Re: Will my application be FIPS 140-2 Certified under following conditions?

[Salz, Rich via openssl-users]

> It seems to me that the easiest thing to do is maintain that release of 
OpenSSL by themselves.

>Which would be another variation of such unofficial work.
  
You could look at things like that.  I consider it to be more like "your free 
FIPS ride is done, time to pay up"

>That policy page is half the problem, the other half being the decision
not to make a FIPS module for the current 1.1.x series.
  
There are many problems with the current FOM.  One notable example, is that you 
cannot have a single executable that handles both FIPS and non-FIPS TLS 
connections at the same time.  Another is the way the whole integrity check is 
done. I could go on and on, but won't.  The project spent a long time 
discussing and considering alternatives and decided a new start was the best 
way to move forwards. It was a carefully-considered decision.  The fact that it 
"left a coverage gap" in FIPS/1.0.2 was also discussed.

It's too bad not everyone is pleased. Probably those who didn't plan well, 
and/or who just got "FIPS for free" and expected that to last forever seem to 
be among those particular unhappy. Speaking for myself, AND NOT THE PROJECT, 
too bad.

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Dr Paul Dale]

I think it’s worth pointing out that OpenSSL is itself a non-profit and that 
FIPS validations cost a significant amount of money.

Until about a year ago, there was also a notable absence of FIPS sponsors.


Pauli
-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



> On 8 Jul 2019, at 7:18 pm, Jakob Bohm via openssl-users 
>  wrote:
> 
> On 08/07/2019 10:12, Dr Paul Dale wrote:
>> I have to disagree with the “decision not to make a FIPS module for the 
>> current 1.1.x series” comment.  Technically, this is true.  More 
>> practically, 3.0 is intended to be source compatible with 1.1.x.  Thus far, 
>> nothing should be broken in this respect.
>> 
> The key word is "intended".
> 
>> If support for 1.0.2 is required beyond the end of this year, it is 
>> available: https://www.openssl.org/support/contracts.html
>> 
> I am unsure if this is an affordable route for all affected users
> and distributions (especially non-profit OS distributions).
> 
>> 
>> I’d also be interested to know what is wrong with the policy page?
>> 
> 
> Only that it states the policy of stopping 1.0.2 support at end of
> 2019, which would be fine if a FIPS-capable replacement had been
> ready by now (as is fortunately the case for non-FIPS).
> 
> Enjoy
> 
> Jakob
> -- 
> Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
> 

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Jakob Bohm via openssl-users]

On 08/07/2019 10:12, Dr Paul Dale wrote:
I have to disagree with the “decision not to make a FIPS module for 
the current 1.1.x series” comment.  Technically, this is true.  More 
practically, 3.0 is intended to be source compatible with 1.1.x.  Thus 
far, nothing should be broken in this respect.



The key word is "intended".

If support for 1.0.2 is required beyond the end of this year, it is 
available: https://www.openssl.org/support/contracts.html



I am unsure if this is an affordable route for all affected users
and distributions (especially non-profit OS distributions).



I’d also be interested to know what is wrong with the policy page?



Only that it states the policy of stopping 1.0.2 support at end of
2019, which would be fine if a FIPS-capable replacement had been
ready by now (as is fortunately the case for non-FIPS).

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Dr Paul Dale]

I have to disagree with the “decision not to make a FIPS module for the current 
1.1.x series” comment.  Technically, this is true.  More practically, 3.0 is 
intended to be source compatible with 1.1.x.  Thus far, nothing should be 
broken in this respect.

If support for 1.0.2 is required beyond the end of this year, it is available: 
https://www.openssl.org/support/contracts.html 



I’d also be interested to know what is wrong with the policy page?



