Using a FIPS 140 Enabled System in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014

Example of Enabling Two Applications in FIPS 140 Mode on an Oracle Solaris System

The example in this section configures an Oracle Solaris system to run SSH and the Apache Web Server in FIPS 140 mode. The system is an Oracle SPARC T5-2, so the Cryptographic Framework takes advantage of cryptographic acceleration on the SPARC T5 processor.

Note -  If you have a strict requirement to use only FIPS 140-2 validated cryptography, you must be running the Oracle Solaris 11.1 SRU 5.5 release or the Oracle Solaris 11.1 SRU 3 release. Oracle completed a FIPS 140-2 validation against the Cryptographic Framework in these two specific releases. Oracle Solaris 11.2 builds on this validated foundation and includes software improvements that address performance, functionality, and reliability. Whenever possible, you should configure Oracle Solaris 11.2 in FIPS 140-2 mode to take advantage of these improvements.

    The main steps are:

  1. Create and boot into a BE that you will configure for FIPS 140-2 Level 1.

  2. In the new BE, enable the FIPS 140 providers.

  3. Enable two consumers, SSH and the Apache Web Server.

  4. Modify the policy.conf file to remove interoperability with systems that do not use FIPS 140 password hashes.

  5. Boot into the FIPS 140 BE.

  6. Test.

The following example describes the detailed actions you would take to accomplish this configuration.

  1. Create a BE based on your current configuration and boot it.

    # beadm create S11.2-FIPS-140
    # beadm activate S11.2-FIPS-140
    # reboot
  2. In the new BE, enable FIPS 140 mode in the Cryptographic Framework.

    # cryptoadm enable fips-140
  3. Enable FIPS 140 mode in the OpenSSL module.

    Note -  If you were configuring an Oracle Solaris 11.1 SRU 3 or SRU 5.5 system, you would skip this step. You cannot enable the OpenSSL provider in Oracle Solaris 11.1.
    1. Ensure that the OpenSSL FIPS 140 module is on the system.

      # pkg mediator -a openssl
      openssl      vendor            vendor     default
      openssl      system            system     fips-140


      Caution  -  If you switched to the OpenSSL module and it was not on the system, the system might become unusable.

    2. Enable the FIPS 140 OpenSSL provider.

      # pkg set-mediator -I fips-140 openssl
  4. Configure and enable the SSH consumer in FIPS 140 mode.

      These steps work for Oracle Solaris 11.2, Oracle Solaris 11.1 SRU 5.5, and Oracle Solaris 11.1 SRU 3.

    1. Configure the sshd_config and ssh_config files to use FIPS 140 mode.

      Add the following information to the end of the files:

      # pfedit /etc/ssh/sshd_config /etc/ssh/ssh_config
      ## This machine operates in FIPS 140 mode. SSH in FIPS 140 mode cannot
      ## use the OpenSSL engine. UseOpenSSLEngine yes has no effect.
      UseFIPSmode yes
      UseOpenSSLEngine no
    2. Generate a private key in PKCS #8 format for use with SSH in FIPS 140 mode.

      Follow the instructions in How to Set Up X.509 for Secure Shell on Oracle Solaris 11. Then, create your private key with the ssh-keygen command.

      When you use the ssh-keygen command, the default key length is 1024, which is not a validated length. You must specify a valid key length by using the –b option.

  5. Configure the Apache Web Server to use FIPS 140 cryptography.

    1. Generate the web server certificate by using a FIPS 140 algorithm at a validated key length.

      For example, use the pktool command and specify a 2048-bit RSA key and a SHA-384 hash.

      # pktool gencert keystore=pkcs11 \
      > label=fipskey \
      > subject "/C=CTRY/ST=County area/L=City/CN=`hostname`" \
      > keytype=rsa hash=sha384 keylen=2048 \
      > serial 0xnnnnnnnn
    2. Create the ssl.conf configuration file.

      # cp /etc/apache2/2.2/samples-conf.d/ssl.conf /etc/apache2/2.2/conf.d/
    3. For clarity, comment on the use of the PKCS #11 engine.

      # pfedit /etc/apache2/2.2/conf.d/ssl.conf
      ## Enable Solaris crypto framework
      ## This machine operates in FIPS 140 mode.
      ## In Oracle Solaris, use the pkcs11 engine
      ## because the engine is FIPS 140-validated.
      SSLCryptoDevice pkcs11
    4. Ensure that other keying information is correctly configured for your site policy.

      # grep ^SSLCipherSuite /etc/apache2/2.2/conf.d/ssl.conf
      SSLCipherSuite AES256-SHA:AES128-SHA
      # grep ^SSLHonorCipherOrder /etc/apache2/2.2/conf.d/ssl.conf
      SSLHonorCipherOrder on
    5. Complete your site configuration of the web server.

      For example, on an Oracle Solaris 11.2 system, specify the SSL protocol versions.

      # grep ^SSLProtocol /etc/apache2/2.2/conf.d/ssl.conf
      SSLProtocol all -SSLv2 -SSLv3
  6. Prevent the use of a non-FIPS 140 password hash by removing 2a as an allowable hash.

