On 4/25/2013 1:40 PM, Cipher wrote:
Hi,
For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a
configuration option to use *only* TLSv1.2 ciphers?
we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does
not support TLSv1.1/TLSv1.2 option.
Which version of the OpenSSL library was it built with? Anything less
than 1.0.1 will not allow TLSv1.2, and will not work with the current
FIPS-certified module 2.0.
Due to known security fixes, be sure to use Apache/mod_ssl 2.2.24 or
later with OpenSSL 1.0.1e or later. Apache 2.2.24 includes security
fixes, and some TLSv1.2 related fixes.
I it was built against OpenSSL library 1.0.1, you can use the
SSLCipherSuite directive to limit the set of ciphersuites that will
work. Also note that the parser for this option in earlier OpenSSL
library 1.0.1 patch releases had bugs in the handling of TLSv1.2
related names, so be sure to use the current OpenSSL library version 1.0.1e.
According to <http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>, when
built against OpenSSL library 1.0.1e with FIPS module 2.0, mod_ssl
2.2.23 or later *does* support the specification of the TLSv1.2 protocol
in the SSLProtocol directive.
And please be sure to filter the correct aspect of your setup, as there
are 4 independent directives that affect *different* security parameters:
# Only use the cipher suites that are new for TLS version 1.2,
# regardless of their security or lack thereof.
# The value of this option is parsed by the OpenSSL library and the
# mod_ssl documentation of its possible values is hopelessly
# outdated, for instance the value "HIGH" and "MEDIUM" do not mean
# what that outdated document says.
SSLCipherSuite TLSv1.2
# Only use the version 1.2 handshake and encryption protocol, this
# does not prevent negotiating a weak encryption such as
# 56 bit single DES.
# This option is new in Apache mod_ssl 2.2.23
SSLProtocol TLSv1.2
# Only use FIPS-approved algorithms in FIPS-validated implementations,
# this is required for US Government work but prevents the use of
# security improvements that have not made it through the bureaucracy
# yet.
SSLFIPS on
# Prevent a traffic-analysis attack on some types of cookie-
# authentication. These attacks only work if they can trick the users
# browser into repeatedly sending their secret cookie with different
# attacker-chosen HTTP header values, thus giving different compressed
# size depending on which letters are in common between the cookie and
# the attackers values. These attacks are called CRIME attacks.
# A better defense against these attacks is to cancel (server side!) the
# validity of any authentication cookie repeatedly received with wrong
# or modified URLs or other header parameters.
# Regardless, some security auditors currently insist that all data
# compression of encrypted connections is disabled wholesale
# regardless of other security measures taken against these attacks.
# This option is new in Apache mod_ssl 2.2.24
SSLCompression off
if there is no config option, which functions need to be changed to support
only TLSv1.2 in FIPS mode?(If the list is not so long)
any inputs are highly appreciated.
Thanks,
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
