Fix SSLv3 detection with AWS-LC #4361
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
goatgoose
force-pushed
the
sslv3-awslc
branch
2 times, most recently
from
1dc6cf3 to
13dd469
Compare
goatgoose
force-pushed
the
sslv3-awslc
branch
from
fcdae5a to
22b0221
Compare
goatgoose
force-pushed
the
sslv3-awslc
branch
from
22b0221 to
d6329d5
Compare
goatgoose
force-pushed
the
sslv3-awslc
branch
from
19b9242 to
73107c3
Compare
goatgoose
changed the title
lrstewart
reviewed
Jan 24, 2024
goatgoose
force-pushed
the
sslv3-awslc
branch
from
639d975 to
175e6ed
Compare
maddeleine
approved these changes
Jan 25, 2024
lrstewart
approved these changes
Jan 25, 2024
|
This change can be tested in the integration tests now that @maddeleine added SSLv3 support in #4372. I updated the tests to not skip SSLv3 in FIPS mode with AWS-LC. This can be confirmed by observing the SSLv3 tests that run in the AWS-LC-FIPS/AWS-LC-FIPS 2022 happy path jobs. |
maddeleine
approved these changes
Jan 26, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
Currently when s2n-tls is in FIPS mode, the SSLv3 HMAC algorithms are disabled. This prevents SSLv3 from being used in FIPS mode, which is a valid use case for customers using the same FIPS build of s2n-tls for FIPS and non-FIPS endpoints.
Note that restricting SSLv3 for FIPS-compliance is unrelated to this issue, and determined by selecting a FIPS-compatible s2n-tls security policy, not by the MD5/SSLv3 runtime checks. This change does not impact the s2n-tls FIPS-compatible security policies, which are not able to negotiate SSLv3.
The runtime check exists due to how the FIPS build of OpenSSL behaves. By default, OpenSSL disables MD5 at runtime when FIPS mode is enabled, which is required for SSLv3. This causes EVP_DigestInit calls to fail, unless md5 is explicitly enabled.
s2n_hmac_is_available()isn't actually necessary to disable SSLv3 with OpenSSL-FIPS since attempting to use md5 later will fail, but it is used in tests to determine if the tests should be run or not.This PR updates
s2n_hmac_is_available()to indicate that the SSLv3 HMAC algorithms are available with AWS-LC, since AWS-LC-FIPS doesn't disable any functionality in FIPS mode. This allows SSLv3 to be negotiated with non-FIPS security policies that allow SSLv3.Call-outs:
Adding an exception for AWS-LC essentially means we're bypassing the need to explicitly enable MD5 for the SSLv3 PRF when linked with AWS-LC. An alternative solution for this would be to just remove all of the logic for enabling/checking the status of MD5 and have it always be enabled on hash init. This would make OpenSSL-FIPs behave like AWS-LC-FIPS where MD5 functionality is always available, and we wouldn't need separate logic for OpenSSL and AWS-LC. This is a much bigger change, though.
I used cbmc/stubs/s2n_is_in_fips_mode.c as a reference for writing the s2n_libcrypto_is_awslc stub.
Testing:
I added a new self-talk unit test for SSLv3 which runs with AWS-LC-FIPS.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.