    # pfedit /etc/security/policy.conf
  7. After the consumers are configured, reboot the BE.

    # reboot
  8. Test the configuration.

    • Verify that the providers are operating in FIPS 140 mode.

      The following output indicates that the Cryptographic Framework is operating in FIPS 140 mode.

      # cryptoadm list fips-140
      User-level providers:
      /usr/lib/security/$ISA/pkcs11_softtoken: FIPS-140 mode is enabled.
      Kernel providers:
      des: FIPS-140 mode is enabled.
      aes: FIPS-140 mode is enabled.
      ecc: FIPS-140 mode is enabled.
      sha1: FIPS-140 mode is enabled.
      sha2: FIPS-140 mode is enabled.
      rsa: FIPS-140 mode is enabled. 
      swrand: FIPS-140 mode is enabled.
      Kernel hardware providers:
      n2rng: FIPS-140 mode is enabled.

      The following output indicates that OpenSSL is operating in FIPS 140 mode.

      # pkg mediator openssl
      openssl      system             system  fips-140
    • Create and change several passwords, then verify that the correct hash was used.

      # passwd admin 
      New Password: xxxxxxxx
      Re-enter Password: xxxxxxxx
      # grep admin /etc/shadow

      The 5 at the beginning of the admin entry indicates that the SHA256 password hash was used.

    • Trace the Apache Web Server's cryptographic use.

      1. In a terminal window, trace the Apache Web Server cryptographic calls.

        Note -  To truss all PKCS #11 library calls, use -u libpkcs11:.
        # truss -w \!all -t \!all -v \!all \
        -u libpkcs11::C_GenerateRandom \
        -u libpkcs11::C_EncryptUpdate \
        -u libpkcs11::C_Decrypt \
        -u libpkcs11::C_DigestUpdate \
        -f /usr/apache2/2.2/bin/httpd -k start
      2. Send a web server request and review the output for use of the PKCS #11 engine.

        # openssl s_client -connect localhost:443 -tls1
        GET / HTTP/1.0
        /** PKCS #11 engine sample output **/
        27435/1@1: -> libpkcs11:C_EncryptUpdate(0x1087f58, 0x1802198, 0x140, 0x1802198)
        27435/1@1: <- libpkcs11:C_EncryptUpdate() = 0
        27435/1@1: -> libpkcs11:C_DigestUpdate(0x1087f18, 0xffbff25c, 0xd, 0xfe178000)
        27435/1@1: <- libpkcs11:C_DigestUpdate() = 0
    • Test SSH login from a non-FIPS 140 system and a FIPS 140 system.

    • Review the log files for SSH and the Apache Web Server.

      SSH returns errors when FIPS 140 algorithms are not being used.

  9. (Optional) To prevent the use of non-FIPS 140 algorithms by all Cryptographic Framework consumers, disable the non-FIPS 140 mechanisms.

    Tip  -  To implement a strict policy for Cryptographic Framework consumers, create a script that implements the policy, then create a second BE for the strict policy version of FIPS 140 mode.

    The following set of commands prevents the use of kernel algorithms that are not validated for FIPS 140 mode.

    # cryptoadm -vm/** truncated list shows only non-FIPS 140 algorithm mechanisms **/
    Kernel providers:
    arcfour: CKM_RC4
    md4: CKM_MD4
    # cryptoadm disable provider=des mechanism=CKM_DES_ECB,CKM_DES_CBC
    # cryptoadm disable provider=arcfour mechanism=all
    # cryptoadm disable provider=blowfish mechanism=all
    # cryptoadm disable provider=camellia mechanism=all
    # cryptoadm disable provider=md4 mechanism=all
    # cryptoadm disable provider=md5 mechanism=all

    The following command shows the policy for Cryptographic Framework kernel providers after you disable non-FIPS 140 mechanisms.

    # cryptoadm list -p
    des: all mechanisms are enabled, except CKM_DES_CBC,CKM_DES_ECB.
    aes: all mechanisms are enabled.
    arcfour: no mechanisms presented.
    blowfish: all mechanisms are enabled, except CKM_BLOWFISH_ECB,CKM_BLOWFISH_CBC.
    camellia: all mechanisms are enabled, except CKM_CAMELLIA_ECB,CKM_CAMELLIA_CBC.
    ecc: all mechanisms are enabled.
    sha1: all mechanisms are enabled.
    sha2: all mechanisms are enabled.
    md4: no mechanisms presented.
    md5: all mechanisms are enabled, except CKM_MD5,CKM_MD5_HMAC,CKM_MD5_HMAC_GENERAL.
    rsa: all mechanisms are enabled.
    swrand: random is enabled.

    To prevent the use of userland mechanisms, specify /usr/lib/security/$ISA/ as the provider, then specify the mechanisms. For example, the following command disables the Camellia mechanisms in userland:

    # cryptoadm disable provider=/usr/lib/security/\$ISA/ \
    # cryptoadm list -p
    User-level providers:
    /usr/lib/security/$ISA/ all mechanisms are enabled.
    /usr/lib/security/$ISA/ all mechanisms are enabled, 


    Caution  -  Test the strict policy BE thoroughly before using in production.

  10. To stop using FIPS 140 mode, activate the original BE and reboot.

    # beadm activate original-BE
    # reboot