Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 06/13/2010 05:24 PM, Robin H. Johnson wrote: On Sun, Jun 13, 2010 at 03:08:07PM -0700, Nelson B Bolyard wrote: On 2010-06-13 13:02 PDT, Robin H. Johnson wrote: On Sun, Jun 13, 2010 at 02:02:39AM -0700, Nelson B Bolyard wrote: The root of the problem is that the shared libraries can change POST-install, as needed for ELF signing, split-debug and prelinking. The ELF signing is a catch-22. Either I have to run shlibsign afterwards, or I have to not sign those files, and leave them open to potential compromise. Rerun shlibsign. It's fast and easy. I think rerunning shlibsign is probably your best option. We have traditionally been turning off prelinking for softoken and freebl on fedora, since prelink can run periodically (usually we find FIPS breaking overnight). There is a patch checked into the SOFTOKEN_3_13 branch which allows you to prelink the library, the integrity check program would ask prelink to return the unmodified library, which it will check against rather than the actual on disk version. I don't know how that would interact with ELF signing and split-debug. You can control the actual prelink command for you distribution with an environment variable at build time. I definitely suggest you run shlibsign after any 'static' operations (those operations that are run once). bob -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Sat, Jun 12, 2010 at 02:11:14PM -0700, Nelson B Bolyard wrote: You have a problem with a distribution of NSS that is not identical to the NSS as built from the upstream NSS source repository. Mozilla's NSS team supports NSS as it comes from the builds from the upstream NSS source repository. Mozilla's NSS team does not attempt to keep track of all the changes made to NSS by every downstream Linux distro. If the upstream NSS works, but some downstream distribution does not, then the differences are due to changes outside of the control of Mozilla's NSS team, and primary support for those problems (that are unique to a downstream distribution) must come from the suppliers of that downstream distribution. LOOK at the links I provided, there are ZERO changes to the actual source code. There is an additional file packaged for pkgconfig support, and we compile with -fno-strict-aliasing. It is true that virtually every Linux distribution modifies NSS sources significantly and distributes a downstream flavor of NSS that differs from the upstream version in a number of ways. For some distros, the differences are so minor that you can simply download the upstream NSS sources, build them yourself, and use the resultant binaries as a replacement for the binaries that came with the distribution, and it all works fine. For other distros, they've made changes on such a large scale, such as renaming the functions, renaming the shared libraries and splitting up the shared libraries so that they no longer all live in the same directory, that a vanilla build of NSS from upstream sources simply will not work with programs that were built to work with that distro's NSS libraries. If your distro is one of those, then you'll have no choice but to get help from the maintainers of that distro. NONE of the above is the case, as I noted in previous emails. The C source is absolutely stock. It may be that, in your case, the problem is as simple as this: the distro did not include the .chk files that are generated during the NSS build process, or it put them in the wrong directory or gave them the wrong file names, so that NSS cannot find them. Or they may have changed the shared libraries, but not regenerated the .chk files. If that is the case, and the distro HAS distributed NSS's shlibsign program, then you may be able to remedy this yourself by generating replacements for the missing (or old) .chk files using shlibsign. Instructions on how to use shlibsign may be found at http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html Ok, this helped tremendously. The root of the problem is that the shared libraries can change POST-install, as needed for ELF signing, split-debug and prelinking. The ELF signing is a catch-22. Either I have to run shlibsign afterwards, or I have to not sign those files, and leave them open to potential compromise. Running shlibsign does remedy the problem. However, this entire matter could be remedied if some more useful error had been returned instead of 'Invalid Arguments'. Something to indicate that the library checksums no longer matched. