Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FIPS 186-4 / SP800-56B - RSA Key Generation & Validation (FIPS) #6652

Closed
wants to merge 2 commits into from

Conversation

@slontis
Copy link
Contributor

@slontis slontis commented Jul 5, 2018

Additional changes for SP800-56B r2 have been added i.e

  • keygen: keysizes are no longer just 2048 and 3072)
  • validation: the prime factors p,q can be recovered from n,e,d.

Checklist

  • tests are added or updated
@mattcaswell mattcaswell added this to the Post 1.1.1 milestone Jul 5, 2018
@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Jul 5, 2018

Travis failures look relevant.

crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
@richsalz richsalz changed the title FIPS 186-4 / SP800-56B - RSA Key Generation & Validation (FIPS) WIP: FIPS 186-4 / SP800-56B - RSA Key Generation & Validation (FIPS) Jul 5, 2018
crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
crypto/bn/bn_rsa_fips186_4.c Outdated
case 3072:
min_bits = 171;
break;
default:

This comment has been minimized.

@t-j-h

t-j-h Aug 30, 2018
Member

Needs to add support for > 3072 ... 4096 should be possible.

This comment has been minimized.

@slontis

slontis Aug 31, 2018
Author Contributor

I was following the SP800-56Br1 doc. It has changed in the 56Br2 draft docs.
Will update

This comment has been minimized.

@slontis

slontis Oct 5, 2018
Author Contributor

Code has now been updated.

This comment has been minimized.

@mattcaswell

mattcaswell Mar 8, 2019
Member

Code has now been updated.

Has it? I still don't see support for >3072

This comment has been minimized.

@slontis

slontis Mar 9, 2019
Author Contributor

Err No. Not sure how I managed to lose those changes. Redoing.

This comment has been minimized.

@netcazean

netcazean Aug 30, 2019

Did I do something wrong?

@kroeckx kroeckx self-requested a review Sep 28, 2018
@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Oct 2, 2018

I think the "hold" label for this can be removed now?

@slontis slontis force-pushed the slontis:FIPS-rsa-keygen branch 4 times, most recently Feb 18, 2019
@paulidale paulidale added this to In progress in 3.0 New Core + FIPS via automation Feb 27, 2019
@paulidale paulidale modified the milestones: Post 1.1.1, 3.0.0 Feb 27, 2019
@slontis slontis changed the title WIP: FIPS 186-4 / SP800-56B - RSA Key Generation & Validation (FIPS) FIPS 186-4 / SP800-56B - RSA Key Generation & Validation (FIPS) Feb 28, 2019
@slontis
Copy link
Contributor Author

@slontis slontis commented Mar 4, 2019

ping

@paulidale
Copy link
Contributor

@paulidale paulidale commented Mar 7, 2019

Ping?

@slontis
Copy link
Contributor Author

@slontis slontis commented Mar 7, 2019

ping

Copy link
Member

@mattcaswell mattcaswell left a comment

Still going through this. Review comments so far

crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
crypto/bn/bn_prime.c Show resolved Hide resolved
crypto/bn/bn_rsa_fips186_4.c Show resolved Hide resolved
crypto/bn/bn_rsa_fips186_4.c Show resolved Hide resolved
crypto/bn/bn_rsa_fips186_4.c Outdated Show resolved Hide resolved
crypto/bn/bn_rsa_fips186_4.c Outdated Show resolved Hide resolved
crypto/bn/bn_rsa_fips186_4.c Show resolved Hide resolved
crypto/rsa/rsa_chk.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_gen.c Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_check.c Outdated Show resolved Hide resolved
3.0 New Core + FIPS automation moved this from Reviewer approved to Needs review Mar 7, 2019
crypto/rsa/rsa_sp800_56b_check.c Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_check.c Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
@slontis slontis force-pushed the slontis:FIPS-rsa-keygen branch 2 times, most recently Mar 8, 2019
crypto/bn/bn_rsa_fips186_4.c Outdated
case 3072:
min_bits = 171;
break;
default:

This comment has been minimized.

@mattcaswell

mattcaswell Mar 8, 2019
Member

Code has now been updated.

