Wednesday, September 10, 2014

FIPS 140-2

Federal Information Processing Standard (FIPS) Publication 140-2: Security Requirements for Cryptographic Modules

RHEL 6 FIPS 140-2 compliant https://access.redhat.com/solutions/137833

Resolution

Red Hat Enterprise Linux 6 is now certified for FIPS compliance. Please see Government standards

Prerequisites

dracut-fips and optionally dracut-fips-aesni
libgcrypt
nss-tools
openswan
openssh-clients
openssh-server
openssl

Steps to Configure

Edit /etc/sysconfig/prelink and disable prelinking.
  • Note: This file is provided by the prelink package, if this is not installed you can skip this step.
PRELINKING=no
Run command prelink and revert binaries and libraries to their original content before they were prelinked.
# prelink -u -a
Install the appropriate FIPS enabled version of dracut.
# yum install dracut-fips 
If using AESNI(Advanced Encryption Standard Instruction Set) install dracut-fips-aesni.
# yum-config-manager --enable rhel-6-server-optional-rpms
# yum install dracut-fips-aesni
Note: you will need to add the Server Optional RPMs repository for dracut-fips-aesni.

Back up your current /boot/initramfs image, and run dracut with the -f flag to build a new FIPS enabled initramfs.
# cp /boot/initramfs-2.6.32-358.el6.x86_64.img /boot/initramfs-nofips-2.6.32-358.el6.x86_64.img
# dracut -v -f
Edit /etc/grub.conf and append fips=1 to the kernel line.
If the /boot or /boot/efi resides on a separate partition the kernel parameterboot=<partition of /boot or /boot/efi must also be added.
Note: the /boot partition must be on a separate partition and not part of the / partition.
Missing this step can result in a failure of the FIPS integrity test at boot, noted in the following article:
Use df /boot to figure out what goes into the boot parameter and append it to the kernel line in/etc/grub.conf.
kernel /vmlinuz quiet rhgb ... fips=1 boot=/dev/sda1
Reboot the host.
# reboot
At this point in time the Kernel is running in FIPS mode following the Kernel Crypto API Cryptographic Module and its security policies.

While the Kernel is running in FIPS mode not all other services / tools are (unless they are FIPS aware). In the cases where tools are not FIPS aware you will need to do some additional configuration.
Example:
Edit /etc/ssh/sshd_config and add the following. Protocol 2 should already be uncommented in most cases.
- Note: also configure SSHD / SSH to use pre-defined list of ciphers.
Protocol 2
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
Macs hmac-sha1
Run the Netscape Cryptographic Module Utility and enable FIPS mode.
- IE: Create a FIPS compliant keystore/truststore.
# modutil -fips true -dbdir /etc/ipsec.d

Diagnostic Steps

Verify that FIPS has been enabled, the below will return "1" if FIPS is enabled.
# cat /proc/sys/crypto/fips_enabled
If using dracut-fips-aesni verify the AES modules are loaded
# lsmod | grep aes

aesni_intel            12915  0 
cryptd                  8006  1 aesni_intel
aes_x86_64              7914  1 aesni_intel
aes_generic            27609  2 aesni_intel,aes_x86_64

RHEL 5 FIPS 140-2 compliant https://access.redhat.com/articles/38655

Resolution

Ensure access to the following accredited packages is available:
|**Name**|**Version**|
|-|-|
|kernel|2.6.18-164.2.1.el5|
|libgcrypt|1.4.4-5.el5|
|openssl|0.9.8e-12.el5|
|openswan|2.6.21-5.el5_4.3|
|nss|3.12.6-2.el5_4|
|selinux-policy|2.4.6-255.el5_4.2|
|fipscheck-lib|1.2.0-1.el5|

Kernel

Verify the version of libgcrypt running is 1.4.4-5.el5 [1].
rpm -qi libgcrypt
Ensure prelinking is disabled [1]:
change the line "PRELINKING=yes" to "PRELINKING=no" in /etc/sysconfig/prelink
If the libraries were already prelinked, the prelink should be  undone on all the system files using the following command [5]:
prelink -u -a 
Recreate the initial RAM disk [1].
for x86_64 based platforms:
mkinitrd --with-fips -f /boot/initrd-$(uname -r).img $(uname -r)
for IA64 based platforms:
mkinitrd --with-fips -f /boot/efi/efi/redhat/initrd-$(uname -r).img $(uname -r)
Append the following to the current Linux kernel line in the /etc/grub.conf [1].
fips=1
For example:
# grub.conf generated by anaconda  
#  
# Note that you do not have to rerun grub after making changes to this file  
# NOTICE:  You have a /boot partition.&nbsp; This means that  
# all kernel and initrd paths are relative to /boot/, eg.  
# root (hd0,0)  
# kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00  
# initrd /initrd-version.img  
# boot=/dev/vda  
default=0  
timeout=5  
splashimage=(hd0,0)/grub/splash.xpm.gz  
hiddenmenu  
title Red Hat Enterprise Linux Server (2.6.18-194.el5)  
  root (hd0,0)  
  kernel /vmlinuz-2.6.18-194.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet fips=1  
  initrd /initrd-2.6.18-194.el5.img
To verify that FIPS mode is enabled, check the contents of /proc/sys/crypto/fips_enabled [6]
cat /proc/sys/crypto/fips_enabled
If the value returned is 1 then FIPS mode is enabled, if the value returned is 0 then FIPS mode is disabled.
If in the future you need to update the kernel, a new FIPS enabled initrd will be built automatically if mkinitrd sees that  /proc/sys/crypto/fips_enabled has a 1 in it. So, once you are in FIPS mode, the kernel will continue to stay in FIPS mode across updates.

OpenSSH

If using OpenSSH Server or Client, ensure the following values are set in the/etc/ssh/sshd_config and ~/.ssh/config file respectively [3][4]:
  • Either no "Ciphers" option or the option with a subset out of  "aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc";
  • Either no "MACs" option or the option with "hmac-sha1";
  • "Protocol 2" must be specified.
To check if changes to the sshd_config need to be made the following checks can be run:
#egrep -i 'aes128-ctr|aes192-ctr|aes256-ctr|aes128-cbc|3des-cbc|aes192-cbc|aes256-cbc' /etc/ssh/sshd_config
#egrep -i 'hmac' /etc/ssh/sshd_config
#egrep -i 'protocol' /etc/ssh/sshd_config
Make changes to meet these requirements.

OpenSSL

Verify the version of openssl running is 0.9.8e-12.el5 [5].
rpm -qi openssl

Openswan

Verify the version of openswan running is 2.6.21-5.el5_4.3 [6]:
rpm -qi openswan
Verify the version of nss running is 3.12.6-2.el5_4 [6]:
rpm -qi nss
Verify the version of selinux-policy is 2.4.6-255.el5_4.2 [6]:
rpm -qi selinux-policy
The database for the cryptographic keys used by the pluto daemon must be initialized after it has been created as documented in the README.nss documentation with the following command assuming that the database is stored in the directory /etc/ipsec.d/
modutil -fips true -dbdir /etc/ipsec.d