How do I check whether OpenSSL has is providing FIPS validated cryptography or not?

如何检查 OpenSSL 是否提供 FIPS 验证的加密？

It depends on how and when you want to check. It also depends on the application.

这取决于您要检查的方式和时间。这也取决于应用程序。

FIPS could be available but not used. So an application must enable the validated cryptography via FIPS_mode_set, and the call mustsucceed.

FIPS 可能可用但未使用。因此，应用程序必须通过 启用经过验证的加密FIPS_mode_set，并且调用必须成功。

If you want to check if the FIPS Capable Library, such as OpenSSL 1.0.1e, was configured to use the FIPS Object Module, then you can:

如果要检查 FIPS Capable Library（例如 OpenSSL 1.0.1e）是否配置为使用 FIPS 对象模块，则可以：

$ cat /usr/local/ssl/include/openssl/opensslconf.h  | grep -A 2 -i fips
#ifndef OPENSSL_FIPS
# define OPENSSL_FIPS
#endif

OPENSSL_FIPStells you the FIPS Capable Library was configured to use FIPS Object Module. So the FIPS validated cryptography is available.

OPENSSL_FIPS告诉您 FIPS Capable Library 被配置为使用 FIPS Object Module。因此 FIPS 验证的密码学是可用的。

OPENSSL_FIPSdoes not mean the application is using the FIPS validated cryptography, though. The application must call FIPS_mode_set, and the function must return success.

OPENSSL_FIPS不过，这并不意味着应用程序正在使用 FIPS 验证的密码学。应用程序必须调用FIPS_mode_set，并且函数必须返回成功。

At runtime, you can print the string associated with the following (its taken from code I use specifically for this):

在运行时，您可以打印与以下内容关联的字符串（取自我专门为此使用的代码）：

ostringstream oss;
oss << OPENSSL_VERSION_TEXT;
LogVersion(oss.str().c_str());

The code will produce a log entry similar to the following:

该代码将生成类似于以下内容的日志条目：

Version: OpenSSL 1.0.1f-fips 6 Jan 2014

You can audit the module with a few tricks. For example, the following will test for some symbols that mustbe present if executable is truly FIPS.

您可以使用一些技巧来审核模块。例如，如果可执行文件是真正的 FIPS ，下面将测试一些必须存在的符号。

In this case, I'm testing the OpenSSL FIPS Capable shared object. If the application links to libcrypto.a, then you can audit the program rather than the OpenSSL shared object.

在这种情况下，我正在测试 OpenSSL FIPS Capable 共享对象。如果应用程序链接到libcrypto.a，则您可以审核程序而不是 OpenSSL 共享对象。

$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_*
00000000000c7f60 T ERR_load_FIPS_strings
00000000000c2250 T FIPS_add_error_data
00000000000c3900 T FIPS_add_lock
0000000000082820 T FIPS_bn_bin2bn
0000000000082980 T FIPS_bn_bn2bin
0000000000082760 T FIPS_bn_clear
0000000000082350 T FIPS_bn_clear_free
00000000000823d0 T FIPS_bn_free
0000000000087c90 T FIPS_bn_generate_prime_ex
0000000000082790 T FIPS_bn_get_word
0000000000082d20 T FIPS_bn_is_bit_set
0000000000087c80 T FIPS_bn_is_prime_ex
0000000000087750 T FIPS_bn_is_prime_fasttest_ex
...

You also have the symbols from fips_premain.c:

您还可以使用以下符号fips_premain.c：

$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_text_*
00000000000c4520 T FIPS_text_end
000000000007b340 T FIPS_text_start
$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_rodata*
00000000001e1e20 R FIPS_rodata_end
00000000001d8ce0 R FIPS_rodata_start
$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_signature*
00000000004696c0 B FIPS_signature
$ nm /usr/local/ssl/lib/libcrypto.so | grep -i fips_incore*
000000000007b5a0 T FIPS_incore_fingerprint

Now, this is really sneaky. You can check that the module includes the self tests. For example, fips_drbg_selftest.hwill include the following bytes its self tests:

现在，这真的是偷偷摸摸。您可以检查模块是否包含自检。例如，fips_drbg_selftest.h将包括以下字节其自检：

0x2e,0xbf,0x98,0xf9,0x85,0x27,0x8b,0xff,0x36,0xb9,0x40,0x0b,
0xc0,0xa1,0xa0,0x13,0x20,0x06,0xcc,0xe6,0x2a,0x03,0x77,0x7d,
0xee,0xde,0xcc,0x34,0xe3,0xcd,0x77,0xea,0xd0,0x3e,0xbe,0xdd,
0xf6,0x15,0xfb,0xa7,0xd7,0x8e,0xd0,0x2e,0x2f,0x82,0x4c,0xc7,
0x87,0xb1,0x6f,0xc5,0xf8,0x5c,0x78,0xde,0x77,0x9b,0x15,0x9a,
0xb9,0x3c,0x38

And you can verify the developer ran incoreor macho_incoreon their executable to embed the FIPS fingerprint by dumping the 20 bytes of the symbol FIPS_signature. If its 20 bytes of 0's (the default from fips_premain.c), then the fingerprint was not embedded and FIPS_mode_setwill fail. So its not possible to use FIPS validated cryptography in this case.

