forward to 1.1 would be a lot of effort.


Pauli
-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



On 4 Jul 2019, at 7:21 pm, Jakob Bohm via openssl-users <[hidden email]> wrote:

Is the use of OpenSSL an actual legal requirement of the certification of
the FIPS object module, or just the easiest way to use it?

Difference would be particularly significant in case someone created code
to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
enhancements (as the project itself has indicated no desire to do so).

On 04/07/2019 04:09, Kyle Hamilton wrote:
Also, on question b: No.  You need to build a compatible version of openssl as specified in the User Guide, and link that version.  FIPS_mode_set() tells the library to always and only use the implementations in the FIPS canister; the canister does not replace the library entirely.

-Kyle H

On Wed, Jul 3, 2019, 11:55 Dipak B <[hidden email] <[hidden email]>> wrote:

   Dear Experts,

   Can you please help me with the following question?

   My win32 desktop application uses 'libcurl' to interact with web
   service, in order to get my application FIPS 140-2 certified,
   following is the plan which I arrived at after going through the
   'User Guide' and 'Security Policy' pdfs.

   Plan:
   a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build
   it to generate fipscanister.lib (FOM) as windows static library.
   b. Build libcurl as windows static library using above
   fipscanister.lib
   c. Link my desktop application with above libcurl.lib after adding
   FIPS_mode_set()

   Questions:
   a. On following points a, b,c, can I confirm that my application
   is FIPS 140-2 certified?
   b.  fipscanister.lib is always static library and it can be
   substituted for libssl.lib / ssleay.lib?



Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

OpenSSL - User mailing list
In reply to this post by OpenSSL - User mailing list
>    Is the use of OpenSSL an actual legal requirement of the certification of
    the FIPS object module, or just the easiest way to use it?
 
I'm not sure who you are asking this.

The exiting FIPS validations for OpenSSL only cover the 1.0.2 based source code.
 
>    Difference would be particularly significant in case someone created code
    to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
    enhancements (as the project itself has indicated no desire to do so).
 
They would have to get their own validation, their own lab to verify, etc., etc.


Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

Jakob Bohm-7
On 04/07/2019 16:44, Salz, Rich wrote:

>>     Is the use of OpenSSL an actual legal requirement of the certification of
>      the FIPS object module, or just the easiest way to use it?
>    
> I'm not sure who you are asking this.
>
> The exiting FIPS validations for OpenSSL only cover the 1.0.2 based source code.
>    
>>     Difference would be particularly significant in case someone created code
>      to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
>      enhancements (as the project itself has indicated no desire to do so).
>    
> They would have to get their own validation, their own lab to verify, etc., etc.
>
>

That seems to contradict the other answer, which is that legally, the
FIPS cannister (properly built) can be used with any software outside
the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
library just being the normal default.

If the other answer is correct, it should be perfectly OK (legally) for
someone to modify OpenSSL 1.1.1 source code to call the FIPS canister
for everything, and the result should be an application that is as FIPS
"compliant" as an application that runs something unrelated (such as
Apache mod_ssl) on top of OpenSSL-1.0.2 on top of FOM 2.x , thus no new
validation required.

The point is that some people may soon be in a desperate need to find a
FIPS-capable replacement for OpenSSL 1.0.x.



Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

OpenSSL - User mailing list

    >> They would have to get their own validation, their own lab to verify, etc., etc.
>    That seems to contradict the other answer, which is that legally, the
>    FIPS cannister (properly built) can be used with any software outside
>    the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
>    library just being the normal default.
 
You are correct.  My statement, which was technically incorrect, is more likely to be realistic :)
 
>    The point is that some people may soon be in a desperate need to find a
    FIPS-capable replacement for OpenSSL 1.0.x.
 
It seems to me that the easiest thing to do is maintain that release of OpenSSL by themselves.

If someone is thinking of fitting OpenSSL 1.1.x to become a user of the existing FOM, then they will probably find it easier to, well, just maintain what currently works.

Just because something is past "end of life" does not mean that anyone's ability to use it is revoked.  It just means that keeping it working is their responsibility.  Anyone can use the FOM until it expires (sunsets is the term used), which lasts one year beyond 1.0.2 as I recall.  See https://www.openssl.org/blog/blog/2018/05/18/new-lts/ for some more information on this.


Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

OpenSSL - User mailing list
On 06/07/2019 16:30, Salz, Rich wrote:

>
>      >> They would have to get their own validation, their own lab to verify, etc., etc.
>>     That seems to contradict the other answer, which is that legally, the
>>     FIPS cannister (properly built) can be used with any software outside
>>     the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
>>     library just being the normal default.
>    
> You are correct.  My statement, which was technically incorrect, is more likely to be realistic :)
>    
>>     The point is that some people may soon be in a desperate need to find a
>      FIPS-capable replacement for OpenSSL 1.0.x.
>    
> It seems to me that the easiest thing to do is maintain that release of OpenSSL by themselves.

Which would be another variation of such unofficial work.

