Refactor openssl.FIPS to support third-party FIPS providers #184
Conversation
qmuntal
requested review from
ueno,
karianna,
derekparker,
dagood and
gdams
There was a problem hiding this comment.
The downside is that if FIPS mode is configured (aka
fips=1in the default properties) but the FIPS provider is missing, thenopenssl.FIPSwill return true and the user won't notice that FIPS mode is unusable until it tries to use an algorithm, e.g. callingsha256.New.
It looks like if a Go fork wanted to keep this init-time check working and only expects to ever run with the built in OpenSSL FIPS provider, there would just need to be a new Go-side func added to let that Go fork run the old check. (But if nobody actually cares, there's no need to add a func like that.)
qmuntal
changed the title
qmuntal
changed the title
|
@dagood I made up my mind a bit with this this PR. I was too much of a breaking change. I've added a provider-agnostic check so the new behavior is less disruptive. Please take another look. |
| return 0; | ||
| if (EVP_default_properties_is_fips_enabled == NULL || EVP_MD_fetch == NULL || EVP_MD_free == NULL) { | ||
| // Shouldn't happen, but if it does, we can't determine if FIPS mode is enabled. | ||
| return 0; |
There was a problem hiding this comment.
A false negative for FIPS mode does seem nearly harmless, but it also seems like it would be pretty simple to return and handle -1 or 2 or something just to be sure.
There was a problem hiding this comment.
The only thing with the current openssl.CheckVersion API is to log the error or panic, as it doesn't return any error value. I wouldn't say it is a false negative, if those functions are not available then we won't be able to use the shared library properly, even less in FIPS mode.
Co-authored-by: Davis Goodin <[email protected]>
Our current
openssl.FIPSimplementation only works with the built-in FIPS provider, as it checks whether it is available or not to determine if FIPS is enabled, which precludes using other FIPS providers.This PR removes the
OSSL_PROVIDER_available(nil, "fips")check fromopenssl.FIPSso it is not tied to the built-in provider.The new implementation should be as good as the previous: if
EVP_default_properties_is_fips_enabledreturns1, we can be sure that only providers matching thefips=1property will be used, so we can say that FIPS mode is enabled. To avoid breacking backwards compatibility, I've added an additional check that tried to fetch a SHA256 digets using the default properties (which should containfips=1at that point). If it succeeds, then it means that there is a provider that matches thefips=1query.