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 pgp2rACleeKNf.pgp Description: PGP signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 2010/06/13 01:33 PDT, Robin H. Johnson wrote: LOOK at the links I provided, there are ZERO changes to the actual source code. Robin, The point is that the upstream NSS team simply doesn't have time or resources to look at every downstream distribution. There's no point in asking us to do so. We just cannot. But in this case, there was not need for us to do so,, thankfully. My email message attempted to cover a wide variety of possibilities without getting into any specifics of any distribution. It is quite common for distros to omit the .chk files altogether, or fail to update them when the NSS shared libs are updated or modified in any way. So I mentioned it as a general case, and you benefited. The root of the problem is that the shared libraries can change POST-install, as needed for ELF signing, split-debug and prelinking. The ELF signing is a catch-22. Either I have to run shlibsign afterwards, or I have to not sign those files, and leave them open to potential compromise. Rerun shlibsign. It's fast and easy. Running shlibsign does remedy the problem. However, this entire matter could be remedied if some more useful error had been returned instead of 'Invalid Arguments'. Something to indicate that the library checksums no longer matched. It's open source. Patches are invited. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Sun, Jun 13, 2010 at 02:02:39AM -0700, Nelson B Bolyard wrote: The root of the problem is that the shared libraries can change POST-install, as needed for ELF signing, split-debug and prelinking. The ELF signing is a catch-22. Either I have to run shlibsign afterwards, or I have to not sign those files, and leave them open to potential compromise. Rerun shlibsign. It's fast and easy. As an intermediate related question, is there a standalone verification tool for the CHK files shlibsign -V -i seems to just sign again, not verify. Running shlibsign does remedy the problem. However, this entire matter could be remedied if some more useful error had been returned instead of 'Invalid Arguments'. Something to indicate that the library checksums no longer matched. It's open source. Patches are invited. Ok, I'll take that up. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 pgptVek32QP0X.pgp Description: PGP signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 2010-06-13 13:02 PDT, Robin H. Johnson wrote: On Sun, Jun 13, 2010 at 02:02:39AM -0700, Nelson B Bolyard wrote: The root of the problem is that the shared libraries can change POST-install, as needed for ELF signing, split-debug and prelinking. The ELF signing is a catch-22. Either I have to run shlibsign afterwards, or I have to not sign those files, and leave them open to potential compromise. Rerun shlibsign. It's fast and easy. As an intermediate related question, is there a standalone verification tool for the CHK files shlibsign -V -i seems to just sign again, not verify. Yes. modutil is that test tool. You already know how to use it. Just drop the -force argument. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Sun, Jun 13, 2010 at 03:08:07PM -0700, Nelson B Bolyard wrote: On 2010-06-13 13:02 PDT, Robin H. Johnson wrote: On Sun, Jun 13, 2010 at 02:02:39AM -0700, Nelson B Bolyard wrote: The root of the problem is that the shared libraries can change POST-install, as needed for ELF signing, split-debug and prelinking. The ELF signing is a catch-22. Either I have to run shlibsign afterwards, or I have to not sign those files, and leave them open to potential compromise. Rerun shlibsign. It's fast and easy. As an intermediate related question, is there a standalone verification tool for the CHK files shlibsign -V -i seems to just sign again, not verify. Yes. modutil is that test tool. You already know how to use it. Just drop the -force argument. I should have clarified, that I want to verify without any disk writes, nor assuming a pre-setup database. # modutil -chkfips true modutil: function failed: security library: bad database. Just exactly that the chk files are valid, and nothing else. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 2010-06-13 17:24 PDT, Robin H. Johnson wrote: On Sun, Jun 13, 2010 at 03:08:07PM -0700, Nelson B Bolyard wrote: On 2010-06-13 13:02 PDT, Robin H. Johnson wrote: As an intermediate related question, is there a standalone verification tool for the CHK files shlibsign -V -i seems to just sign again, not verify. Yes. modutil is that test tool. You already know how to use it. Just drop the -force argument. I should have clarified, that I want to verify without any disk writes, nor assuming a pre-setup database. The without any disk writes part is easy. But without a setup database, it's not easy. # modutil -chkfips true modutil: function failed: security library: bad database. Just exactly that the chk files are valid, and nothing else. No. If you wanted to add an option to shlibsign for that purpose, I believe we'd consider it. Perhaps the easiest thing to do is rerun shlibsign and compare the old and new files. