Opened 17 months ago

Last modified 13 months ago

#725 assigned Feature Wish

Consider to add FIPS support in OpenVPN

Reported by: dazo Owned by: syzzer
Priority: major Milestone:
Component: Crypto Version: OpenVPN git master branch (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords: FIPS
Cc: syzzer

Description (last modified by dazo)

There is a patch lingering in Red Hat Bugzilla #1369260 which adds FIPS support to OpenVPN.

This is an interesting feature for many who need to apply policies where FIPS is a hard requirement.

The problem with this patch is that it replaces MD5 hashing a few places with SHA1, which will break compatibility with non-FIPS enabled clients.

I think this patchset could be matured by adding a --fips-mode option. Then look into how to signal to the remote side if FIPS is supported or not.

If the server side is configured with --fips-mode, it should reject clients which do not support FIPS. However a client does not need to explicit enable --fips-mode, it should switch to that automatically if the server signals FIPS mode being enabled.

If the client is configured with --fips-mode, it enforces FIPS mode. So if the server does not support FIPS, the client should close the connection.

The question is if the SSL libraries can be switched to FIPS mode after the initial connection handshake, and how to actually do this signalling

Change History (6)

comment:1 Changed 17 months ago by deadhorse

I'm more than happy to do the grunt work of updating the patch to use a "--fips-mode" command line flag if that is what would make the difference.

For what it's worth, I understand that this patch isn't going to make OpenVPN somehow magically FIPS certified; I'm just looking for a way to make OpenVPN work on a system that has OpenSSL configured in a fashion where only the FIPS-compliant algorithms work.

Last edited 17 months ago by deadhorse (previous) (diff)

comment:2 Changed 17 months ago by dazo

That is very good to hear you can help out with the patch! And your raise a very good point regarding compatibility with dependencies which enforces FIPS.

We will have a hackathon in 14 days, so I added this as a discussion point to the agenda. I hope we can manage to reach a consensus there. I'll update this ticket once we have more info.

comment:3 Changed 17 months ago by dazo

  • Description modified (diff)

comment:4 Changed 16 months ago by cron2

  • Cc syzzer added

comment:5 Changed 16 months ago by dazo

  • Owner set to syzzer
  • Status changed from new to assigned

comment:6 Changed 13 months ago by syzzer

The patch actually doesn't break compatibility with non-FIPS openvpn, because there's a special PRF-exception for MD5 in FIPS (probably specifically for the TLS PRF, which we not only use for TLS itself, but also to OpenVPN key derivation).

As a step towards FIPS support, I submitted a patch to replace MD5 with SHA256 for our internal options hash:

Note: See TracTickets for help on using tickets.