The example in this section configures an Oracle Solaris system to run SSH and the Apache Web Server in FIPS 140 mode. The system is an Oracle SPARC T5-2, so the Cryptographic Framework takes advantage of cryptographic acceleration on the SPARC T5 processor.
The main steps are:
Create and boot into a BE that you will configure for FIPS 140-2 Level 1.
In the new BE, enable the FIPS 140 providers.
Enable two consumers, SSH and the Apache Web Server.
Modify the policy.conf file to remove interoperability with systems that do not use FIPS 140 password hashes.
Boot into the FIPS 140 BE.
Test.
The following example describes the detailed actions you would take to accomplish this configuration.
Create a BE based on your current configuration and boot it.
# beadm create S11.2-FIPS-140 # beadm activate S11.2-FIPS-140 # reboot
In the new BE, enable FIPS 140 mode in the Cryptographic Framework.
# cryptoadm enable fips-140
Enable FIPS 140 mode in the OpenSSL module.
Ensure that the OpenSSL FIPS 140 module is on the system.
# pkg mediator -a openssl MEDIATOR VER. SRC. VERSION IMPL. SRC. IMPLEMENTATION openssl vendor vendor default openssl system system fips-140
Caution - If you switched to the OpenSSL module and it was not on the system, the system might become unusable. |
Enable the FIPS 140 OpenSSL provider.
# pkg set-mediator -I fips-140 openssl
Configure and enable the SSH consumer in FIPS 140 mode.
These steps work for Oracle Solaris 11.2, Oracle Solaris 11.1 SRU 5.5, and Oracle Solaris 11.1 SRU 3.
Configure the sshd_config and ssh_config files to use FIPS 140 mode.
Add the following information to the end of the files:
# pfedit /etc/ssh/sshd_config /etc/ssh/ssh_config ## This machine operates in FIPS 140 mode. SSH in FIPS 140 mode cannot ## use the OpenSSL engine. UseOpenSSLEngine yes has no effect. UseFIPSmode yes UseOpenSSLEngine no
Generate a private key in PKCS #8 format for use with SSH in FIPS 140 mode.
Follow the instructions in How to Set Up X.509 for Secure Shell on Oracle Solaris 11. Then, create your private key with the ssh-keygen command.
When you use the ssh-keygen command, the default key length is 1024, which is not a validated length. You must specify a valid key length by using the –b option.
Configure the Apache Web Server to use FIPS 140 cryptography.
Generate the web server certificate by using a FIPS 140 algorithm at a validated key length.
For example, use the pktool command and specify a 2048-bit RSA key and a SHA-384 hash.
# pktool gencert keystore=pkcs11 \ > label=fipskey \ > subject "/C=CTRY/ST=County area/L=City/CN=`hostname`" \ > keytype=rsa hash=sha384 keylen=2048 \ > serial 0xnnnnnnnn
Create the ssl.conf configuration file.
# cp /etc/apache2/2.2/samples-conf.d/ssl.conf /etc/apache2/2.2/conf.d/
For clarity, comment on the use of the PKCS #11 engine.
# pfedit /etc/apache2/2.2/conf.d/ssl.conf ## Enable Solaris crypto framework ## This machine operates in FIPS 140 mode. ## In Oracle Solaris, use the pkcs11 engine ## because the engine is FIPS 140-validated. SSLCryptoDevice pkcs11
Ensure that other keying information is correctly configured for your site policy.
# grep ^SSLCipherSuite /etc/apache2/2.2/conf.d/ssl.conf SSLCipherSuite AES256-SHA:AES128-SHA # grep ^SSLHonorCipherOrder /etc/apache2/2.2/conf.d/ssl.conf SSLHonorCipherOrder on
Complete your site configuration of the web server.
For example, on an Oracle Solaris 11.2 system, specify the SSL protocol versions.
# grep ^SSLProtocol /etc/apache2/2.2/conf.d/ssl.conf SSLProtocol all -SSLv2 -SSLv3
Prevent the use of a non-FIPS 140 password hash by removing 2a as an allowable hash.
# pfedit /etc/security/policy.conf CRYPT_ALGORITHMS_ALLOW=5,6
After the consumers are configured, reboot the BE.
# reboot
Test the configuration.
Verify that the providers are operating in FIPS 140 mode.
The following output indicates that the Cryptographic Framework is operating in FIPS 140 mode.
# cryptoadm list fips-140 User-level providers: ===================== /usr/lib/security/$ISA/pkcs11_softtoken: FIPS-140 mode is enabled. Kernel providers: ================= des: FIPS-140 mode is enabled. aes: FIPS-140 mode is enabled. ecc: FIPS-140 mode is enabled. sha1: FIPS-140 mode is enabled. sha2: FIPS-140 mode is enabled. rsa: FIPS-140 mode is enabled. swrand: FIPS-140 mode is enabled. Kernel hardware providers: =========================: n2rng: FIPS-140 mode is enabled.
