[FFE] FIPS compatibility patches
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
We have an open MR with a handful of FIPS compatibilty changes we wore hoping
to get into 24.04. The main purpose of the changes is to detect whether the
kernel is running in FIPS mode and adjust the behavior of the library
accordingly by loading the correct provider backend and using defaults that
are FIPS compliant (no md5, DES etc) instead trying to use non-compliant code
paths and crashing.
The proposed patches were taken from the OpenSSL version shipped in the FIPS
archive at esm.ubuntu.com for 22.04. Having them in the regular archive will
reduce the maintenance work significantly. None of the changes should have any
impact on running OpenSSL in regular (non-fips) mode.
Below is a detailed list of the changes:
- d/p/fips/
This adds a new internal API to determine whether the kernel has been booted
in FIPS mode. This can be overridden with the OPENSSL_
environment variable. OPENSSL_
alternative path for the fips_enabled file and is used in tests.
The FIPS_MODULE switch can be used to enable build of the the FIPS provider
module specific parts which are not needed in the OpenSSL library itself.
- d/p/fips/
This automatically configures all library contexts to use the FIPS provider when
the kernel is booted in FIPS mode by:
- Setting "fips=yes" as the default property for algorithm fetches
- Loading and activating the FIPS provider as the fallback provider.
If applications load providers via a configuration either because the default
configuration is modified or they override the default configuration, this
disables loading of the fallback providers. In this case, the configuration
must load the FIPS provider when FIPS mode is enabled, else algorithm fetches
will fail
Applications can choose to use non-FIPS approved algorithms by specifying the
"-fips" or "fips=no" property for algorithm fetches and loading the default
provider.
- d/p/fips/
Omit unavailable algorithms in FIPS mode
- d/p/fips/
The -propquery argument might be used to define a preference for which provider
an algorithm is fetched from. Set the query properties for the library context
DRBG fetches as well so that they are fetched with the same properties.
- d/p/fips/
This test uses 2 library contexts - one context for creating initial test keys,
and then another context (or the default context) for running tests. There is an
issue that during the encoding tests, the OSSL_ENCODER_CTX is created from the
created EVP_PKEYs, which are associated with the library context used to create
the keys. This means that encoding tests run with the wrong library context,
which always uses the default provider.
These changes are now included in a larger MR with other changes in the same package version: https:/
The now-superseded MR is at https:/
Since OpenSSL just received another big update to 3.0.13 we had to rebase our changes
and will have to rerun our install/upgrade tests.
A test build is also available at https:/
description: | updated |
Changed in openssl (Ubuntu): | |
milestone: | none → ubuntu-24.03 |
milestone: | ubuntu-24.03 → ubuntu-24.04 |
Changed in openssl (Ubuntu): | |
status: | Triaged → Fix Committed |
As promised, here are some more details on how I tested:
- been running autopkgtest locally and made sure they pass (log attached)
- installed it on my local development machine to see if anything breaks
- tested the upgrade in a lxd container, made sure openssl speed works and does the right thing
- built and installer a FIPS provider for 24.04 and made sure everything still works when forcing FIPS mode