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 2010-06-13 17:56 PDT, I wrote: Perhaps the easiest thing to do is rerun shlibsign and compare the old and new files. Please forget that I wrote that. That won't work. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 2010-06-10 22:59 PDT, Robin H. Johnson wrote: On Thu, Jun 10, 2010 at 10:45:03PM +, Robin H. Johnson wrote: Testcase 2: (see attached minimal C code, based on posts to the list and used in the modutils source AND Mozilla). Bah, forgot the actual file. The testcase has been run on Arch and Fedora now, and both of those cases it works fine. Does that mean this problem is resolved? -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Jun 12, 2:25 pm, Nelson B Bolyard nel...@bolyard.me wrote: On 2010-06-10 22:59 PDT, Robin H. Johnson wrote: The testcase has been run on Arch and Fedora now, and both of those cases it works fine. Does that mean this problem is resolved? As I read, it is not; it was reported on Gentoo Linux. -- Matt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Sat, Jun 12, 2010 at 12:15:07PM -0700, Matt McCutchen wrote: On Jun 12, 2:25 pm, Nelson B Bolyard nel...@bolyard.me wrote: On 2010-06-10 22:59 PDT, Robin H. Johnson wrote: The testcase has been run on Arch and Fedora now, and both of those cases it works fine. Does that mean this problem is resolved? As I read, it is not; it was reported on Gentoo Linux. No, it still exists on Gentoo, and I haven't been able to reproduce it anywhere else. Build script: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/nss-3.12.6-r1.ebuild?revision=1.7view=markup Patches: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/nss/files/ -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On 2010-06-12 12:49 PDT, Robin H. Johnson wrote: On Sat, Jun 12, 2010 at 12:15:07PM -0700, Matt McCutchen wrote: On Jun 12, 2:25 pm, Nelson B Bolyard nel...@bolyard.me wrote: On 2010-06-10 22:59 PDT, Robin H. Johnson wrote: The testcase has been run on Arch and Fedora now, and both of those cases it works fine. Does that mean this problem is resolved? As I read, it is not; it was reported on Gentoo Linux. No, it still exists on Gentoo, and I haven't been able to reproduce it anywhere else. OK, thanks for that clarification. You have a problem with a distribution of NSS that is not identical to the NSS as built from the upstream NSS source repository. Mozilla's NSS team supports NSS as it comes from the builds from the upstream NSS source repository. Mozilla's NSS team does not attempt to keep track of all the changes made to NSS by every downstream Linux distro. If the upstream NSS works, but some downstream distribution does not, then the differences are due to changes outside of the control of Mozilla's NSS team, and primary support for those problems (that are unique to a downstream distribution) must come from the suppliers of that downstream distribution. It is true that virtually every Linux distribution modifies NSS sources significantly and distributes a downstream flavor of NSS that differs from the upstream version in a number of ways. For some distros, the differences are so minor that you can simply download the upstream NSS sources, build them yourself, and use the resultant binaries as a replacement for the binaries that came with the distribution, and it all works fine. For other distros, they've made changes on such a large scale, such as renaming the functions, renaming the shared libraries and splitting up the shared libraries so that they no longer all live in the same directory, that a vanilla build of NSS from upstream sources simply will not work with programs that were built to work with that distro's NSS libraries. If your distro is one of those, then you'll have no choice but to get help from the maintainers of that distro. It may be that, in your case, the problem is as simple as this: the distro did not include the .chk files that are generated during the NSS build process, or it put them in the wrong directory or gave them the wrong file names, so that NSS cannot find them. Or they may have changed the shared libraries, but not regenerated the .chk files. If that is the case, and the distro HAS distributed NSS's shlibsign program, then you may be able to remedy this yourself by generating replacements for the missing (or old) .chk files using shlibsign. Instructions on how to use shlibsign may be found at http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn6.html If you don't have the shlibsign executable in your distro, then you have an incomplete distro, and you need to get a complete distro, either by building it yourself, or getting your distro supplier to supply a complete and functional distro. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Thu, Jun 10, 2010 at 10:45:03PM +, Robin H. Johnson wrote: Testcase 2: (see attached minimal C code, based on posts to the list and used in the modutils source AND Mozilla). Bah, forgot the actual file. The testcase has been run on Arch and Fedora now, and both of those cases it works fine. -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 pgpe2R3lhYEfZ.pgp Description: PGP signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: (nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
On Fri, Jun 11, 2010 at 05:59:27AM +, Robin H. Johnson wrote: On Thu, Jun 10, 2010 at 10:45:03PM +, Robin H. Johnson wrote: Testcase 2: (see attached minimal C code, based on posts to the list and used in the modutils source AND Mozilla). Bah, forgot the actual file. The testcase has been run on Arch and Fedora now, and both of those cases it works fine. Ah, no, this list is stripping my code. //- //compile: gcc nss-fipstest.c $(pkg-config --cflags nss) $(pkg-config --libs nss) -o nss-fipstest #include nss.h #include pk11pub.h #include secmod.h /* Define to the default location of the NSS configuration directory. */ #define DEFAULT_CONFIG_DIR /etc/pki/nssdb int main(int argc, char **argv) { const char* configdir = DEFAULT_CONFIG_DIR; int status; status = NSS_NoDB_Init(configdir); if (status != SECSuccess) { fprintf(stderr, Error initializing NSS.\n); return status; } // The way to toggle FIPS mode in NSS is extremely obscure. // Basically, we delete the internal module, and voila it // gets replaced with the opposite module, ie if it was // FIPS before, then it becomes non-FIPS next. SECMODModule *internal; // This function returns us a pointer to a local copy of // the internal module stashed in NSS. We don't want to // delete it since it will cause much pain in NSS. internal = SECMOD_GetInternalModule(); if (!internal) { fprintf(stderr, Failed to get internal module\n); return 1; } fprintf(stderr, Got internal module: %s\n, internal-commonName); SECStatus srv = SECMOD_DeleteInternalModule(internal-commonName); if (srv != SECSuccess) { fprintf(stderr, Failed to delete internal module (%s)\n, internal-commonName); return 1; } return 0; } //- -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 pgpb1XBtRyxwO.pgp Description: PGP signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
(nss-3.12.6) unable to engage FIPS mode: security library: invalid arguments.
I was trying to package up the hmaccalc application from Fedora so we can have it in Gentoo as well, and noticed that it was failing when it tried to engage FIPS mode. Doing some backtracing, it seems FIPS isn't enabling at all on my system, as the DeleteInternalModule call is returning INVALID_ARGS. Testcase 1: # d=/tmp/fips M=modutil -dbdir $d ; mkdir -p $d ; $M -create -force # $M -chkfips true ; $M -fips true -force ; $M -chkfips true FIPS mode disabled. security library: invalid arguments. ERROR: Unable to switch FIPS modes. FIPS mode disabled. # $M -rawlist ; $M -list name=NSS Internal PKCS #11 Module parameters=configdir=/tmp/fips certPrefix= keyPrefix= secmod=secmod.db flags=readOnly NSS=trustOrder=75 cipherOrder=100 slotParams={0x0001=[slotFlags=RSA,RC4,RC2,DES,DH,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,RANDOM askpw=any timeout=30 ] } Flags=internal,critical Listing of PKCS #11 Modules --- 1. NSS Internal PKCS #11 Module slots: 2 slots attached status: loaded slot: NSS Internal Cryptographic Services token: NSS Generic Crypto Services slot: NSS User Private Key and Certificate Services token: NSS Certificate DB --- Testcase 2: (see attached minimal C code, based on posts to the list and used in the modutils source AND Mozilla). Build params: USE_64=1 NSPR_INCLUDE_DIR=`nspr-config --includedir` NSPR_LIB_DIR=`nspr-config --libdir` BUILD_OPT=1 NSS_USE_SYSTEM_SQLITE=1 NSDISTMODE=copy NSS_ENABLE_ECC=1 XCFLAGS=${CFLAGS} FREEBL_NO_DEPEND=1 The only patches applied in Gentoo add some pkconfig bits, -- Robin Hugh Johnson Gentoo Linux: Developer, Trustee Infrastructure Lead E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 pgpold6im0x1N.pgp Description: PGP signature -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto