subject:"AES key wrap feature unavailable in FIPS mode OpenSSL\?"

Re: AES key wrap feature unavailable in FIPS mode OpenSSL?

2013-04-24 Thread Cipher

Hi,
given the point this was posted in 2011, i hope this is resolved and i can
get some help with my problem!
I have a similar problem with openssl 1.0.1c compiled with FIPS 2.0.2  and
OPENSSH 6.1p1.
Here is the debug mode of sshd with aes256-ctr cipher

FIPS mode initialized
debug1: inetd sockets after dupping: 3, 3
Connection from 127.0.0.1 port 51395
debug1: Client protocol version 2.0; client software version OpenSSH_5.5p1
Debian-6+squeeze1
debug1: match: OpenSSH_5.5p1 Debian-6+squeeze1 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.1
debug1: permanently_set_uid: 101/65534 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client-server aes256-ctr hmac-sha1 none [preauth]
debug1: kex: server-client aes256-ctr hmac-sha1 none [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent [preauth]
aes_misc.c(73): OpenSSL internal error, assertion failed: Low level API call
to cipher AES forbidden in FIPS mode!
debug1: do_cleanup 

Any help is highly appreciated. Also i read in some threads that i have to
use EVPs. How to use them? Is there a related patch?

Thanks.




--
View this message in context: 
http://openssl.6102.n7.nabble.com/AES-key-wrap-feature-unavailable-in-FIPS-mode-OpenSSL-tp18237p44865.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

AES key wrap feature unavailable in FIPS mode OpenSSL?

2011-10-26 Thread Bill Durant

Hello,

Has the AES key wrap feature been removed from the nightly OpenSSL in FIPS 
mode?  

I have built a FIPS-capable OpenSSL using the following:

ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111025.tar.gz

ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111025.tar.gz

When I call AES_set_encrypt_key(), while in FIPS mode, I get the following 
abort:

.\crypto\aes\aes_misc.c(73): OpenSSL internal error, assertion failed: Low level
 API call to cipher AES forbidden in FIPS mode! 

I can see that this is intentional per crypto\aes\aes_misc.c:

 67 /* FIPS wrapper functions to block low level AES calls in FIPS mode */
 68 
 69 int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
 70 AES_KEY *key)
 71 {
 72 #ifdef OPENSSL_FIPS
 73 fips_cipher_abort(AES);
 74 #endif
 75 return private_AES_set_encrypt_key(userKey, bits, key);
 76 }

No such abort occurs with a FIPS-capable OpenSSL using the following:

http://openssl.org/source/openssl-0.9.8r.tar.gz

http://openssl.org/source/openssl-fips-1.2.3.tar.gz

Is there an alternate way to do AES key wrap using the nightly OpenSSL in FIPS 
mode?

Thanks,

Bill


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: AES key wrap feature unavailable in FIPS mode OpenSSL?

2011-10-26 Thread Jakob Bohm


On 10/26/2011 9:43 PM, Bill Durant wrote:

Hello,

Has the AES key wrap feature been removed from the nightly OpenSSL in FIPS mode?

I have built a FIPS-capable OpenSSL using the following:

ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111025.tar.gz

ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111025.tar.gz

When I call AES_set_encrypt_key(), while in FIPS mode, I get the following 
abort:

.\crypto\aes\aes_misc.c(73): OpenSSL internal error, assertion failed: Low level
  API call to cipher AES forbidden in FIPS mode!

I can see that this is intentional per crypto\aes\aes_misc.c:

  67 /* FIPS wrapper functions to block low level AES calls in FIPS mode */
  68
  69 int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
  70 AES_KEY *key)
  71 {
  72 #ifdef OPENSSL_FIPS
  73 fips_cipher_abort(AES);
  74 #endif
  75 return private_AES_set_encrypt_key(userKey, bits, key);
  76 }
Note: This looks buggy to me.  If fips_cipher_abort() is a 
function/macro which never returns, then
the return line should be in a #else conditional so compilers don't 
waste memory creating code to

actually do the call.


No such abort occurs with a FIPS-capable OpenSSL using the following:

http://openssl.org/source/openssl-0.9.8r.tar.gz

http://openssl.org/source/openssl-fips-1.2.3.tar.gz

Is there an alternate way to do AES key wrap using the nightly OpenSSL in FIPS 
mode?
More to the point: Is the FIPS module limited to a subset of the FIPS

approved modes of operation?

Can it do the NIST specified (badly designed!) key wrap mode, which
unnecessarily helps attackers by including a MAC of the wrapped key?

Can it do traditional modes (ECB, CBC, CFB, OFB)?

Can it do the new FIPS modes (CTR, GCM)?

Can it do the various modes from the modes workshop days (ABC, XCBC,
the flawed CBC-MAC etc.)?

Can the key and/or IV be set directly?

Can the key and/or IV be set to the output of an approved RNG?

Can the key and/or IV be set from a decrypted wrapped key?

Can the key and/or IV be set from the output of an approved hash algorithm?

Can the key and/or IV be set from one of the approved DH variants, with 
all of

the parametric variations permitted?

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: AES key wrap feature unavailable in FIPS mode OpenSSL?

AES key wrap feature unavailable in FIPS mode OpenSSL?

Re: AES key wrap feature unavailable in FIPS mode OpenSSL?

3 matches

Site Navigation

Mail list logo

Footer information