4 Example of Running in FIPS 140-2 Mode on an Oracle Solaris 11.4 System

The example in this section configures an Oracle Solaris system to run in FIPS 140-2 mode. The system is a SPARC T5-2 server, which provides cryptographic acceleration in the SPARC5 processor.

Note:

If you have a strict requirement to use only FIPS 140-2 validated cryptography, you must be running the Oracle Solaris 11.3 SRU 5.6 release. Oracle completed a FIPS 140-2 validation against the Cryptographic Framework in this specific release. The current Oracle Solaris release builds on the validated foundation and includes software improvements that address performance, functionality, and reliability. Whenever possible, you should configure Oracle Solaris 11.4 in FIPS 140-2 mode to take advantage of these improvements.

The main steps are:

1. Create and boot into a BE that you will configure for FIPS 140-2 Level 1.

2. In the new BE, enable the FIPS 140-2 providers.

3. Modify the policy.conf file to remove interoperability with systems that do not use FIPS 140-2 password hashes.

4. Prevent the use of non-FIPS 140-2 algorithms by all Cryptographic Framework consumers.

5. Test.

The following example describes the detailed actions you would take to accomplish this configuration.

1. Create a BE based on your current configuration and boot it.

   # beadm create Sol-FIPS-140
   # beadm activate Sol-FIPS-140
   # reboot

   The preceding command gives a useful name to the BE. The BE is not yet running in FIPS 140-2 mode.

2. In the new BE, enable the two FIPS 140-2 providers.

   First, enable the Cryptographic Framework provider.

   # cryptoadm enable fips-140

   If the crypto/fips-140 package is not yet installed, this command installs the package.

3. Verify that the Secure Shell consumer is using OpenSSL in FIPS 140-2 mode.

   Output should be similar to the following:

   $ ssh -vvv localhost date 2>&1 | grep -i fips
   debug1: Running in FIPS mode.
   debug1: Local version string SSH-2.0-OpenSSH_9.6 FIPS
   debug1: Remote protocol version 2.0, remote software version OpenSSH_9.6 FIPS
   debug1: compat_banner: match: OpenSSH_9.6 FIPS pat OpenSSH* compat 0x04000000

4. Configure the Apache HTTP Server in FIPS 140-2 mode by setting up TLS and starting the SMF services.

5. Prevent the use of a non-FIPS 140-2 password hash by removing 2a as an allowable hash.

   # pfedit /etc/security/policy.conf
   CRYPT_ALGORITHMS_ALLOW=5,6

6. (Optional) Ensure that all logins use the correct hash.

   1. List all users who can log in to the BE.

      # logins -xo -S files | grep PS 
      root:0:root:0:Super-User:/root:/usr/bin/bash:PS ...
      testuser1:111:test:110:Tester1:/home/tester1:/usr/bin/bash:PS ...
      testuser2:112:test:110:Tester2:/home/tester2:/usr/bin/bash:PS ...
      admin:141:fipadm:140:FIPS 140-2 Administrator:/home/admin:/usr/bin/bash:PS ...

      Tip:

      Use the ‐S ldap option to find all users in the LDAP repository.

   2. Force each user to create a new password at login.

      # passwd -f [-r files | ldap ] username

      Tip:

      You can write a script that forces all users to change their password at login.

7. After the consumers are configured, reboot the BE.

   # reboot

8. Test the configuration.

   • Verify that the providers are operating in FIPS 140-2 mode.

     The following output indicates that the Cryptographic Framework is operating in FIPS 140-2 mode.

     # cryptoadm list fips-140
     User-level providers:
     ===================== 
     /usr/lib/security/$ISA/pkcs11_softtoken: FIPS 140 mode is enabled.
     
     Kernel providers:
     ================= 
     des: FIPS 140-2 mode is enabled.
     aes: FIPS 140-2 mode is enabled.
     ecc: FIPS 140-2 mode is enabled.
     sha1: FIPS 140-2 mode is enabled.
     sha2: FIPS 140-2 mode is enabled.
     rsa: FIPS 140-2 mode is enabled. 
     swrand: FIPS 140-2 mode is enabled.
     intelrd: FIPS 140-2 mode is enabled

   • Verify that the Apache HTTP Server is using FIPS 140-2 algorithms.

