Gatfield, Geoffrey wrote: > I’m testing with Fips 1.2 and FIPS 1.1.2 and I am having a problem switching > between FIPS-mode and non FIPS-mode. I can enable FIPS mode initially using > FIPS_mode_set(1) but after that if it’s disabled (with FIPS_mode_set(0)) then > re-enabled the library fails with a selftest error. We depend on this working > in our client application because it must be able to switch between FIPS > enabled and non FIPS servers. Is there any way to allow this behavior?
Concentrating on the technical issue and ignoring the merits of switching in and out of FIPS mode (a much broader discussion on that topic belongs elsewhere) there is a simple solution to the issue you've encountered. Note that your application at least should be ensuring that there is no active cryptographic services when you switch modes.
If you add a call to:
RAND_set_rand_method(NULL);
it will reset back to using the default RAND handling. You need to do this after
exiting FIPS mode or before entering FIPS mode to work around this issue. The
internal FIPS logic uses the default RNG to see the FIPS RNG as part of the self
test process and this is not automatically reset back to the non-FIPS handling
logic when leaving FIPS mode.
So where ever you have:
FIPS_set_mode(1);
Change it to:
RAND_set_rand_method(NULL);
FIPS_set_mode(1);
Enabling the error handling strings and printing the error stack also helps when
reporting issues to see what the reason for the failure was. The FIPS code logs
different errors depending on what part of the required self-tests fails to make
it easy for the application developer to know what happened.
Somewhere in the begining of your application code make sure you load the error strings (this is loading just the crypto-related ones) as per usual or you'll just get the error number and need to use 'openssl errstr ERRNUM' to get the text:
ERR_load_crypto_strings();
Then when FIPS_set_mode(1) failed you can call:
ERR_print_errors_fp(stderr);
For this situation it would have shown the following:
22645:error:2406706B:random number generator:FIPS_RAND:no key
set:fips_rand.c:286:
And the benefits of having the source to the module makes it easy to see the
context of the call being the auto-seeding.
Tim.
PGP.sig
Description: PGP signature