>
> If someone is thinking of fitting OpenSSL 1.1.x to become a user of the existing FOM, then they will probably find it easier to, well, just maintain what currently works.
>
> Just because something is past "end of life" does not mean that anyone's ability to use it is revoked.  It just means that keeping it working is their responsibility.  Anyone can use the FOM until it expires (sunsets is the term used), which lasts one year beyond 1.0.2 as I recall.  See https://www.openssl.org/blog/blog/2018/05/18/new-lts/ for some more information on this.
>
>

That policy page is half the problem, the other half being the decision
not to make a FIPS module for the current 1.1.x series.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

Dr Paul Dale
I have to disagree with the “decision not to make a FIPS module for the current 1.1.x series” comment.  Technically, this is true.  More practically, 3.0 is intended to be source compatible with 1.1.x.  Thus far, nothing should be broken in this respect.

If support for 1.0.2 is required beyond the end of this year, it is available: https://www.openssl.org/support/contracts.html


I’d also be interested to know what is wrong with the policy page?



Pauli
-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



On 8 Jul 2019, at 2:30 pm, Jakob Bohm via openssl-users <[hidden email]> wrote:

On 06/07/2019 16:30, Salz, Rich wrote:
    >> They would have to get their own validation, their own lab to verify, etc., etc.
   That seems to contradict the other answer, which is that legally, the
   FIPS cannister (properly built) can be used with any software outside
   the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
   library just being the normal default.
  You are correct.  My statement, which was technically incorrect, is more likely to be realistic :)
  
   The point is that some people may soon be in a desperate need to find a
    FIPS-capable replacement for OpenSSL 1.0.x.
  It seems to me that the easiest thing to do is maintain that release of OpenSSL by themselves.

Which would be another variation of such unofficial work.

If someone is thinking of fitting OpenSSL 1.1.x to become a user of the existing FOM, then they will probably find it easier to, well, just maintain what currently works.
Just because something is past "end of life" does not mean that anyone's ability to use it is revoked.  It just means that keeping it working is their responsibility.  Anyone can use the FOM until it expires (sunsets is the term used), which lasts one year beyond 1.0.2 as I recall.  See https://www.openssl.org/blog/blog/2018/05/18/new-lts/ for some more information on this.

That policy page is half the problem, the other half being the decision
not to make a FIPS module for the current 1.1.x series.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

OpenSSL - User mailing list
On 08/07/2019 10:12, Dr Paul Dale wrote:
> I have to disagree with the “decision not to make a FIPS module for
> the current 1.1.x series” comment.  Technically, this is true.  More
> practically, 3.0 is intended to be source compatible with 1.1.x.  Thus
> far, nothing should be broken in this respect.
>
The key word is "intended".

> If support for 1.0.2 is required beyond the end of this year, it is
> available: https://www.openssl.org/support/contracts.html
>
I am unsure if this is an affordable route for all affected users
and distributions (especially non-profit OS distributions).

>
> I’d also be interested to know what is wrong with the policy page?
>

Only that it states the policy of stopping 1.0.2 support at end of
2019, which would be fine if a FIPS-capable replacement had been
ready by now (as is fortunately the case for non-FIPS).

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

Dr Paul Dale
I think it’s worth pointing out that OpenSSL is itself a non-profit and that FIPS validations cost a significant amount of money.

Until about a year ago, there was also a notable absence of FIPS sponsors.


Pauli
-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



On 8 Jul 2019, at 7:18 pm, Jakob Bohm via openssl-users <[hidden email]> wrote:

On 08/07/2019 10:12, Dr Paul Dale wrote:
I have to disagree with the “decision not to make a FIPS module for the current 1.1.x series” comment.  Technically, this is true.  More practically, 3.0 is intended to be source compatible with 1.1.x.  Thus far, nothing should be broken in this respect.

The key word is "intended".

If support for 1.0.2 is required beyond the end of this year, it is available: https://www.openssl.org/support/contracts.html

I am unsure if this is an affordable route for all affected users
and distributions (especially non-profit OS distributions).


I’d also be interested to know what is wrong with the policy page?


Only that it states the policy of stopping 1.0.2 support at end of
2019, which would be fine if a FIPS-capable replacement had been
ready by now (as is fortunately the case for non-FIPS).

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded


Reply | Threaded
Open this post in threaded view
|

Re: Will my application be FIPS 140-2 Certified under following conditions?

OpenSSL - User mailing list
In reply to this post by OpenSSL - User mailing list
    > It seems to me that the easiest thing to do is maintain that release of OpenSSL by themselves.
   
>    Which would be another variation of such unofficial work.
 
You could look at things like that.  I consider it to be more like "your free FIPS ride is done, time to pay up"

>    That policy page is half the problem, the other half being the decision
    not to make a FIPS module for the current 1.1.x series.
 
There are many problems with the current FOM.  One notable example, is that you cannot have a single executable that handles both FIPS and non-FIPS TLS connections at the same time.  Another is the way the whole integrity check is done. I could go on and on, but won't.  The project spent a long time discussing and considering alternatives and decided a new start was the best way to move forwards. It was a carefully-considered decision.  The fact that it "left a coverage gap" in FIPS/1.0.2 was also discussed.

It's too bad not everyone is pleased. Probably those who didn't plan well, and/or who just got "FIPS for free" and expected that to last forever seem to be among those particular unhappy. Speaking for myself, AND NOT THE PROJECT, too bad.