Skip to content

Commit 0af5365

Browse files
authored
Merge pull request #507 from sboldyreva/esu
Added new ESU info
2 parents b50a5fd + 6a2b136 commit 0af5365

3 files changed

Lines changed: 188 additions & 0 deletions

File tree

68.9 KB
Loading

docs/.vuepress/theme/components/Breadcrumb.vue

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ const titleMap = {
2626
'/els-for-applications/': 'ELS for Applications',
2727
'/els-for-os/': 'ELS for OS',
2828
'/els-for-runtimes/': 'ELS for Runtimes',
29+
'/enterprise-support-for-almalinux/': 'Enterprise Support for AlmaLinux',
2930
};
3031
3132
const breadCrumbs = computed(() => {

docs/enterprise-support-for-almalinux/README.md

Lines changed: 187 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -229,6 +229,193 @@ $ openssl list -providers | grep -A3 fips
229229
status: active
230230
```
231231

232+
### NSS-FIPS and Java crypto APIs
233+
234+
#### Java crypto
235+
236+
Java has a fully abstract crypto API with a pluggable cryptographic implementation organized into
237+
crypto Providers. Providers, as the name suggests, provide implementations for various crypto
238+
algorithms. The providers are loaded using JRE's configuration, either system-wide or per
239+
deployment, or can be loaded at application runtime.
240+
241+
The order of available crypto providers is important as methods such as
242+
Cipher.getInstance(algorithm) without specifying the exact provider name (through second
243+
parameter) will return a matching implementation from the first provider that implements that
244+
crypto mechanism.
245+
246+
Some providers, like one of the default JDK providers – SunJCE – provide only the basic crypto
247+
primitives. Others - like SunJSSE – provide higher level operations that rely on crypto primitives
248+
implemented by other providers. Those operations are, for instance, those being part of TLS or
249+
X509 standards in order to handle transport layer security or public key infrastructure.
250+
251+
#### FIPS compliant implementations
252+
253+
In order to use FIPS compliant and FIPS certified implementations of cryptographic mechanisms
254+
the application should use a crypto provider that interfaces with a concrete implementation certified
255+
to be FIPS compliant. Many 3rd party applications or libraries (packages) rely on the Provider
256+
infrastructure and cede the choice of crypto implementations to the app/system maintainer.
257+
258+
Therefore in most cases the deployer – likely a sysadmin or devops – is free to choose an
259+
appropriate set of crypto providers for the application.
260+
261+
OpenJDK for instance allows for configuring a PKCS11 provider which can interface with a native,
262+
system-wide crypto library – NSS and its PKCS11 implementation – libsoftokn3.so. This
263+
implementation by tuxcare is FIPS compliant.
264+
265+
An alternative PKCS11 implementation is SoftHSM which uses OpenSSL underneath. However,
266+
the cryptographic boundary is slightly shifted here. libsoftokn3 with NSS is FIPS certified while
267+
softhsm library alone is not, although the underlying openssl is.
268+
269+
There are also alternative ways to interface with other system wide, FIPS compliant, native libs
270+
such as OpenSSL however this would need extra effort to build and maintain other, 3rd party
271+
providers, that are not readily available in the package repos and would have to be provided by the
272+
maintainer of the end application.
273+
274+
#### Java's crypto API diagram
275+
276+
![Java Crypto Providers](/images/providers.webp)
277+
278+
#### SunPKCS11 provider
279+
280+
SunPKCS11 is a provider which interfaces, through JNI, with a native implementation that exposes
281+
a PKCS11 crypto API, typically called a "token". Typically that would mean a hardware token – a
282+
device that implements crypto operations and exposes a PKCS11 interface through a "driver" being
283+
a native shared library.
284+
285+
#### NSS-FIPS implementation
286+
287+
NSS-FIPS implementation acts as a software token. It provides a PKCS11 interface like any USB
288+
crypto token, a HSM or a smart card would, but the actual implementation is provided in software
289+
using libnss3.
290+
291+
#### JSSE
292+
293+
JSSE provides TLS and PKI implementations and, if the provider set is properly configured, would
294+
have to rely on cryptographic primitives provided by NSS-FIPS.
295+
296+
#### Alternative providers
297+
298+
So far NSS is the only crypto library that alone provides an "upwards-facing" PKCS11 API and
299+
thus can be easily and seamlessly incorporated into a Java software solution. Other means include