Pauli
-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



> On 8 Jul 2019, at 2:30 pm, Jakob Bohm via openssl-users 
>  wrote:
> 
> On 06/07/2019 16:30, Salz, Rich wrote:
>> >> They would have to get their own validation, their own lab to verify, 
>> etc., etc.
>>>That seems to contradict the other answer, which is that legally, the
>>>FIPS cannister (properly built) can be used with any software outside
>>>the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
>>>library just being the normal default.
>>   You are correct.  My statement, which was technically incorrect, is more 
>> likely to be realistic :)
>>   
>>>The point is that some people may soon be in a desperate need to find a
>> FIPS-capable replacement for OpenSSL 1.0.x.
>>   It seems to me that the easiest thing to do is maintain that release of 
>> OpenSSL by themselves.
> 
> Which would be another variation of such unofficial work.
> 
>> If someone is thinking of fitting OpenSSL 1.1.x to become a user of the 
>> existing FOM, then they will probably find it easier to, well, just maintain 
>> what currently works.
>> Just because something is past "end of life" does not mean that anyone's 
>> ability to use it is revoked.  It just means that keeping it working is 
>> their responsibility.  Anyone can use the FOM until it expires (sunsets is 
>> the term used), which lasts one year beyond 1.0.2 as I recall.  See 
>> https://www.openssl.org/blog/blog/2018/05/18/new-lts/ for some more 
>> information on this.
> 
> That policy page is half the problem, the other half being the decision
> not to make a FIPS module for the current 1.1.x series.
> 
> 
> Enjoy
> 
> Jakob
> -- 
> Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Jakob Bohm via openssl-users]

On 06/07/2019 16:30, Salz, Rich wrote:


 >> They would have to get their own validation, their own lab to verify, 
etc., etc.

That seems to contradict the other answer, which is that legally, the
FIPS cannister (properly built) can be used with any software outside
the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
library just being the normal default.
   
You are correct.  My statement, which was technically incorrect, is more likely to be realistic :)
   

The point is that some people may soon be in a desperate need to find a

 FIPS-capable replacement for OpenSSL 1.0.x.
   
It seems to me that the easiest thing to do is maintain that release of OpenSSL by themselves.


Which would be another variation of such unofficial work.



If someone is thinking of fitting OpenSSL 1.1.x to become a user of the 
existing FOM, then they will probably find it easier to, well, just maintain 
what currently works.

Just because something is past "end of life" does not mean that anyone's 
ability to use it is revoked.  It just means that keeping it working is their 
responsibility.  Anyone can use the FOM until it expires (sunsets is the term used), 
which lasts one year beyond 1.0.2 as I recall.  See 
https://www.openssl.org/blog/blog/2018/05/18/new-lts/ for some more information on this.




That policy page is half the problem, the other half being the decision
not to make a FIPS module for the current 1.1.x series.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Salz, Rich via openssl-users]

>> They would have to get their own validation, their own lab to verify, 
etc., etc.
>That seems to contradict the other answer, which is that legally, the
>FIPS cannister (properly built) can be used with any software outside
>the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
>library just being the normal default.
  
You are correct.  My statement, which was technically incorrect, is more likely 
to be realistic :)
  
>The point is that some people may soon be in a desperate need to find a
FIPS-capable replacement for OpenSSL 1.0.x.
  
It seems to me that the easiest thing to do is maintain that release of OpenSSL 
by themselves.

If someone is thinking of fitting OpenSSL 1.1.x to become a user of the 
existing FOM, then they will probably find it easier to, well, just maintain 
what currently works.

Just because something is past "end of life" does not mean that anyone's 
ability to use it is revoked.  It just means that keeping it working is their 
responsibility.  Anyone can use the FOM until it expires (sunsets is the term 
used), which lasts one year beyond 1.0.2 as I recall.  See 
https://www.openssl.org/blog/blog/2018/05/18/new-lts/ for some more information 
on this.

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Jakob Bohm]

On 04/07/2019 16:44, Salz, Rich wrote:

Is the use of OpenSSL an actual legal requirement of the certification of

 the FIPS object module, or just the easiest way to use it?
   
I'm not sure who you are asking this.


The exiting FIPS validations for OpenSSL only cover the 1.0.2 based source code.
   

Difference would be particularly significant in case someone created code

 to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
 enhancements (as the project itself has indicated no desire to do so).
   
They would have to get their own validation, their own lab to verify, etc., etc.





That seems to contradict the other answer, which is that legally, the
FIPS cannister (properly built) can be used with any software outside
the cryptographic boundary, the soon-to-be-deprecated OpenSSL 1.0.2
library just being the normal default.

If the other answer is correct, it should be perfectly OK (legally) for
someone to modify OpenSSL 1.1.1 source code to call the FIPS canister
for everything, and the result should be an application that is as FIPS
"compliant" as an application that runs something unrelated (such as
Apache mod_ssl) on top of OpenSSL-1.0.2 on top of FOM 2.x , thus no new
validation required.

The point is that some people may soon be in a desperate need to find a
FIPS-capable replacement for OpenSSL 1.0.x.



Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Salz, Rich via openssl-users]

>Is the use of OpenSSL an actual legal requirement of the certification of
the FIPS object module, or just the easiest way to use it?
  
