Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: Improve control of FIPS mode #5181

Closed
wants to merge 14 commits into from
Closed

crypto: Improve control of FIPS mode #5181

wants to merge 14 commits into from

Conversation

stefanmb
Copy link
Contributor

In Issue #3819 requests were made to support a FIPS OpenSSL build of Node.js running in a non-FIPS mode. In PR #3820 an attempt was made to introduce this feature.

In this PR I've attempted to merge all requests and discussion from #3819 and #3820.

The following features are introduced:

  1. Default to FIPS off even in FIPS builds: FIPS mode now has to be explicitly enabled by command line argument, OpenSSL config file, or JavaScript API call.
  2. Add JS API to check and control FIPS mode: Allow JavaScript applications to check if they are executing in FIPS mode and to enable/disable FIPS mode if applicable.
  3. Add command line arguments to force FIPS on/off: --[disable|enable]-fips have been added, and they will override all other options.
  4. Respect OPENSSL_CONF variable and read the config: OpenSSL provides a standard mechanism for reading a config file from the "OPENSSL_CONF" environment variable. Load this config file, which permits, among other things, to control FIPS mode.
  5. Add testing for new features: Test combinations of features from 1 and 4.

As always, I'm open to any suggestions and improvements, especially if there is a better way to pass global options such as the enable/disable flags (instead of extern C variables).

These features were added as a result of discussion in #3819 and #3820, please refer to them for background information.

Note also that going forward we will need to run regression testing in FIPS builds twice: once with FIPS enabled at runtime, and once with FIPS disabled.

@stefanmb
Copy link
Contributor Author

@mhdawson @indutny @shigeki @jasnell @lordjabez @ScarletTanager This PR should include suggestions from all of you, any comments are greatly appreciated. Thanks!

This was referenced Feb 10, 2016
Closed
Closed
@mscdex mscdex added the crypto Issues and PRs related to the crypto subsystem. label Feb 10, 2016
@mscdex
Copy link
Contributor

mscdex commented Feb 10, 2016

Maybe defining a getter/setter simply called fips would be simpler instead of having separate methods?

@mhdawson mhdawson added the semver-major PRs that contain breaking changes and should be released in the next major version. label Feb 10, 2016
@mhdawson
Copy link
Member

Added semver-major tag since it changes default behaviour

indutny
indutny reviewed Feb 10, 2016
View reviewed changes
lib/crypto.js
@@ -645,6 +647,13 @@ exports.getCurves = function() {
return filterDuplicates(getCurves());
};

exports.hasFipsCrypto = function() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: function hasFipsCrypto

@lordjabez
Copy link

This is a great change, and addresses all my concerns. Thanks!

@indutny
Copy link
Member

indutny commented Feb 10, 2016

Overall I have really good impression from the PR. Thank you for your work!

@mhdawson
Copy link
Member

In terms of the command line options I'm wondering about the case were we want it enabled by default but then the application can turn on/off. I also wonder about the need to prevent an app from turning it on. Maybe the following would make sense ?

--enable-fips - enables FIPs, overrides setting in openssl file
--force-fips - enables FIPs. overrides seeting in openss file, app cannot disable

@mhdawson mhdawson self-assigned this Feb 10, 2016
@stefanmb stefanmb force-pushed the fips-switch branch 2 times, most recently from 93df3f6 to bde2dc2 Compare February 10, 2016 22:19
@stefanmb
Copy link
Contributor Author

@mscdex I've switched to using a "crypto.fips" property as you suggested, thanks!
@indutny Thanks for the super quick feedback. I think I've addressed most of your concerns, I now use the 'end' event to validate output and 'data' event to buffer it. The handler is now shared between the FIPS and non-FIPS test branches. I'll double check the formatting issues.
@mhdawson I will remove --disable-fips and add a --force-fips tomorrow, as per our discussion there is no point in having disable-fips since that's the new default, instead we should provide a way to turn it on by default (--enable-fips) and a way to force it (--force-fips, does not allow it to be turned off).