您可以通过转储 20 个字节的符号来验证开发人员运行incore或macho_incore在他们的可执行文件上嵌入 FIPS 指纹FIPS_signature。如果它的 20 个字节为 0（默认来自fips_premain.c），则指纹未嵌入并且FIPS_mode_set将失败。所以在这种情况下不可能使用 FIPS 验证的加密。

Update: I uploaded a slide deck I have on the subject to the OpenSSL wiki. Its called Building Applications using OpenSSL Validated Cryptography: Notes from the Field for Developers and Auditors. You will want to review the material starting around Slide 18.

更新：我将有关该主题的幻灯片上传到 OpenSSL wiki。它称为使用 OpenSSL 验证密码构建应用程序：来自开发人员和审计人员的现场笔记。您需要从幻灯片 18 左右开始复习材料。

I built the slide deck for OWASPbut there's was no interest in receiving it. I know Stack Overflow frowns upon links like the one on the OpenSSL wiki, but I don't know how to provide a 35+ slide deck here.

我为OWASP 制作了幻灯片，但没有兴趣接收它。我知道 Stack Overflow 不喜欢 OpenSSL wiki 上的链接，但我不知道如何在此处提供 35+ 幻灯片。

Here what i found to check support.

在这里，我发现检查支持。

# openssl ciphers FIPS -v
ADH-AES256-SHA          SSLv3 Kx=DH       Au=None Enc=AES(256)  Mac=SHA1
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
ADH-AES128-SHA          SSLv3 Kx=DH       Au=None Enc=AES(128)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
KRB5-DES-CBC3-SHA       SSLv3 Kx=KRB5     Au=KRB5 Enc=3DES(168) Mac=SHA1
ADH-DES-CBC3-SHA        SSLv3 Kx=DH       Au=None Enc=3DES(168) Mac=SHA1
EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1

OpenSSL itself is not FIPS 140-2 validated and, according to it's maintainers, will never be. However, it has a FIPS 140-2 validated module called the FIPS Object Module, that partly replaces libcryptoused in vanilla OpenSSL. More information, including user guide, can be found here. In short:

OpenSSL 本身未经 FIPS 140-2 验证，据其维护者称，永远不会。但是，它有一个 FIPS 140-2 验证的模块，称为 FIPS 对象模块，它部分替换了 vanilla OpenSSL 中使用的libcrypto。更多信息，包括用户指南，可以在这里找到。简而言之：

OpenSSL itself is not validated, and never will be. Instead a special carefully defined software component called the OpenSSL FIPS Object Module has been created. This Module was designed for compatibility with OpenSSL so that products using the OpenSSL API can be converted to use validated cryptography with minimal effort.

OpenSSL 本身未经验证，永远不会。取而代之的是创建了一个称为 OpenSSL FIPS 对象模块的精心定义的特殊软件组件。此模块旨在与 OpenSSL 兼容，以便可以轻松地将使用 OpenSSL API 的产品转换为使用经过验证的加密。

To check if openssl is operating under fips mode, issue the following:

要检查 openssl 是否在 fips 模式下运行，请发出以下命令：

$ openssl md5 somefile

The above should fail as MD5 is not a fips approved Hash Standard.

以上应该失败，因为 MD5 不是 fips 批准的哈希标准。

$ openssl sha1 somefile

The above would work as SHA1 is the fips Approved Hash Standard.

由于 SHA1 是 fips 批准的哈希标准，因此上述内容将起作用。

Example:

示例：

# openssl md5 message.txt
Error setting digest md5
140062425388872:error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips:digest.c:251:

# openssl sha1 message.txt 
SHA1(messagetext.txt)= 9f5080758dbf71537cc44a4d8cb67564f2ad938a

Reference

参考

Kernel option "fips=1" should be enabled. A bit more on that here.

应该启用内核选项“ fips=1”。多一点在这里。

To see if that is loaded:

要查看是否已加载：

sudo sysctl -a|grep fips

If you are using dynamic linking, this c code will check for you:

如果您使用动态链接，此 c 代码将为您检查：

#include <openssl/err.h>
#include <string.h>

int main() {
  if (FIPS_mode() || FIPS_mode_set(1)) {
    printf("Installed library has FIPS support\n");
    return 0;
  }

  const char* err_str = ERR_error_string(ERR_get_error(), 0);
  printf("Failed to enable FIPS mode, %s\n", err_str);
  if (strstr(err_str, "0F06D065")) {
    printf("Installed library does not have FIPS support\n");
  }

  return 0;
}

On Linux you can compile and run via:

在 Linux 上，您可以通过以下方式编译和运行：

Compile like so:

像这样编译：

gcc fips_openssl_check.c -lcrypto

gcc fips_openssl_check.c -lcrypto

or

或者

gcc fips_openssl_check.c -l:libcrypto.so.1.0.2

gcc fips_openssl_check.c -l:libcrypto.so.1.0.2

if you have multiple libcrypto versions installed and want to check a specific one. Other compilers such as clang are fine too.

如果您安装了多个 libcrypto 版本并想检查一个特定的版本。其他编译器如 clang 也很好。

Execute to perform the check:

执行以执行检查：

./a.out

./a.out

https://github.com/ericcurtin/fips_openssl_check

https://github.com/ericcurtin/fips_openssl_check