Ed25519 and Ed448 are included in the FIPS 140-3 provider for
compatibility purposes but are flagged as "fips=no" to prevent their accidental
use. This therefore requires that applications always specify the "fips=yes"
property query to enforce FIPS correctness.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20079)
=head1 DESCRIPTION
The OpenSSL FIPS provider is a special provider that conforms to the Federal
=head1 DESCRIPTION
The OpenSSL FIPS provider is a special provider that conforms to the Federal
-Information Processing Standards (FIPS) specified in FIPS 140-2. This 'module'
+Information Processing Standards (FIPS) specified in FIPS 140-3. This 'module'
contains an approved set of cryptographic algorithms that is validated by an
accredited testing laboratory.
contains an approved set of cryptographic algorithms that is validated by an
accredited testing laboratory.
It isn't mandatory to query for any of these properties, except to
make sure to get implementations of this provider and none other.
It isn't mandatory to query for any of these properties, except to
make sure to get implementations of this provider and none other.
-The "fips=yes" property can be use to make sure only FIPS approved
+The C<fips=yes> property can be use to make sure only FIPS approved
implementations are used for crypto operations. This may also include
other non-crypto support operations that are not in the FIPS provider,
such as asymmetric key encoders,
implementations are used for crypto operations. This may also include
other non-crypto support operations that are not in the FIPS provider,
such as asymmetric key encoders,
+=head1 NOTES
+
+The FIPS provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
+consequently the property query C<fips=yes> is mandatory for applications that
+want to operate in a FIPS approved manner. The algorithms are:
+
+=over 4
+
+=item Triple DES
+
+=item EdDSA
+
+=back
+
=head1 SEE ALSO
L<openssl-fipsinstall(1)>,
=head1 SEE ALSO
L<openssl-fipsinstall(1)>,
This functionality was added in OpenSSL 3.0.
This functionality was added in OpenSSL 3.0.
+OpenSSL 3.0 includes a FIPS 140-2 approved FIPS provider.
+
+OpenSSL 3.1 includes a FIPS 140-3 approved FIPS provider.
+
=head1 COPYRIGHT
Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
=head1 COPYRIGHT
Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
[openssl_init]
providers = provider_sect
[openssl_init]
providers = provider_sect
+ alg_section = algorithm_sect
[provider_sect]
fips = fips_sect
[provider_sect]
fips = fips_sect
+ [algorithm_sect]
+ default_properties = fips=yes
+
Obviously the include file location above should match the path and name of the
FIPS module config file that you installed earlier.
See L<https://github.com/openssl/openssl/blob/master/README-FIPS.md>.
Obviously the include file location above should match the path and name of the
FIPS module config file that you installed earlier.
See L<https://github.com/openssl/openssl/blob/master/README-FIPS.md>.
if (!OSSL_LIB_CTX_load_config(fips_libctx, "openssl-fips.cnf"))
goto err;
if (!OSSL_LIB_CTX_load_config(fips_libctx, "openssl-fips.cnf"))
goto err;
+ /*
+ * Set the default property query on the FIPS library context to
+ * ensure that only FIPS algorithms can be used. There are a few non-FIPS
+ * approved algorithms in the FIPS provider for backward compatibility reasons.
+ */
+ if (!EVP_set_default_properties(fips_libctx, "fips=yes"))
+ goto err;
+
/*
* We don't need to do anything special to load the default
* provider into nonfips_libctx. This happens automatically if no
/*
* We don't need to do anything special to load the default
* provider into nonfips_libctx. This happens automatically if no
* We assume that a nondefault library context with the FIPS
* provider loaded has been created called fips_libctx.
*/
* We assume that a nondefault library context with the FIPS
* provider loaded has been created called fips_libctx.
*/
- SSL_CTX *fips_ssl_ctx = SSL_CTX_new_ex(fips_libctx, NULL, TLS_method());
+ SSL_CTX *fips_ssl_ctx = SSL_CTX_new_ex(fips_libctx, "fips=yes", TLS_method());
/*
* We assume that a nondefault library context with the default
* provider loaded has been created called non_fips_libctx.
/*
* We assume that a nondefault library context with the default
* provider loaded has been created called non_fips_libctx.
To extract the name from the B<OSSL_PROVIDER>, use
L<OSSL_PROVIDER_get0_name(3)>.
To extract the name from the B<OSSL_PROVIDER>, use
L<OSSL_PROVIDER_get0_name(3)>.
+=head1 NOTES
+
+The FIPS provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
+consequently the property query C<fips=yes> is mandatory for applications that
+want to operate in a FIPS approved manner. The algorithms are:
+
+=over 4
+
+=item Triple DES
+
+=item EdDSA
+
+=back
+
=head1 SEE ALSO
L<migration_guide(7)>, L<crypto(7)>, L<fips_config(5)>
=head1 SEE ALSO
L<migration_guide(7)>, L<crypto(7)>, L<fips_config(5)>
The FIPS module guide was created for use with the new FIPS provider
in OpenSSL 3.0.
The FIPS module guide was created for use with the new FIPS provider
in OpenSSL 3.0.
+OpenSSL 3.0 includes a FIPS 140-2 approved FIPS provider.
+
+OpenSSL 3.1 includes a FIPS 140-3 approved FIPS provider.
+
=head1 COPYRIGHT
Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
=head1 COPYRIGHT
Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
=head2 Main Changes from OpenSSL 3.0
=head2 Main Changes from OpenSSL 3.0
-There are no changes requiring additional migration measures since OpenSSL 3.0.
+The FIPS provider in OpenSSL 3.1 includes some non-FIPS validated algorithms,
+consequently the property query C<fips=yes> is mandatory for applications that
+want to operate in a FIPS approved manner. The algorithms are:
+
+=over 4
+
+=item Triple DES
+
+=item EdDSA
+
+=back
+
+There are no other changes requiring additional migration measures since OpenSSL 3.0.
projects / openssl.git / commitdiff