The following output indicates that OpenSSL is operating in FIPS 140 mode.
# pkg mediator openssl MEDIATOR VER. SRC. VERSION IMPL. SRC. IMPLEMENTATION openssl system system fips-140
Create and change several passwords, then verify that the correct hash was used.
# passwd admin New Password: xxxxxxxx Re-enter Password: xxxxxxxx # grep admin /etc/shadow admin:$5$......:::::::
The 5 at the beginning of the admin entry indicates that the SHA256 password hash was used.
Trace the Apache Web Server's cryptographic use.
In a terminal window, trace the Apache Web Server cryptographic calls.
# truss -w \!all -t \!all -v \!all \ -u libpkcs11::C_GenerateRandom \ -u libpkcs11::C_EncryptUpdate \ -u libpkcs11::C_Decrypt \ -u libpkcs11::C_DigestUpdate \ -f /usr/apache2/2.2/bin/httpd -k start
Send a web server request and review the output for use of the PKCS #11 engine.
# openssl s_client -connect localhost:443 -tls1 ... GET / HTTP/1.0 ... /** PKCS #11 engine sample output **/ 27435/1@1: -> libpkcs11:C_EncryptUpdate(0x1087f58, 0x1802198, 0x140, 0x1802198) 27435/1@1: <- libpkcs11:C_EncryptUpdate() = 0 27435/1@1: -> libpkcs11:C_DigestUpdate(0x1087f18, 0xffbff25c, 0xd, 0xfe178000) 27435/1@1: <- libpkcs11:C_DigestUpdate() = 0 ...
Test SSH login from a non-FIPS 140 system and a FIPS 140 system.
Review the log files for SSH and the Apache Web Server.
SSH returns errors when FIPS 140 algorithms are not being used.
(Optional) To prevent the use of non-FIPS 140 algorithms by all Cryptographic Framework consumers, disable the non-FIPS 140 mechanisms.
The following set of commands prevents the use of kernel algorithms that are not validated for FIPS 140 mode.
# cryptoadm -vm/** truncated list shows only non-FIPS 140 algorithm mechanisms **/ ... Kernel providers: ================= des: CKM_DES_ECB,CKM_DES_CBC,CKM_DES3_ECB,CKM_DES3_CBC arcfour: CKM_RC4 blowfish: CKM_BLOWFISH_ECB,CKM_BLOWFISH_CBC camellia: CKM_CAMELLIA_ECB,CKM_CAMELLIA_CBC md4: CKM_MD4 md5: CKM_MD5,CKM_MD5_HMAC,CKM_MD5_HMAC_GENERAL # cryptoadm disable provider=des mechanism=CKM_DES_ECB,CKM_DES_CBC # cryptoadm disable provider=arcfour mechanism=all # cryptoadm disable provider=blowfish mechanism=all # cryptoadm disable provider=camellia mechanism=all # cryptoadm disable provider=md4 mechanism=all # cryptoadm disable provider=md5 mechanism=all
The following command shows the policy for Cryptographic Framework kernel providers after you disable non-FIPS 140 mechanisms.
# cryptoadm list -p ... des: all mechanisms are enabled, except CKM_DES_CBC,CKM_DES_ECB. aes: all mechanisms are enabled. arcfour: no mechanisms presented. blowfish: all mechanisms are enabled, except CKM_BLOWFISH_ECB,CKM_BLOWFISH_CBC. camellia: all mechanisms are enabled, except CKM_CAMELLIA_ECB,CKM_CAMELLIA_CBC. ecc: all mechanisms are enabled. sha1: all mechanisms are enabled. sha2: all mechanisms are enabled. md4: no mechanisms presented. md5: all mechanisms are enabled, except CKM_MD5,CKM_MD5_HMAC,CKM_MD5_HMAC_GENERAL. rsa: all mechanisms are enabled. swrand: random is enabled.
To prevent the use of userland mechanisms, specify /usr/lib/security/$ISA/pkcs11_softtoken.so as the provider, then specify the mechanisms. For example, the following command disables the Camellia mechanisms in userland:
# cryptoadm disable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so \ > mechanism=CKM_CAMELLIA_ECB,CKM_CAMELLIA_CBC,CKM_CAMELLIA_KEY_GEN # cryptoadm list -p User-level providers: ===================== /usr/lib/security/$ISA/pkcs11_kernel.so: all mechanisms are enabled. /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_CAMELLIA_KEY_GEN,CKM_CAMELLIA_CBC,CKM_CAMELLIA_ECB. random is enabled.
Caution - Test the strict policy BE thoroughly before using in production. |
To stop using FIPS 140 mode, activate the original BE and reboot.
# beadm activate original-BE # reboot