On Wed, Jun 23, 2004, Marquess, Steve Mr JMLFDC wrote: > On Tuesday, June 22, 2004 1:06 PM Dr. Stephen Henson wrote: > > >> So far I've been pestering Ben directly, but now that we've reached > >> the formal submission watershed I'd like to ask for assistance of > >> the larger developer team. Two patches are enclosed. One removes > >> non-FIPS algorithms from the SSL ciphersuite. The other attempts to > >> disable non-FIPS algorithms at a fairly low level using NID ids. > >> > > > >It looks like the NID approach is checking a list of unapproved algorithms and > >returning false otherwise returning true. > > > >New algorithms can be added and new NIDs assigned including some > >external implementations which may use invalid NIDs which would become > >acceptable with that logic. > > > >I'd recommend the reverse: maintain a table of approved NIDs and use return > >true otherwise return false. > > You have a good point. I wanted to do a lookup table but couldn't figure > out a clean way to do so using the NID id macros. Suggestions...? >
The NID macros are just constant values, you could just have an array of these, better still would be an array in numerical order which a binary search could be done on... however I think the EVP_CIPHER/EVP_MD flag approach may be best if possible. > > >I'd say a better approach is to include a flag in the EVP_CIPHER and EVP_MD > >structures which is set for an FIPS certified implementation. > > > >This would also need some code to ensure that a none FIPS implementation can't > >become the default algorithm or perhaps can't be added at all. > > I'm not sure I follow you (I'm not all that familiar with OpenSSL, and in > fact haven't done any real programming for many years). Do you mean a > flag in EVP_CIPHER and EVP_MD would replace the NID check? How would this > flag be set? > The flag would be set in the definitions of the EVP_CIPHER and EVP_MD structures if the FIPS compilation flag is set. This would also allow FIPS and none FIPS implementations of the same algorithms to coexist. If you look at crypto/evp/m_sha1.c there is a definition of the EVP_MD structure for SHA1. The fourth value (currently 0) is the 'flags' field which would be set to (for example) EVP_FIPS_MD where EVP_FIPS_MD is set to some convenient value if the FIPS preprocessor symbol is set and 0 otherwise. The EVP_CIPHER cases are more complex because they are defined by macros but a similar thing could be done. Then the EVP routines would just check to see if EVP_FIPS_MD or EVP_FIPS_CIPHER is set in the flags field in FIPS mode. That would make it impossible to call non-FIPS algorithms via EVP in FIPS mode. However that isn't likely to be the whole story... Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
