On 29/10/2021 16:40, Cristian Andrei Sandu wrote:
Hi all,
I’m currently updating an application from OpenSSL 1.0.2d to OpenSSL
3.0.0 in preparation for a FIPS 140-2 submission and I’m not sure how to
approach the issue of induced failures for the power on self tests.
In OpenSSL 1.0.2d we used to use |FIPS_post_set_callback()||||for this
purpose, by setting a callback that would trigger a failure of a
specific test.|
||
The OpensSSL 3.0.0 design states that “/Any special case code needed to
return intermediate values (say for CAVS key generation), to display
info (self test states), or change the normal flow of FIPS module code
(e.g - self test failure or failing a keygen loop that supplies fixed
rand values) will be controlled by *embedding callbacks into the FIPS
module code*.”/
Could you give me some pointers on what would be the best approach for
this in OpenSSL 3.0.0? Am I supposed to use the OSSL_SELF_TEST_* APIs
to replace the fips_self_test() callback inside the FIPS module or do I
somehow need to patch the FIPS provider with new functionality? Any help
would be greatly appreciated.
See the OSSL_PROVIDER-FIPS man page here:
https://www.openssl.org/docs/man3.0/man7/OSSL_PROVIDER-FIPS.html
In particular see the section "SELF TESTING".
See also the man page for OSSL_SELF_TEST_set_callback here:
https://www.openssl.org/docs/man3.0/man3/OSSL_SELF_TEST_set_callback.html
The information on self testing for provider authors may also be useful:
https://www.openssl.org/docs/man3.0/man3/OSSL_SELF_TEST_new.html
Basically you have to provide a callback which will get invoked during
the self test. The return value from that callback can induce failures.
There's an example callback on the OSSL_PROVIDER-FIPS man page I linked
above which shows how to induce a corruption in the SHA1 testing.
Matt