I'm not sure who you are asking this.

The exiting FIPS validations for OpenSSL only cover the 1.0.2 based source code.
  
>Difference would be particularly significant in case someone created code
to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
enhancements (as the project itself has indicated no desire to do so).
  
They would have to get their own validation, their own lab to verify, etc., etc.

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Dr Paul Dale]

The FOM is stand alone in theory.  I.e. it isn’t mandatory to use OpenSSL 1.0 
but the two are designed to work together and are very closely intertwined.

Moving the FIPS canister forward to 1.1 would be a lot of effort.


Pauli
-- 
Dr Paul Dale | Cryptographer | Network Security & Encryption 
Phone +61 7 3031 7217
Oracle Australia



> On 4 Jul 2019, at 7:21 pm, Jakob Bohm via openssl-users 
>  wrote:
> 
> Is the use of OpenSSL an actual legal requirement of the certification of
> the FIPS object module, or just the easiest way to use it?
> 
> Difference would be particularly significant in case someone created code
> to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
> enhancements (as the project itself has indicated no desire to do so).
> 
> On 04/07/2019 04:09, Kyle Hamilton wrote:
>> Also, on question b: No.  You need to build a compatible version of openssl 
>> as specified in the User Guide, and link that version.  FIPS_mode_set() 
>> tells the library to always and only use the implementations in the FIPS 
>> canister; the canister does not replace the library entirely.
>> 
>> -Kyle H
>> 
>> On Wed, Jul 3, 2019, 11:55 Dipak B > > wrote:
>> 
>>Dear Experts,
>> 
>>Can you please help me with the following question?
>> 
>>My win32 desktop application uses 'libcurl' to interact with web
>>service, in order to get my application FIPS 140-2 certified,
>>following is the plan which I arrived at after going through the
>>'User Guide' and 'Security Policy' pdfs.
>> 
>>Plan:
>>a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build
>>it to generate fipscanister.lib (FOM) as windows static library.
>>b. Build libcurl as windows static library using above
>>fipscanister.lib
>>c. Link my desktop application with above libcurl.lib after adding
>>FIPS_mode_set()
>> 
>>Questions:
>>a. On following points a, b,c, can I confirm that my application
>>is FIPS 140-2 certified?
>>b.  fipscanister.lib is always static library and it can be
>>substituted for libssl.lib / ssleay.lib?
>> 
> 

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Jakob Bohm via openssl-users]

Is the use of OpenSSL an actual legal requirement of the certification of
the FIPS object module, or just the easiest way to use it?

Difference would be particularly significant in case someone created code
to use the validated FOM 2.0 module with the OpenSSL 1.1.x feature
enhancements (as the project itself has indicated no desire to do so).

On 04/07/2019 04:09, Kyle Hamilton wrote:
Also, on question b: No.  You need to build a compatible version of 
openssl as specified in the User Guide, and link that version.  
FIPS_mode_set() tells the library to always and only use the 
implementations in the FIPS canister; the canister does not replace 
the library entirely.


-Kyle H

On Wed, Jul 3, 2019, 11:55 Dipak B > wrote:


Dear Experts,

Can you please help me with the following question?

My win32 desktop application uses 'libcurl' to interact with web
service, in order to get my application FIPS 140-2 certified,
following is the plan which I arrived at after going through the
'User Guide' and 'Security Policy' pdfs.

Plan:
a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build
it to generate fipscanister.lib (FOM) as windows static library.
b. Build libcurl as windows static library using above
fipscanister.lib
c. Link my desktop application with above libcurl.lib after adding
FIPS_mode_set()

Questions:
a. On following points a, b,c, can I confirm that my application
is FIPS 140-2 certified?
b.  fipscanister.lib is always static library and it can be
substituted for libssl.lib / ssleay.lib?

Re: Will my application be FIPS 140-2 Certified under following conditions?

[open...@foocrypt.net]

Deepak

Just take note of the FIPS 140-2 sunset, and rise of FIPS 140-3

140-3 Takes Effect: 9/22/19
140-3 New Testing Begins: 9/22/20
140-2 Sunset: 9/21/21
140-3 Mandated: 9/22/21

And best of luck ;)

https://www.federalregister.gov/documents/2019/05/01/2019-08817/announcing-issuance-of-federal-information-processing-standard-fips-140-3-security-requirements-for
 


-- 

Regards,

Mark A. Lane   

© Mark A. Lane 1980 - 2019, All Rights Reserved.
© FooCrypt 1980 - 2019, All Rights Reserved.
© FooCrypt, A Tale of Cynical Cyclical Encryption. 1980 - 2019, All Rights 
Reserved.
© Cryptopocalypse 1980 - 2019, All Rights Reserved.