     Test the Apache HTTP Server from a non-FIPS 140-2 system and from a FIPS 140-2 system.

     non-FIPS-webclient# openssl s_client -connect FIPS-webserver:443 -tls1_2

     FIPS-webclient# openssl s_client -connect FIPS-webserver:443 -tls1_2

   • Test the Secure Shell login from a non-FIPS 140-2 system and from a FIPS 140-2 system.

   • Review the log files for Secure Shell and the Apache HTTP Server.

9. (Optional) To prevent the use of non-FIPS 140-2 algorithms by all Cryptographic Framework consumers, disable the non-FIPS 140-2 mechanisms.

   Tip:

   To implement a strict policy for Cryptographic Framework consumers, create a script that implements the policy, then create a second BE for the strict policy version of FIPS 140-2 mode.

   The following set of commands prevents the use of kernel Cryptographic Framework algorithms that are not validated for FIPS 140-2 mode. The list is truncated to highlight the non-FIPS 140-2 algorithm mechanisms.

   # cryptoadm list -vm
   ...
   Kernel providers:
   =================
   des: CKM_DES_ECB,CKM_DES_CBC,CKM_DES3_ECB,CKM_DES3_CBC
   arcfour: CKM_RC4
   blowfish: CKM_BLOWFISH_ECB,CKM_BLOWFISH_CBC
   camellia: CKM_CAMELLIA_ECB,CKM_CAMELLIA_CTR,CKM_CAMELLIA_CBC
   md5: CKM_MD5,CKM_MD5_HMAC,CKM_MD5_HMAC_GENERAL
   # cryptoadm disable provider=des mechanism=CKM_DES_ECB,CKM_DES_CBC
   # cryptoadm disable provider=arcfour mechanism=all
   # cryptoadm disable provider=blowfish mechanism=all
   # cryptoadm disable provider=camellia mechanism=all
   # cryptoadm disable provider=md5 mechanism=all

   The following command shows the policy for the kernel Cryptographic Framework providers after you disable non-FIPS 140-2 mechanisms. The DES mechanisms that remain are Triple-DES mechanisms.

   # cryptoadm list -p
   ...
   des: all mechanisms are enabled, except CKM_DES_CBC,CKM_DES_ECB.
   aes: all mechanisms are enabled.
   arcfour: no mechanisms presented.
   blowfish: no mechanisms presented.
   camellia: no mechanisms presented.
   ecc: all mechanisms are enabled.
   sha1: all mechanisms are enabled.
   sha2: all mechanisms are enabled.
   md5: no mechanisms presented.
   rsa: all mechanisms are enabled.
   swrand: random is enabled.
   intelrd: random is enabled.

   To prevent the use of userland mechanisms, specify /usr/lib/security/$ISA/pkcs11_softtoken.so as the provider, then specify the mechanisms. To list the mechanisms in userland, use the following command:

   # cryptoadm list -vm provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so
   Mechanism Name                 Minimum    Maximum  ...
   ----------------------------- -------- ----------  ...
   CKM_CAMELLIA_CBC                    16         32  ...
   CKM_CAMELLIA_CBC_PAD                16         32  ...
   CKM_CAMELLIA_CTR                    16         32  ...
   CKM_CAMELLIA_ECB                    16         32  ...
   CKM_CAMELLIA_KEY_GEN                16         32  ...
   ...
   CKM_ECDSA                          112        571  ...
   CKM_ECDSA_SHA1                     112        571  ...
   CKM_ECDH1_DERIVE                   112        571  ...

   For example, the following command disables the Camellia mechanisms in userland:

   # cryptoadm disable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so \
   >mechanism=CKM_CAMELLIA_CBC,CKM_CAMELLIA_CBC_PAD,CKM_CAMELLIA_CTR,CKM_CAMELLIA_ECB,CKM_CAMELLIA_KEY_GEN
   # cryptoadm list -p
   User-level providers:
   =====================
   /usr/lib/security/$ISA/pkcs11_kernel.so: all mechanisms are enabled.
   /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, 
   except CKM_CAMELLIA_KEY_GEN,CKM_CAMELLIA_ECB,CKM_CAMELLIA_CBC,CKM_CAMELLIA_CBC_PAD,CKM_CAMELLIA_CTR. random is enabled.

   Caution:

   Test the strict policy BE thoroughly before using it in a production environment.

10. To stop using FIPS 140-2 mode, activate the original BE and reboot.

    # beadm activate original-BE
    # reboot