Has it? I still don't see support for >3072

crypto/bn/bn_rsa_fips186_4.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_check.c Outdated Show resolved Hide resolved
@slontis slontis force-pushed the slontis:FIPS-rsa-keygen branch Mar 9, 2019
3.0 New Core + FIPS automation moved this from Needs review to Reviewer approved Mar 11, 2019
Copy link
Member

@mattcaswell mattcaswell left a comment

Approved - @paulidale to reconfirm?

Copy link
Contributor

@paulidale paulidale left a comment

Reapproved with some trivial nits.
@mattcaswell could you please merge this.

crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
crypto/bn/bn_prime.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_check.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_check.c Outdated Show resolved Hide resolved
crypto/rsa/rsa_sp800_56b_gen.c Outdated Show resolved Hide resolved
@slontis slontis force-pushed the slontis:FIPS-rsa-keygen branch to 0782780 Mar 12, 2019
@slontis
Copy link
Contributor Author

@slontis slontis commented Mar 12, 2019

rebased with small nit changes from Paul

@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Mar 12, 2019

Pushed. Thanks.

3.0 New Core + FIPS automation moved this from Reviewer approved to Done Mar 12, 2019
levitte pushed a commit that referenced this pull request Mar 12, 2019
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from #6652)
levitte pushed a commit that referenced this pull request Mar 12, 2019
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from #6652)
@lengocthuong15
Copy link

@lengocthuong15 lengocthuong15 commented Jun 24, 2020

Hey guys, I am kind of new to FIPS, I have some questions and it is nice if anyone can help.
Does this PR suppose to support FIPS 186-4?
And if yes, does it include in OpenSSL-1.0.2u?
Thank you.

@slontis
Copy link
Contributor Author

@slontis slontis commented Jun 24, 2020

Hey guys, I am kind of new to FIPS, I have some questions and it is nice if anyone can help.
Does this PR suppose to support FIPS 186-4?
And if yes, does it include in OpenSSL-1.0.2u?
Thank you.

This PR has been closed for a while now :)
It is probably better to ask a question by creating an issue in future.

FIPS-186-4 (https://csrc.nist.gov/publications/detail/fips/186/4/final) is just one piece of FIPS.
This PR just has the RSA part.

Have a look at the table at the end of https://www.openssl.org/docs/OpenSSL300Design.html to see
what algorithms are being included in the new fips module.


The answer to the 1.0.2 question is NO.
Have a look at https://www.openssl.org/docs/fips.html
In the security policy document for the old FOM it lists the algorithms..
So while it does have some FIPS-186-4 algorithms you will see that RSA uses FIPS-186-2.
For the old fips module RSA key generation is not compliant with FIPS-186-4.

@lengocthuong15
Copy link

@lengocthuong15 lengocthuong15 commented Jun 24, 2020

Thank you for your support!
I am using OpenSSL 1.0.2u with FIPS Object Module 2.0. I want to make it compliant with FIPS 186-4. And as I know, it is not supported for FIPS 186-4. I am looking for a patch and I found this one https://src.fedoraproject.org/rpms/openssl/c/3f43f7e93a6d19e2fbb94382a67c856bcacb06cd?branch=master
But I think it is not working with my case. Do you have any suggestions?

@slontis
Copy link
Contributor Author

@slontis slontis commented Jun 24, 2020

Thank you for your support!
I am using OpenSSL 1.0.2u with FIPS Object Module 2.0. I want to make it compliant with FIPS 186-4. And as I know, it is not supported for FIPS 186-4. I am looking for a patch and I found this one https://src.fedoraproject.org/rpms/openssl/c/3f43f7e93a6d19e2fbb94382a67c856bcacb06cd?branch=master
But I think it is not working with my case. Do you have any suggestions?

That patch was done on 1.02i so it may not work on 1.0.2u. It was also done for the fedora operating system so the changes might not be relevant.. Part of the change was for RSA keygen, the other bit in there is another fips requirement related to self testing.
I hope that you are aware that any changes to fips code, means the code needs to be revalidated by a lab, in order to still be FIPS compliant (Otherwise you are wasting your time :)). I dont think that you can even revalidate it without major changes (since the FIPS processes change over time).

@lengocthuong15
Copy link

@lengocthuong15 lengocthuong15 commented Jun 24, 2020

Thank you, so appreciate!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Linked issues

Successfully merging this pull request may close these issues.

None yet

9 participants