RE: [EXTERNAL] Re: Can Tomcat 9 be FIPS compliant without OpenSSL?

Thu, 03 Dec 2020 19:16:52 -0800 

You can add this to your guide and perhaps a little explanation:

Add this to your JAVA_OPTS: -Dorg.bouncycastle.rsa.allow_multi_use=true

Otherwise you're doomed to run into weird random and failures depending on what 
cipher suite your browser and server agree on which believe me, combined with 
the BCFIPS's atrocious logging levels can be quite hard to troubleshoot. But if 
you enable that...well technically you break out of FIPS compliance. The other 
option is to remove all RSA-based suites from your server's list so you don't 
run into the issue or always run with DSA keys

George


-----Original Message-----
From: George Stanchev
Sent: Thursday, December 03, 2020 7:59 PM
To: Tomcat Users List <users@tomcat.apache.org>; Avik Ray <avikra...@gmail.com>
Subject: RE: [EXTERNAL] Re: Can Tomcat 9 be FIPS compliant without OpenSSL?

Java's FIPS mode is "expirmental" feature that was removed in later Java 
versions. It was never certified (AFAIK). To me the only two viable options are 
via APR+OpenSSL 1.0.1/FIPS and BCFIPS. We have implemented the later and have 
ran into issues with RSA keys. First the C# BCPROV doesn't support 4096 bit RSA 
keys (I know weird, but our config app is C# and we use BCFIPS/C# there) but 
that's OK, you can use Windows CNG or CAPI but of course you have to put the 
whole Windows in FIPS which is not prarctical all the time. But second, and 
most important BCFIPS implements stricter FIPS requirement that an RSA key 
cannot be used for both encipherment and signature and BCFIPS really tracks the 
usage. This, combined with the fact that Tomcat (8.5.someting about an year 
ago) doesn't really support multiple keys for SSL that can be dynamically 
selected really leaves you with only DSA key. Now, BC does support a system 
property to disable this FIPS requirement but now you are not FIPS compliant, 
strictly speaking. Which, as FIPS-compliancy goes, might or might not be a 
problem as it is really a self-reporting. Also, no way to get PKCS12 keystores 
in FIPS mode so you're stuck with BCKFS or PEMs.

George

-----Original Message-----
From: Amit Pande <amit.pa...@veritas.com>
Sent: Tuesday, November 24, 2020 9:31 AM
To: Tomcat Users List <users@tomcat.apache.org>; Avik Ray <avikra...@gmail.com>
Subject: RE: [EXTERNAL] Re: Can Tomcat 9 be FIPS compliant without OpenSSL?

Avik,

Did you happen to try out the steps in README 
https://github.com/amitlpande/tomcat-9-fips here? I am looking for feedback 
from the community before I could add these steps (and some more) on Tomcat 
Security FAQ page. So, really appreciate your (and others') feedback.

The steps above rely purely on JSSE and JCA/JCE providers, no OpenSSL use.

These steps will enable a plain vanilla Tomcat to run in FIPS compliant mode. 
And as Chris mentioned below, we need to ensure any web app deployed within the 
Tomcat use FIPS compliant constructs.

Thanks,
Amit

-----Original Message-----
From: Christopher Schultz <ch...@christopherschultz.net>
Sent: Friday, November 6, 2020 3:40 PM
To: Tomcat Users List <users@tomcat.apache.org>; Avik Ray <avikra...@gmail.com>
Subject: [EXTERNAL] Re: Can Tomcat 9 be FIPS compliant without OpenSSL?

Avik,

On 11/6/20 14:50, Avik Ray wrote:
> Thanks a lot Anil for the detailed readme, and Martin for pointing me to it.
> 
> We have done most of these configs. Are these steps sufficient to 
> ensure that all incoming and outgoing TLS connections are FIPS compliant?

This isn't something that the Tomcat community can really comment on. If you 
have a requirement to be FIPS-compliant, then you will need to evaluate whether 
of not you have met that requirement yourself.

> Or is there also a need to compile an APR connector with an underlying 
> implementation of openssl?

You do not NEED to do this, but it is a possibility that will allow you to 
definitely put the crypto engine into "FIPS mode".

> Is the APR approach just an alternative to the JSSE approach covered 
> in Anil's readme, and both hold equally good to be FIPS compliant?

Theoretically, yes.

It's also possible, I believe, to make The Sun/Oracle JSSE provider FIPS 
compliant. Hmm maybe not: https://stackoverflow.com/a/5047855/276232
(FYI Stephen Colebourne tends to know what he's talking about.) It's a little 
unclear to me whether or not this is possible, while OpenSSL has very good 
documentation for how to build a FIPS-compliant binary library and then put it 
in the right mode.

How FIPS-compliant do you actually need to be? It's pretty trivial to make sure 
that you support certain algorithms, etc. and that you disable other ones. 
FIPS, however, technically requires that you enable certain algorithms that 
really should no longer be used. These days, strict FIPS compliance is IMHO a 
risk to be avoided.

-chris

> On Fri, 6 Nov, 2020, 12:51 Martin Grigorov, <mgrigo...@apache.org> wrote:
> 
>> Hi,
>>
>> On Fri, Nov 6, 2020 at 8:57 AM Avik Ray <avikra...@gmail.com> wrote:
>>
>>> Dear team,
>>> Sending this query again after subscribing to the mailing list. Sent 
>>> it originally 3 days back, but just saw an error response in the 
>>> spam folder asking to subscribe first.
>>>
>>> We are using Tomcat 9.0.37 x64 on Windows Server 2016 OS and the NIO 
>>> connector with JSSE, without an underlying OpenSSL.
>>>
>>> As per Tomcat 9 docs, the only mention of FIPS compliant operation I 
>>> see is in the config of APR lifecycle listener, with the expectation 
>>> of an underlying OpenSSL implementation that can be set to FIPS 
>>> enabled mode. Ref:
>>> https://tomcat.apache.org/tomcat-9.0-doc/config/listeners.html
>>>
>>> Is it possible to be FIPS compliant with the usage of Tomcat, 
>>> without the above setting? We were thinking of using BouncyCastle 
>>> FIPS as the underlying Java crypto provider instead of OpenSSL for 
>>> multiple reasons.
>>>
>>> Are there any other dependencies Tomcat has on the underlying stack, 
>>> besides that provided by a Java crypto provider like BC-FIPS, having 
>>> a bearing on FIPS compliance?
>>>
>>> Please advise, as this is urgent for a FIPS compliance decision.
>>>
>>
>> Please check the README of this project - 
>> https://github.com/amitlpande/tomcat-9-fips
>> Amit Pande recently shared it here at users@.
>>
>> Regards,
>> Martin
>>
>>
>>>
>>> Thanks,
>>> Avik Ray
>>>
>>> --------------------------------------------------------------------
>>> - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
>>> For additional commands, e-mail: users-h...@tomcat.apache.org
>>>
>>>
>>
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB  [  
X  ܚX KK[XZ[  \ \  ][  X  ܚX P X ]  \X K ܙ B  ܈Y][ۘ[  [X[  
K[XZ[  \ \  Z[ X ]  \X K ܙ B 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to