README-FIPS.txt - Roman Drahtmueller , Wed Nov 2 2011 * general information * FIPS-140-2 mode of operation * overview: openssl subpackages on SLES11-SP1 ============================================================================== * general information ============================================================================== Dear user of the SUSE Linux Enterprise Server, SLES11-SP1 comes with openssl of version 0.9.8j, a version upgrade from 0.9.8h that came with earlier revisions of SLES11. The new version has support for FIPS-140-2 mode of operation. FIPS is short for Federal Information Processing Standard. For more information on FIPS-140-2, please see http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf and more publications on the NIST website. The openssl shared libraries are used by numerous packages in the SUSE Linux Enterprise Server. If the library runs in FIPS-140-2 mode, then the binary that links against the library at runtime makes use of FIPS-140-2 validated cryptography as defined in its cryptographic module. By consequence, a large number of packages can make a claim about using FIPS-140-2 validated cryptographical functions. The cryptographic module as defined for FIPS-140-2 is contained in the files /usr/lib64/.libcrypto.so.0.9.8.hmac /usr/lib64/.libssl.so.0.9.8.hmac /usr/lib64/libcrypto.so.0.9.8 /usr/lib64/libssl.so.0.9.8 for 64bit operation and /usr/lib/.libcrypto.so.0.9.8.hmac /usr/lib/.libssl.so.0.9.8.hmac /usr/lib/libcrypto.so.0.9.8 /usr/lib/libssl.so.0.9.8 for 32bit. The .hmac files contain a HMAC for the internal integrity checking. They are produced as one of the last steps during the RPM build process. If the library starts up in FIPS mode, the .hmac files are read, and the checksum is verified against a new self-measurement. In non-FIPS mode, the .hmac files are not used. The openssl library operates in non-FIPS mode by default. * FIPS-140-2 mode of operation ============================================================================== The openssl library operates in non-FIPS mode by default. There are three ways to switch the shared libraries listed above to FIPS-140-2 compliant mode: 1) Start your system with the kernel commandline option "fips=1". To change the configuration for your system on a permanent basis, please add the command line option to the corresponding line in the bootloader configuration, typically /boot/grub/menu.lst . You can check if the kernel has accepted the commandline option at boot by inspecting the content of the file /proc/sys/crypto/fips_enabled . Please note that the fips=1 kernel commandline option switches the kernel's crypto API to FIPS mode operation, too. As a consequence, some of the in-kernel cryptographical functions may become unavailable. As of the writing of this README-FIPS.txt, the kernel's crypto API in the SUSE Linux Enterprise Server was NOT FIPS-140-2 validated! 2) set the environment variable OPENSSL_FORCE_FIPS_MODE to "1": export OPENSSL_FORCE_FIPS_MODE=1 and run your application with this environment variable set. The FIPS-140-2 mode of operation is only given in the context of processes that have OPENSSL_FORCE_FIPS_MODE set, unless the global switch as in 1) above is active. 3) In your program, use the exported function int FIPS_mode_set(int onoff); to turn on FIPS-140-2 compliant mode. The library will conduct the mandatory self-tests and the integrity check that makes use of the .hmac files mentioned above. The function int FIPS_mode(void); can be used to check if the library operates in FIPS-140-2 compliant mode. It returns 1 in FIPS mode, 0 otherwise. Notes: - An easy way to verify if your openssl cryptography subsystem operates in FIPS-140-2 compliant mode is to look at the output of the openssl ciphers command. In FIPS-140-2 compliant mode, the output lists fewer algorythms. - The startup time of programs that initialize the openssl shared libraries in FIPS-140-2 compliant mode is considerably longer due to the self-tests that are being executed. On fast systems, the startup overhead can be in the range of 0.05-0.3s. The startup time is two orders of a magnitude smaller in non-FIPS mode. Please note that the self-test overhead only occurs during the initialization of the cryptographic module. There is no other performance impact of FIPS-140-2 compliant operation of the library. - The environment variable OPENSSL_FIPS can be set to force the /usr/bin/openssl binary to operate in FIPS-140-2 compliant mode: OPENSSL_FIPS=1 openssl ciphers The variable OPENSSL_FIPS has an effect on the openssl binary only. - Services and daemons that make use of the openssl shared libraries in FIPS-140-2 compliant mode need to be configured to use algorythms from the list of permissable algorythms. If an algorythm is requested by an application that is not allowed in FIPS-140-2 compliant mode, the application will terminate (abort(3)). Please see the FIPS-140-2 Security Policy document for the openssl FIPS module on the SUSE Linux Enterprise Server 11 SP1 from the SUSE website at http://www.suse.com/ or the NIST website at http://csrc.nist.gov/ for more details. - If you have any questions about the FIPS-140-2 compliant mode of openssl, please send email to security@suse.com. * overview: openssl subpackages on SLES11-SP1 ============================================================================== The openssl package consists of the following RPM package: openssl - manual pages - the /etc/ssl configuration directory - the /usr/bin/openssl program - /usr/bin/fips_standalone_sha1, the program used to reproduce the integrity HMAC that is contained in the package: libopenssl0_9_8 - files: /usr/lib64/.libcrypto.so.0.9.8.hmac /usr/lib64/.libssl.so.0.9.8.hmac /usr/lib64/libcrypto.so.0.9.8 /usr/lib64/libssl.so.0.9.8 /usr/lib64/engines /usr/lib64/engines/lib4758cca.so /usr/lib64/engines/libaep.so /usr/lib64/engines/libatalla.so /usr/lib64/engines/libcapi.so /usr/lib64/engines/libchil.so /usr/lib64/engines/libcswift.so /usr/lib64/engines/libgmp.so /usr/lib64/engines/libnuron.so /usr/lib64/engines/libsureware.so /usr/lib64/engines/libubsec.so libopenssl0_9_8-32bit - files as in package libopenssl0_9_8, but in /usr/lib The .so libraries are for the 32bit compatibility mode of the openssl library. libopenssl-devel - header files and static libraries for compiling applications with the openssl library. Please note that running binaries that are statically linked against openssl libraries is not supported in terms of FIPS-140-2 compliance. openssl-doc - more documentation and manual pages. openssl-debuginfo openssl-debugsource - packages that provide debugging symbols and debugging source code for running binaries (dynamically) linked against libopenssl0_9_8 in a debugger. openssl-certs - CA certificate collection in /etc/ssl/certs The openssl-certs package is not a subpackage of the openssl package, but it merely provides CA certificates where the openssl package finds them.