Re: NSS_NoDB_Init(".") and FIPS mode

[Robert Relyea]

On 03/18/2016 01:55 PM, Wan-Teh Chang wrote:

On Fri, Mar 18, 2016 at 10:49 AM, Robert Relyea  wrote:

Yes, SECMOD_DeleteInternalModule() is a toggle which switches NSS between
FIPS and non-FIPS. If you don't have a database open, or the database is
open readOnly, the change only affects the running program.

Hi Bob,

Your answer surprised me. The latest NSS FIPS 140-2 Security Policy at
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2564.pdf
says user passwords are stored in salted form in the key database
(Table 8 on page 26). So I don't understand how NSS can operate in
FIPS mode without an NSS database. I guess without an NSS database the
NSS crypto module will only provide services that don't require user
authentication, such as hashing and random number generation?
The new softokn allows you to run in level 1. If you don't have a 
database, or the database is set without a password, then NSS is running 
in FIPS-140 Level 1 mode and does not require a password.


This allows NSS to run in fips mode based on a system FIPS flag (which 
linux has) without massive breakage. If you need level 2 however, you 
must have a database and you must set the password. NSS will allow you 
to switch from level 1 to level 2, but not vice versa.


bob


Thanks,
Wan-Teh Chang





smime.p7s
Description: S/MIME Cryptographic Signature
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: NSS_NoDB_Init(".") and FIPS mode

[Andrew Cagney]

On 18 March 2016 at 16:55, Wan-Teh Chang  wrote:

> On Fri, Mar 18, 2016 at 10:49 AM, Robert Relyea 
> wrote:
> >
> > Yes, SECMOD_DeleteInternalModule() is a toggle which switches NSS between
> > FIPS and non-FIPS. If you don't have a database open, or the database is
> > open readOnly, the change only affects the running program.
>
> Hi Bob,
>
> Your answer surprised me. The latest NSS FIPS 140-2 Security Policy at
> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp2564.pdf
> says user passwords are stored in salted form in the key database
> (Table 8 on page 26). So I don't understand how NSS can operate in
> FIPS mode without an NSS database. I guess without an NSS database the
> NSS crypto module will only provide services that don't require user
> authentication, such as hashing and random number generation?
>
>
Some more background,

Per my earlier e-mail, I'm trying to run HMAC (specifically, using
alghmac.h) using a "published" value as the key.  I've also got several
versions of this code:

- this one which puts NSS into what I'll call "memory only" FIPS mode; the
result is relatively close to OpenSSL
https://bitbucket.org/cagney/fipscheck/branch/nss

- an alternative that takes an NSS-DB and uses that to put NSS into FIPS
mode
https://bitbucket.org/cagney/fipscheck/branch/nss-db

The interesting thing about the latter is that, even though I initially
included code to provide the password to unlock the DB, that code never
executed.  To me this made sense since I'm not manipulating secure keys; I
just need secured algorithms.

Andrew


Thanks,
> Wan-Teh Chang
> --
> dev-tech-crypto mailing list
> dev-tech-crypto@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
>
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: NSS_NoDB_Init(".") and FIPS mode

[Andrew Cagney]

On 18 March 2016 at 13:49, Robert Relyea  wrote:

> On 03/18/2016 09:14 AM, Andrew Cagney wrote:
>
>> Is it possible to put NSS (softtoken) in FIPS mode (PK11_IsFIPS()) without
>> a "modutil -fips true" database?
>>
>> By FIPS mode I guess I really mean confirm that NSS has performed some
>> sort
>> of FIPS self-check.
>>
>> An earlier thread mentioned some way of toggling things using
>> SECMOD_DeleteInternalModule()?
>>
> Yes, SECMOD_DeleteInternalModule() is a toggle which switches NSS between
> FIPS and non-FIPS. If you don't have a database open, or the database is
> open readOnly, the change only affects the running program.
>

I guess I just pass it the current internal module's common name vis:

NSS_NoDB_Init(".");
if (!PK11_IsFIPS()) {
SECMODModule *internal = SECMOD_GetInternalModule();
debug_log("Deleting internal module %s", internal->commonName);
SECMOD_DeleteInternalModule(internal->commonName);
}
debug_log("FIPS: %s", PK11_IsFIPS() ? "yes" : "no");

 which seems to work:

Deleting internal module NSS Internal PKCS #11 Module
FIPS: yes

thanks!


bob
>
>>
>> Andrew
>>
>
>
>
> --
> dev-tech-crypto mailing list
> dev-tech-crypto@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
>
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

NSS_NoDB_Init(".") and FIPS mode

[Andrew Cagney]

Is it possible to put NSS (softtoken) in FIPS mode (PK11_IsFIPS()) without
a "modutil -fips true" database?

By FIPS mode I guess I really mean confirm that NSS has performed some sort
of FIPS self-check.

An earlier thread mentioned some way of toggling things using
SECMOD_DeleteInternalModule()?

Andrew
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Re: NSS_NoDB_Init(".") and FIPS mode

[Robert Relyea]

On 03/18/2016 09:14 AM, Andrew Cagney wrote:

Is it possible to put NSS (softtoken) in FIPS mode (PK11_IsFIPS()) without
a "modutil -fips true" database?

By FIPS mode I guess I really mean confirm that NSS has performed some sort
of FIPS self-check.

An earlier thread mentioned some way of toggling things using
SECMOD_DeleteInternalModule()?
Yes, SECMOD_DeleteInternalModule() is a toggle which switches NSS 
between FIPS and non-FIPS. If you don't have a database open, or the 
database is open readOnly, the change only affects the running program.


bob


Andrew





smime.p7s
Description: S/MIME Cryptographic Signature
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto