Ramaniganth, I worked on enhancing net-snmp to work with OpenSSL in FIPS mode a few months ago. After seeming to get it to work, the project was shelved, so the code never got published. But, I can tell you the approach I took. First, I would echo the advice from David Schwartz to carefully read and understand the OpenSSL FIPS security policy and user's guide - this is a very important first step if you are going to attempt this. There are two things that net-snmp needs to do in order to work in FIPS mode. At startup, it needs to call FIPS_mode_set(1) to put the OpenSSL library in FIPS mode, and then it needs to avoid calling non-FIPS algorithms - in particular MD5 and DES. Actually, I'm a little confused about whether DES has to be avoided or not, but we made the decision that when in FIPS mode we would only allow AES to be used for encryption. To call FIPS_mode_set, I added a function in snmplib/scapi.c named "sc_fips()". This function uses a static variable to tell whether or not it has been previously called, and simply returns immediately on all calls after the first one, with a value indicating whether or not FIPS mode is enabled. On the first call, it checks an environment variable, "NETSNMP_FIPS" to see whether or not FIPS mode is being requested; if not, it just returns, indicating that FIPS mode is not enabled. This is similar to the way the openssl utility works (using an environment variable to request that it operate in FIPS mode). If the environment variable is set, then FIPS_mode_set() is called, and if successful, a return is made indicating that FIPS mode is now enabled. If FIPS_mode_set() returns an error, the program aborts with an error. I then inserted calls to this function prior to each place in the code where calls to OpenSSL functions were made. This insures that if FIPS mode is requested, then FIPS_mode_set() will be called prior to calling any other OpenSSL function, but it will only be called once. Of course, when there are a series of calls to OpenSSL functions within a single function, it is sufficient to call sc_fips() just once in that function before any of the OpenSSL calls are made. The places where OpenSSL function calls are made can be found pretty easily by scanning for the "USE_OPENSSL" compile flag. There seem to be just two modules: snmplib/keytools.c and snmplib/scapi.c. By doing the initialization this way, it works for all application code that links with the library - not just snmpd, but also snmpget, snmpwalk, etc. The next problem is to make sure that non-FIPS algorithms are avoided when in FIPS mode. There are already compile-time flags that can be set to disable calling MD5 and DES - "DISABLE_MD5" and "DISABLE_DES". So, one way to create a FIPS net-snmp would be to build it with those flags set. That is, run configure with --disable-md5 and --disable-des options. We wanted to be able to select FIPS mode at run time, though, through the environment variable described above, so I couldn't compile MD5 and DES support out, but rather needed to add logic to make sure these calls were avoided whenever - but only when - running in FIPS mode. To do that conveniently, I added these macro definitions to /include/net-snmp/library/scapi.h: #define NOT_FIPS_AND !sc_fips() && #define FIPS_OR sc_fips() || #define FIPS_ENABLE sc_fips()
Then, searching through the source for all instances of DISABLE_MD5 or
DISABLE_DES, I added logic to make the same disable decision at run time
using one of those macros. For example, in snmplib/scapi.c, you'll find
this function:
int
sc_get_properlength(const oid * hashtype, u_int hashtype_len)
{
DEBUGTRACE;
/*
* Determine transform type hash length.
*/
#ifndef DISABLE_MD5
if (ISTRANSFORM(hashtype, HMACMD5Auth)) {
return BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5);
} else
#endif
if (ISTRANSFORM(hashtype, HMACSHA1Auth)) {
return BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1);
}
return SNMPERR_GENERR;
}
This was changed to:
int
sc_get_properlength(const oid * hashtype, u_int hashtype_len)
{
DEBUGTRACE;
/*
* Determine transform type hash length.
*/
#ifndef DISABLE_MD5
if (NOT_FIPS_AND ISTRANSFORM(hashtype, HMACMD5Auth)) {
return BYTESIZE(SNMP_TRANS_AUTHLEN_HMACMD5);
} else
#endif
if (ISTRANSFORM(hashtype, HMACSHA1Auth)) {
return BYTESIZE(SNMP_TRANS_AUTHLEN_HMACSHA1);
}
return SNMPERR_GENERR;
}
As a result, the MD5 HMAC function is only used if FIPS mode is not
selected. If FIPS mode is selected, it acts the same as if the code was
built with the DISABLE_MD5 flag set. Similar changes were made everywhere
the DISABLE_MD5 or DISABLE_DES compile flags were found.
Finally, note that each reference to "NOT_FIPS_AND", "FIPS_OR", or
"FIPS_ENABLE" results in a call to sc_fips(). Thus, these tests can double
as the required calls to enable fips mode in the first place.
Hope this helps with your project. As noted at the top, we didn't actually
get to final release on this, so it never went through formal testing or
customer acceptance. But, it did seem to work in preliminary testing.
Good Luck!
David McKinley
_____
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Saturday, July 21, 2007 7:02 AM
To: openssl-users@openssl.org
Subject: OpenSSL FIPS Query
Hi,
NetSNMP is the open source SNMP management Kit which uses OpenSSL Libcrypto.
I would like to know what changes I have to make in the NetSnmp to access
the FIPS compatible OpenSSL Libraries.
Thanks
Ramaniganth V.S.
Nortel : 6-877-8976
Wipro : +91-80-28520408 Xtn: 81109
Mobile: +91-9972227096
Loc.: T8-1F-A-079, EC-3, Wipro Tech., #72, Keonics Electronics City, Hosur
Main Rd, Bangalore - 560 100.
The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the addressee(s) and may
contain proprietary, confidential or privileged information. If you are not
the intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments.
WARNING: Computer viruses can be transmitted via email. The recipient should
check this email and any attachments for the presence of viruses. The
company accepts no liability for any damage caused by any virus transmitted
by this email.
www.wipro.com
smime.p7s
Description: S/MIME cryptographic signature
