Opened 8 years ago

Closed 17 months ago

#725 closed Feature Wish (fixed)

Consider to add FIPS support in OpenVPN

Reported by: David Sommerseth Owned by:
Priority: major Milestone: release 2.6
Component: Crypto Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: FIPS

Description (last modified by David Sommerseth)

There is a patch lingering in Red Hat Bugzilla #1369260 which adds FIPS support to OpenVPN.

This is an interesting feature for many who need to apply policies where FIPS is a hard requirement.

The problem with this patch is that it replaces MD5 hashing a few places with SHA1, which will break compatibility with non-FIPS enabled clients.

I think this patchset could be matured by adding a --fips-mode option. Then look into how to signal to the remote side if FIPS is supported or not.

If the server side is configured with --fips-mode, it should reject clients which do not support FIPS. However a client does not need to explicit enable --fips-mode, it should switch to that automatically if the server signals FIPS mode being enabled.

If the client is configured with --fips-mode, it enforces FIPS mode. So if the server does not support FIPS, the client should close the connection.

The question is if the SSL libraries can be switched to FIPS mode after the initial connection handshake, and how to actually do this signalling

Change History (12)

comment:1 Changed 8 years ago by deadhorse

I'm more than happy to do the grunt work of updating the patch to use a "--fips-mode" command line flag if that is what would make the difference.

For what it's worth, I understand that this patch isn't going to make OpenVPN somehow magically FIPS certified; I'm just looking for a way to make OpenVPN work on a system that has OpenSSL configured in a fashion where only the FIPS-compliant algorithms work.

Last edited 8 years ago by deadhorse (previous) (diff)

comment:2 Changed 8 years ago by David Sommerseth

That is very good to hear you can help out with the patch! And your raise a very good point regarding compatibility with dependencies which enforces FIPS.

We will have a hackathon in 14 days, so I added this as a discussion point to the agenda. I hope we can manage to reach a consensus there. I'll update this ticket once we have more info.

comment:3 Changed 8 years ago by David Sommerseth

Description: modified (diff)

comment:4 Changed 8 years ago by Gert Döring

Cc: Steffan Karger added

comment:5 Changed 8 years ago by David Sommerseth

Owner: set to Steffan Karger
Status: newassigned

comment:6 Changed 7 years ago by Steffan Karger

The patch actually doesn't break compatibility with non-FIPS openvpn, because there's a special PRF-exception for MD5 in FIPS (probably specifically for the TLS PRF, which we not only use for TLS itself, but also to OpenVPN key derivation).

As a step towards FIPS support, I submitted a patch to replace MD5 with SHA256 for our internal options hash:

comment:7 Changed 6 years ago by opoplawski

Any progress here? The discussion on the mailing list seems to have just died out.

comment:8 Changed 6 years ago by Steffan Karger

Owner: Steffan Karger deleted

Not from my side, sorry. Time is scarce and this is simply not anywhere near the top of my priority list. So don't wait for me.

comment:9 Changed 6 years ago by hv_rolsen

I'd like to bump this bug/feature/wishlist/please/please/please.

Currently, without this patch, OpenVPN segfaults in horrible ways when utilizing a FIPS enabled versions OpenSSL. FIPS 140-2 validation and enforcement is required for FEDRAMP (federal government) and other certifications.

comment:10 Changed 20 months ago by Gert Döring

Cc: Steffan Karger removed
Milestone: release 2.6

Just came across this.

From the commit logs, it seems that with

commit 06f6cf3ff850f2930bf4a864ae9898407e94ffb9
Author: Arne Schwabe <arne@…>
Date: Fri Mar 5 15:13:52 2021 +0100

Prefer TLS libraries TLS PRF function, fix OpenVPN in FIPS mode

OpenVPN should be fine with FIPS-enabled SSL libraries.

As far as I can see this is only in master, to be released as 2.6.0 in the not so distant future.

It would be nice if someone could test that current master works on a FIPS-enabled system, so we can close this ticket... :-)

comment:11 Changed 17 months ago by Gert Döring

ping? testers, please?

comment:12 Changed 17 months ago by Gert Döring

Resolution: fixed
Status: assignedclosed

I claim that 2.5 and 2.6 should be able to work perfectly fine on a FIPS-enabled system with these fixes. Since nobody objected in the last 3 months, I am now closing this ticket - reopen if problems can be demonstrated.

Note: See TracTickets for help on using tickets.