@stefanmb stefanmb mentioned this pull request Feb 23, 2016
Closed
@stefanmb
Copy link
Contributor Author

@mhdawson @indutny I've updated this PR to resolve issues encountered while attempting to setup the CI:

  1. test/common.js still used the stale API (crypto.hasFipsCrypto instead of fips.crypto)

  2. I've updated the testing to survive a polluted environment (i.e. one where OPENSSL_CONF may already be defined, note that OpenSSL will not allow you to set the FIPS mode to on if it's already on, an exception will be thrown).

  3. During CI for a FIPS build we must now run the test suite twice, once with FIPS enabled and once with FIPS disabled. One way to do so is to use the OPENSSL_CONF environment variable, however this will cause test failures for those tests that use opensslCli from test/common.js because the OPENSSL_CONF variable will affect the standalone OpenSSL utilities. We could filter out the OPENSSL_CONF variable from the environment in common.js, but this does not strike me as a clean solution. The alternative is to pass "--enable-fips" to each test, however there was no obvious way to pass the --enable-fips argument through the "make test-ci" target. The "--special-command" argument comes close, but is only able to suffix or prefix the entire invocation. I have made a separate PR to deal with this problem since it outside the scope of this PR: test: allow passing args to executable #5376

@mhdawson
Copy link
Member

LTGM to latest changes, and successful test run in both fiips/non-fips enabled in updated test here: https://ci.nodejs.org/job/node-test-commit-linux-fips-dawson/

Will sync landing this and updating the test job.

One last regular CI run so that we have a current one: https://ci.nodejs.org/job/node-test-pull-request/1752/

@mhdawson
Copy link
Member

CI run is green, landing

mhdawson pushed a commit that referenced this pull request Feb 25, 2016
@stefanmb @mhdawson
crypto: Improve control of FIPS mode
7c48cb5 
Default to FIPS off even in FIPS builds.
Add JS API to check and control FIPS mode.
Add command line arguments to force FIPS on/off.
Respect OPENSSL_CONF variable and read the config.
Add testing for new features.

Fixes: #3819
PR-URL: #5181
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-by: Michael Dawson <michael_dawson@ca.ibm.com>
@mhdawson
Copy link
Member

Landed as 7c48cb5

Updated fits test, CI run here to validate test is updated ok: https://ci.nodejs.org/job/node-test-commit/2345/

@mhdawson
Copy link
Member

CI all good closing

@mhdawson mhdawson closed this Feb 25, 2016
@jasnell jasnell mentioned this pull request Mar 17, 2016
Closed
@jasnell jasnell mentioned this pull request Apr 19, 2016
Closed
This was referenced Apr 21, 2016
Closed
Closed
jasnell added a commit that referenced this pull request Apr 26, 2016
@jasnell
2016-04-26, Version 6.0.0 (Current) Release
f5f573f 
The following significant (semver-major) changes have been made since the
previous Node v5.0.0 release.

* Buffer
  * New Buffer constructors have been added
    [#4682](#4682)
  * Previously deprecated Buffer APIs are removed
    [#5048](#5048),
    [#4594](#4594)
  * Improved error handling [#4514](#4514)
* Cluster
  * Worker emitted as first argument in 'message' event
    [#5361](#5361).
* Crypto
  * Improved error handling [#3100](#3100),
    [#5611](#5611)
  * Simplified Certificate class bindings
    [#5382](#5382)
  * Improved control over FIPS mode
    [#5181](#5181)
  * pbkdf2 digest overloading is deprecated
    [#4047](#4047)
* Dependencies
  * Reintroduce shared c-ares build support
    [#5775](#5775).
  * V8 updated to 5.0.71.31 [#6111](#6111).
* DNS
  * Add resolvePtr API to query plain DNS PTR records
    [#4921](#4921).
* Domains
  * Clear stack when no error handler
  [#4659](#4659).
* File System
  * The `fs.realpath()` and `fs.realpathSync()` methods have been updated
    to use a more efficient libuv implementation. This change includes the
    removal of the `cache` argument and the method can throw new errors
    [#3594](#3594)
  * FS apis can now accept and return paths as Buffers
    [#5616](#5616).
  * Error handling and type checking improvements
    [#5616](#5616),
    [#5590](#5590),
    [#4518](#4518),
    [#3917](#3917).
  * fs.read's string interface is deprecated
    [#4525](#4525)
* HTTP
  * 'clientError' can now be used to return custom errors from an
    HTTP server [#4557](#4557).
* Modules
  * Current directory is now prioritized for local lookups
    [#5689](#5689)
  * Symbolic links are preserved when requiring modules
    [#5950](#5950)
* Net
  * DNS hints no longer implicitly set
    [#6021](#6021).
  * Improved error handling and type checking
    [#5981](#5981),
    [#5733](#5733),
    [#2904](#2904)
* Path
  * Improved type checking [#5348](#5348).
* Process
  * Introduce process warnings API
    [#4782](#4782).
  * Throw exception when non-function passed to nextTick
    [#3860](#3860).
* Readline
  * Emit key info unconditionally
    [#6024](#6024)
* REPL
  * Assignment to `_` will emit a warning.
    [#5535](#5535)
* Timers
  * Fail early when callback is not a function
    [#4362](#4362)
* TLS
  * Rename 'clientError' to 'tlsClientError'
    [#4557](#4557)
  * SHA1 used for sessionIdContext
    [#3866](#3866)
* TTY
  * Previously deprecated setRawMode wrapper is removed
    [#2528](#2528).
* Util
  * Changes to Error object formatting
    [#4582](#4582).
* Windows
  * Windows XP and Vista are no longer supported
    [#5167](#5167),
    [#5167](#5167).
@jasnell jasnell mentioned this pull request Apr 26, 2016
Closed
jasnell added a commit that referenced this pull request Apr 26, 2016
@jasnell
2016-04-26, Version 6.0.0 (Current) Release
c53d296 
The following significant (semver-major) changes have been made since the
previous Node v5.0.0 release.

* Buffer
  * New Buffer constructors have been added
    [#4682](#4682)
  * Previously deprecated Buffer APIs are removed
    [#5048](#5048),
    [#4594](#4594)
  * Improved error handling [#4514](#4514)
* Cluster
  * Worker emitted as first argument in 'message' event
    [#5361](#5361).
* Crypto
  * Improved error handling [#3100](#3100),
    [#5611](#5611)
  * Simplified Certificate class bindings
    [#5382](#5382)
  * Improved control over FIPS mode
    [#5181](#5181)
  * pbkdf2 digest overloading is deprecated
    [#4047](#4047)
* Dependencies
  * Reintroduce shared c-ares build support
    [#5775](#5775).
  * V8 updated to 5.0.71.31 [#6111](#6111).
* DNS
  * Add resolvePtr API to query plain DNS PTR records
    [#4921](#4921).
* Domains
  * Clear stack when no error handler
  [#4659](#4659).
* File System
  * The `fs.realpath()` and `fs.realpathSync()` methods have been updated
    to use a more efficient libuv implementation. This change includes the
    removal of the `cache` argument and the method can throw new errors
    [#3594](#3594)
  * FS apis can now accept and return paths as Buffers
    [#5616](#5616).
  * Error handling and type checking improvements
    [#5616](#5616),
    [#5590](#5590),
    [#4518](#4518),
    [#3917](#3917).
  * fs.read's string interface is deprecated
    [#4525](#4525)
* HTTP
  * 'clientError' can now be used to return custom errors from an
    HTTP server [#4557](#4557).
* Modules
  * Current directory is now prioritized for local lookups
    [#5689](#5689)
  * Symbolic links are preserved when requiring modules
    [#5950](#5950)
* Net
  * DNS hints no longer implicitly set
    [#6021](#6021).
  * Improved error handling and type checking
    [#5981](#5981),
    [#5733](#5733),
    [#2904](#2904)
* Path
  * Improved type checking [#5348](#5348).
* Process
  * Introduce process warnings API
    [#4782](#4782).
  * Throw exception when non-function passed to nextTick
    [#3860](#3860).
* Readline
  * Emit key info unconditionally
    [#6024](#6024)
* REPL
  * Assignment to `_` will emit a warning.
    [#5535](#5535)
* Timers
  * Fail early when callback is not a function
    [#4362](#4362)
* TLS
  * Rename 'clientError' to 'tlsClientError'
    [#4557](#4557)
  * SHA1 used for sessionIdContext
    [#3866](#3866)
* TTY
  * Previously deprecated setRawMode wrapper is removed
    [#2528](#2528).
* Util
  * Changes to Error object formatting
    [#4582](#4582).
* Windows
  * Windows XP and Vista are no longer supported
    [#5167](#5167),
    [#5167](#5167).
jasnell added a commit that referenced this pull request Apr 26, 2016
@jasnell
2016-04-26, Version 6.0.0 (Current) Release
37f2f03 
The following significant (semver-major) changes have been made since the
previous Node v5.0.0 release.