> On 4 Jul 2019, at 12:09, Kyle Hamilton  wrote:
> 
> Also, on question b: No.  You need to build a compatible version of openssl 
> as specified in the User Guide, and link that version.  FIPS_mode_set() tells 
> the library to always and only use the implementations in the FIPS canister; 
> the canister does not replace the library entirely.
> 
> -Kyle H
> 
> On Wed, Jul 3, 2019, 11:55 Dipak B  > wrote:
> Dear Experts,
> 
> Can you please help me with the following question?
> 
> My win32 desktop application uses 'libcurl' to interact with web service, in 
> order to get my application FIPS 140-2 certified, following is the plan which 
> I arrived at after going through the 'User Guide' and 'Security Policy' pdfs.
> 
> Plan:
> a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to 
> generate fipscanister.lib (FOM) as windows static library.
> b. Build libcurl as windows static library using above fipscanister.lib
> c. Link my desktop application with above libcurl.lib after adding 
> FIPS_mode_set()
> 
> Questions:
> a. On following points a, b,c, can I confirm that my application is FIPS 
> 140-2 certified?
> b.  fipscanister.lib is always static library and it can be substituted for 
> libssl.lib / ssleay.lib?
> 
> Thank you,
> Deepak

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Kyle Hamilton]

Also, on question b: No.  You need to build a compatible version of openssl
as specified in the User Guide, and link that version.  FIPS_mode_set()
tells the library to always and only use the implementations in the FIPS
canister; the canister does not replace the library entirely.

-Kyle H

On Wed, Jul 3, 2019, 11:55 Dipak B  wrote:

> Dear Experts,
>
> Can you please help me with the following question?
>
> My win32 desktop application uses 'libcurl' to interact with web service,
> in order to get my application FIPS 140-2 certified, following is the plan
> which I arrived at after going through the 'User Guide' and 'Security
> Policy' pdfs.
>
> Plan:
> a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to
> generate fipscanister.lib (FOM) as windows static library.
> b. Build libcurl as windows static library using above fipscanister.lib
> c. Link my desktop application with above libcurl.lib after adding
> FIPS_mode_set()
>
> Questions:
> a. On following points a, b,c, can I confirm that my application is FIPS
> 140-2 certified?
> b.  fipscanister.lib is always static library and it can be substituted
> for libssl.lib / ssleay.lib?
>
> Thank you,
> Deepak
>

Re: Will my application be FIPS 140-2 Certified under following conditions?

[Kyle Hamilton]

Step a. needs to verified the digest with an existing FIPS 140-2 validated
cryptography implementation.  Otherwise, to my understanding, this is the
correct sequence of events.

Do note that after building the fipscanister.lib, you will want to digest
it and print it on a certification letter that it was built as specified in
the Security Policy, signed and dated by the person who built it
(preferably also with details of the build chain).  Also, when you build
anything that links that library, you will want to verify the digest
against that letter before linking, and write a new letter specifying the
product name and version, the digest of the output, and that it was also
built in accordance with the Security Policy.  This should also be signed
and dated.  (these letters will help establish for FIPS-requiring
procurement agencies that FIPS 140-2 conformance is achieved in,what they
are procuring from you.)

-Kyle H


On Wed, Jul 3, 2019, 11:55 Dipak B  wrote:

> Dear Experts,
>
> Can you please help me with the following question?
>
> My win32 desktop application uses 'libcurl' to interact with web service,
> in order to get my application FIPS 140-2 certified, following is the plan
> which I arrived at after going through the 'User Guide' and 'Security
> Policy' pdfs.
>
> Plan:
> a. After verifying HMAC-SHA1 of openssl-fips-2.0.16.tar.gz, build it to
> generate fipscanister.lib (FOM) as windows static library.
> b. Build libcurl as windows static library using above fipscanister.lib
> c. Link my desktop application with above libcurl.lib after adding
> FIPS_mode_set()
>
> Questions:
> a. On following points a, b,c, can I confirm that my application is FIPS
> 140-2 certified?
> b.  fipscanister.lib is always static library and it can be substituted
> for libssl.lib / ssleay.lib?
>
> Thank you,
> Deepak
>