[Bug 2056593] Re: [FFE] FIPS compatibility patches

Wed Mar 13 15:39:38 UTC 2024

Adding a few more details as requested by Adrien.
I used lxd to run the autopkgtest, in particular:

  # Build lxd image
  /usr/bin/autopkgtest-build-lxd ubuntu-daily:noble

  # Run
  autopkgtest -s --apt-pocket=proposed ./openssl_3.0.13-1ubuntu2.dsc -- lxd autopkgtest/ubuntu/noble/amd64

It is quite easy to verify OpenSSL doesn't accidentally enable FIPS mode
on non fips_enabled machines.

1. openssl speed will skip non-compliant alorithms in FIPS mode, if it
starts with md5 OpenSSL is not in FIPS mode.

2. Using OPENSSL_FORCE_FIPS_MODE=1 FIPS mode can be enforced resulting
in an error if the FIPS provider is not installed. Similarly
OPENSSL_FORCE_FIPS_MODE=0 can be used to force disable FIPS mode on a
fips_enabled kernel

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/2056593

Title:
  [FFE] FIPS compatibility patches

Status in openssl package in Ubuntu:
  New

Bug description:
  We have an open MR with a handful of FIPS compatibilty changes we wore hoping
  to get into 24.04. The main purpose of the changes is to detect whether the
  kernel is running in FIPS mode and adjust the behavior of the library
  accordingly by loading the correct provider backend and using defaults that
  are FIPS compliant (no md5, DES etc) instead trying to use non-compliant code
  paths and crashing.

  The proposed patches were taken from the OpenSSL version shipped in the FIPS
  archive at esm.ubuntu.com for 22.04. Having them in the regular archive will
  reduce the maintenance work significantly. None of the changes should have any
  impact on running OpenSSL in regular (non-fips) mode.

  Below is a detailed list of the changes:

  - d/p/fips/crypto-Add-kernel-FIPS-mode-detection.patch:
    This adds a new internal API to determine whether the kernel has been booted
    in FIPS mode. This can be overridden with the OPENSSL_FORCE_FIPS_MODE
    environment variable. OPENSSL_FIPS_MODE_SWITCH_PATH can be used to specify an
    alternative path for the fips_enabled file and is used in tests.
    The FIPS_MODULE switch can be used to enable build of the the FIPS provider
    module specific parts which are not needed in the OpenSSL library itself.

  - d/p/fips/crypto-Automatically-use-the-FIPS-provider-when-the-kerne.patch:
    This automatically configures all library contexts to use the FIPS provider when
    the kernel is booted in FIPS mode by:
    - Setting "fips=yes" as the default property for algorithm fetches
    - Loading and activating the FIPS provider as the fallback provider.

    If applications load providers via a configuration either because the default
    configuration is modified or they override the default configuration, this
    disables loading of the fallback providers. In this case, the configuration
    must load the FIPS provider when FIPS mode is enabled, else algorithm fetches
    will fail

    Applications can choose to use non-FIPS approved algorithms by specifying the
    "-fips" or "fips=no" property for algorithm fetches and loading the default
    provider.

  - d/p/fips/apps-speed-Omit-unavailable-algorithms-in-FIPS-mode.patch:
    Omit unavailable algorithms in FIPS mode

  - d/p/fips/apps-pass-propquery-arg-to-the-libctx-DRBG-fetches.patch
    The -propquery argument might be used to define a preference for which provider
    an algorithm is fetched from. Set the query properties for the library context
    DRBG fetches as well so that they are fetched with the same properties.

  - d/p/fips/test-Ensure-encoding-runs-with-the-correct-context-during.patch:
    This test uses 2 library contexts - one context for creating initial test keys,
    and then another context (or the default context) for running tests. There is an
    issue that during the encoding tests, the OSSL_ENCODER_CTX is created from the
    created EVP_PKEYs, which are associated with the library context used to create
    the keys. This means that encoding tests run with the wrong library context,
    which always uses the default provider.

  The link for the MR is at
  https://code.launchpad.net/~tobhe/ubuntu/+source/openssl/+git/openssl/+merge/460953

  Since OpenSSL just received another big update to 3.0.13 we had to rebase our changes
  and will have to rerun our install/upgrade tests.

  A test build is also available at
  https://launchpad.net/~tobhe/+archive/ubuntu/openssl-test/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2056593/+subscriptions