300+
using
301+
302+
* softHSM
303+
304+
Which is also a PKCS11 provider and relies on OpenSSL underneath, however, it doesn't itself fall
305+
within a FIPS cryptographic boundary of the system deliverables.
306+
307+
* conscrypt
308+
309+
However, conscrypt became problematic to maintain having been hardwired to boringSSL by
310+
Google. Even though boringssl essentially has the same API as OpenSSL, conscrypt would require
311+
extra maintenance and as such is not provided as an AlmaLinux package.
312+
313+
* openssl-fips-java
314+
315+
Maintained by Canonical but not available as a package (even in Ubuntu), this provider can be built
316+
to interface with the FIPS implementation of OpenSSL.
317+
318+
#### PKCS11-NSS-FIPS setup
319+
320+
As shown on the diagram, a PKCS11 provider needs to be configured in order to work with Java
321+
crypto. A HSM or smart card would require a driver in form of a shared library.
322+
323+
For NSS specifically – OpenJDK provides several shorthand configuration attributes.
324+
325+
The configuration can either be done in the application's Java code by passing the config as a String
326+
argument or through environment or system-wide via configuration files.
327+
328+
#### System-wide config files
329+
330+
* `(...)/security/java.security`
331+
332+
This file specifies the provider list and the order of providers. In non-fips mode this file will contain
333+
the following:
334+
335+
```
336+
security.provider.N=SunPKCS11 ${java.home}/lib/security/nss.cfg
337+
```
338+
339+
while in FIPS mode:
340+
341+
```
342+
fips.provider.1=SunPKCS11 ${java.home}/conf/security/nss.fips.cfg
343+
```
344+
345+
Both directives configure a SunPKCS11 provider and point to the provider-specific configuration
346+
files
347+
348+
* `(...)/security/nss.fips.cfg`
349+
350+
```
351+
name = NSS-FIPS
352+
```
353+
354+
The name which will be appended to "SunPKCS11-" identifying the configured provider
355+
356+
Followed by nss-specific directives
357+
358+
```
359+
nssLibraryDirectory = /usr/lib64
360+
nssSecmodDirectory = ${fips.nssdb.path}
361+
nssDbMode = readWrite
362+
nssModule = fips
363+
```
364+
365+
Instead of providing a full path to the NSS shared lib one needs only to point to a library directory
366+
containing NSS libraries.
367+
368+
#### SoftHSM configuration
369+
370+
The configuration of SoftHSM includes
371+
372+
* setting up a config file. If the Java app is used in non-root context (as it probably is) then the
373+
config file needs to be user accessible and SOFTHSM2_CONF environment variable must point to
374+
it.
375+
* a keystore needs to be set up in the config file
376+
* a SoftHSM "token" needs to be created within the keystore directory. It must be PIN protected,
377+
therefore
378+
* in order to use crypto primitves Java application needs to instantiate SoftHSM KeyStore object
379+
and .init() it with the PIN.
380+
381+
#### Limiting non-FIPS algorithm implementations
382+
383+
Neither PKCS11 alone, nor NSS, does prevent library users from instantiating and using FIPS
384+
unapproved algorithms. Application developers are also free to include any code within their
385+
applications, including FIPS unapproved cryptographic algorithms in cryptographic context, or
386+
using FIPS unapproved algos, like SHA-1 in non-cryptographic contexts, like file checksums or
387+
lookup hashes.
388+
389+
NSS implements a notion of a FIPS indicator which allows the application's implementer to decide
390+
what to do with a FIPS unapproved algorithms. Unlike openssl which bluntly fails if a non-fips
391+
operation is requested.
392+
393+
The caveat – NSS's PKCS11 API does not provide a facility for querying the indicator as there can
394+
be no such facility within PKCS11.
395+
396+
#### disabledAlgorithms directive
397+
398+
Certain algorithms from NSS (or any other PKCS11 provider) can be blacklisted in the provider's
399+
config file (or by other means of configuring PKCS11). For instance DES based cipher mechanisms
400+
can be explicitly blocked using
401+
402+
```
403+
disabledMechanisms = {
404+
CKM_DES_ECB
405+
CKM_DES_ECB_ENCRYPT_DATA
406+
CKM_DES3_ECB
407+
CKM_DES3_ECB_ENCRYPT_DATA
408+
CKM_DES_CBC
409+
CKM_DES_CBC_ENCRYPT_DATA
410+
CKM_DES_CBC_PAD
411+
CKM_DES3_CBC
412+
CKM_DES3_CBC_ENCRYPT_DATA
413+
CKM_DES3_CBC_PAD
414+
}
415+
```
416+
417+
The above will not even appear on the mechanism list for this provider.
418+
232419
### Uninstalling tuxctl
233420

234421
To uninstall tuxctl, disable the ESU/FIPS functionality and revert to community repo's, you can run the following as root:

0 commit comments

Comments
 (0)