How to check FIPS 140-2 support in OpenSSL?
How do I check whether OpenSSL has is providing FIPS validated cryptanalysis or not ?
It depends on how and when you want to check. It besides depends on the application .
FIPS could be available but not used. So an application must enable the validate cryptography via
FIPS_mode_set, and the call must succeed .
If you want to check if the FIPS Capable Library, such as OpenSSL 1.0.1e, was configured to use the FIPS Object Module, then you can :
$ cat /usr/local/ssl/include/openssl/opensslconf.h | grep -A 2 -i fips #ifndef OPENSSL_FIPS # define OPENSSL_FIPS #endif
OPENSSL_FIPS tells you the FIPS Capable Library was configured to use FIPS Object Module. So the FIPS validated cryptography is available .
OPENSSL_FIPS does not mean the application is using the FIPS validated cryptanalysis, though. The application must call
FIPS_mode_set, and the function must return success .
At runtime, you can print the string associated with the surveil ( its taken from code I use specifically for this ) :
ostringstream oss; oss << OPENSSL_VERSION_TEXT; LogVersion(oss.str().c_str());
The code will produce a logarithm submission like to the following :
Read more: Dual_EC_DRBG - Wikipedia
Version: OpenSSL 1.0.1f-fips 6 Jan 2014
You can audit the module with a few tricks. For case, the follow will test for some symbols that must be present if feasible is in truth FIPS .
In this subject, I 'm testing the OpenSSL FIPS Capable shared object. If the application links to
libcrypto.a, then you can audit the program preferably than the OpenSSL shared object .
$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_* 00000000000c7f60 T ERR_load_FIPS_strings 00000000000c2250 T FIPS_add_error_data 00000000000c3900 T FIPS_add_lock 0000000000082820 T FIPS_bn_bin2bn 0000000000082980 T FIPS_bn_bn2bin 0000000000082760 T FIPS_bn_clear 0000000000082350 T FIPS_bn_clear_free 00000000000823d0 T FIPS_bn_free 0000000000087c90 T FIPS_bn_generate_prime_ex 0000000000082790 T FIPS_bn_get_word 0000000000082d20 T FIPS_bn_is_bit_set 0000000000087c80 T FIPS_bn_is_prime_ex 0000000000087750 T FIPS_bn_is_prime_fasttest_ex ...
You besides have the symbols from
$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_text_* 00000000000c4520 T FIPS_text_end 000000000007b340 T FIPS_text_start $ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_rodata* 00000000001e1e20 R FIPS_rodata_end 00000000001d8ce0 R FIPS_rodata_start $ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_signature* 00000000004696c0 B FIPS_signature $ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_incore* 000000000007b5a0 T FIPS_incore_fingerprint
immediately, this is truly furtive. You can check that the faculty includes the self tests. For exercise,
fips_drbg_selftest.h will include the surveil bytes its self tests :
Read more: How to Track an iPhone From an Android Phone
0x2e,0xbf,0x98,0xf9,0x85,0x27,0x8b,0xff,0x36,0xb9,0x40,0x0b, 0xc0,0xa1,0xa0,0x13,0x20,0x06,0xcc,0xe6,0x2a,0x03,0x77,0x7d, 0xee,0xde,0xcc,0x34,0xe3,0xcd,0x77,0xea,0xd0,0x3e,0xbe,0xdd, 0xf6,0x15,0xfb,0xa7,0xd7,0x8e,0xd0,0x2e,0x2f,0x82,0x4c,0xc7, 0x87,0xb1,0x6f,0xc5,0xf8,0x5c,0x78,0xde,0x77,0x9b,0x15,0x9a, 0xb9,0x3c,0x38
And you can verify the developer ran
macho_incore on their feasible to embed the FIPS fingerprint by dumping the 20 bytes of the symbol
FIPS_signature. If its 20 bytes of 0 's ( the default from
fips_premain.c ), then the fingerprint was not embedded and
FIPS_mode_set will fail. So its not possible to use FIPS validated cryptanalysis in this subject .
Update : I uploaded a skid deck I have on the subject to the OpenSSL wiki. Its called construction Applications using OpenSSL Validated Cryptography : Notes from the Field for Developers and Auditors. You will want to review the material starting around Slide 18 .
I built the slide deck for OWASP but there 's was no interest in receiving it. I know push-down storage Overflow frowns upon links like the one on the OpenSSL wiki, but I do n't know how to provide a 35+ skid deck hera .
Category : crypto topics