[strongSwan] strongswan and FIPS
Sach K
sacho.polo at gmail.com
Wed Apr 21 06:09:10 CEST 2021
Thank you Kaleb for the response. We plan to use rhel 8 or canonical's
ubuntu that are fips certified and comes with a compliant openssl library.
Will reach out to wolfssl if that does not work out.
-sk
> Date: Mon, 19 Apr 2021 10:53:44 -0600
> From: kaleb himes <kaleb at wolfssl.com>
> To: users at lists.strongswan.org
> Subject: Re: [strongSwan] strongswan and FIPS
> Message-ID: <0F55242D-A4CF-4E78-8FDA-AF232E4AF20B at wolfssl.com>
> Content-Type: text/plain; charset="utf-8"
>
> In response to sk post regarding FIPS and strongswan, Please find
> responses inline below:
>
> >>
> >> Hello,
> >>
> >> I had a few questions about strongswan and FIPs mode. Some of the
> earlier discussions and threads on the subject have been great help, but I
> need help with some clarifications. Your help would be greatly appreciated.
> >>
> >> 1. We use version 5.1.3 of strongswan with a few patches from later.
> Would there be any advantages (related to FIPs compliance) by moving to a
> more recent version? I understand moving to higher versions is better for
> general sense, but for FIPs - would it matter?
>
> Upgrading to wolfCrypt FIPS certificate 3389 is another option. See this
> blog post for more info: https://www.wolfssl.com/strongswan-wolfssl-fips/
>
> >> 2. I was able to get our version to compile with FIPS mode 2, and was
> able to replace the ALG usage in ike (as seen in ipsec listalgs) to use
> openssl plugin. This plugin would use the underlying openssl library on the
> system and that openssl library is fips compatible and has the fips object
> module for openssl installed. Would that be sufficient to say we are
> running strongswan in fips mode? The strongswan libraries that implement
> crypto and hmac are not compiled and packaged. We want to get everything
> from openssl.
>
> Your FIPS lab should make the decision on this question, this is not
> something the mailing list could likely address. Oh, by the way, just be
> aware OpenSSL FIPS certificates are both expired (links provided below) and
> according to OpenSSL’s FIPS page (https://www.openssl.org/docs/fips.html <
> https://www.openssl.org/docs/fips.html>) OpenSSL is no longer planning on
> doing FIPS so you’ll need to validate OpenSSL on your own or use an
> alternate crypto library that has an up-to-date certificate!
>
>
> https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747
> <
> https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747>
> - Historical List
>
> https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/2398
> <
> https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/2398>
> - Historical List
>
>
> >>
> >> 3. Are there any other crypto implementations in strongswan that cannot
> be turned off by autoconf compile flags?
> >>
> >> 4. Even when compiled in FIPS mode, I noticed that MD4, MD5, modp768
> and such are listed in ipsec stroke listalgs. To disable them, I had to
> pass in the appropriate OPENSSL #ifdef compile flags via CFLAGS during
> compilation. Is there a better way to do this, if I want to turn off the
> non-fips compliant weaker algs?
>
> Your FIPS lab will probably ask you to prove through profiling that these
> algos are not being called during operational testing and code-review phase
> of a FIPS validation effort.
>
> >>
> >> 5. Is there a difference between IKEv1 and IKEv2 compliance when it
> comes to FIPS? Canonical's FIPs document for strongswan at NIST only
> mentions IKEv2. I read that FIPS needs 128 bit keys and such, and since
> IKEv1 can support 8 bytes (64 bits) nonces, would IKEv1 be considered
> incompatible? Since strongswan uses 32 byte nonces, would that be
> considered compliant for FIPS?
>
> FIPS is clear about banned algos. They are banned for good reasons.
>
> >>
> >> Thank you for reading this. Any help with the answers would be greatly
> appreciated.
> >>
> >> regards,
> >> sk
>
> If you have any other questions wolfSSL employs a few FIPS experts and
> would be happy to address any questions if you email "fips [at] wolfssl
> [dot] com”.
>
> Warmest Regards,
>
> Kaleb Himes
> Software Engineer
> www.wolfssl.com
>
> If you appreciate your experience with wolfSSL
> please leave us a star at https://github.com/wolfSSL/wolfssl!
>
> TLS1.3 IS AVAILABLE in wolfSSL!
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://lists.strongswan.org/pipermail/users/attachments/20210419/f0bd7320/attachment-0001.html
> >
>
> End of Users Digest, Vol 135, Issue 9
> *************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210420/8deecf7f/attachment.html>
More information about the Users
mailing list