* Buffer
  * New Buffer constructors have been added
    [#4682](#4682)
  * Previously deprecated Buffer APIs are removed
    [#5048](#5048),
    [#4594](#4594)
  * Improved error handling [#4514](#4514)
* Cluster
  * Worker emitted as first argument in 'message' event
    [#5361](#5361).
* Crypto
  * Improved error handling [#3100](#3100),
    [#5611](#5611)
  * Simplified Certificate class bindings
    [#5382](#5382)
  * Improved control over FIPS mode
    [#5181](#5181)
  * pbkdf2 digest overloading is deprecated
    [#4047](#4047)
* Dependencies
  * Reintroduce shared c-ares build support
    [#5775](#5775).
  * V8 updated to 5.0.71.31 [#6111](#6111).
* DNS
  * Add resolvePtr API to query plain DNS PTR records
    [#4921](#4921).
* Domains
  * Clear stack when no error handler
  [#4659](#4659).
* File System
  * The `fs.realpath()` and `fs.realpathSync()` methods have been updated
    to use a more efficient libuv implementation. This change includes the
    removal of the `cache` argument and the method can throw new errors
    [#3594](#3594)
  * FS apis can now accept and return paths as Buffers
    [#5616](#5616).
  * Error handling and type checking improvements
    [#5616](#5616),
    [#5590](#5590),
    [#4518](#4518),
    [#3917](#3917).
  * fs.read's string interface is deprecated
    [#4525](#4525)
* HTTP
  * 'clientError' can now be used to return custom errors from an
    HTTP server [#4557](#4557).
* Modules
  * Current directory is now prioritized for local lookups
    [#5689](#5689)
  * Symbolic links are preserved when requiring modules
    [#5950](#5950)
* Net
  * DNS hints no longer implicitly set
    [#6021](#6021).
  * Improved error handling and type checking
    [#5981](#5981),
    [#5733](#5733),
    [#2904](#2904)
* OS X
  * MACOSX_DEPLOYMENT_TARGET has been bumped up to 10.7
    [#6402](#6402).
* Path
  * Improved type checking [#5348](#5348).
* Process
  * Introduce process warnings API
    [#4782](#4782).
  * Throw exception when non-function passed to nextTick
    [#3860](#3860).
* Readline
  * Emit key info unconditionally
    [#6024](#6024)
* REPL
  * Assignment to `_` will emit a warning.
    [#5535](#5535)
* Timers
  * Fail early when callback is not a function
    [#4362](#4362)
* TLS
  * Rename 'clientError' to 'tlsClientError'
    [#4557](#4557)
  * SHA1 used for sessionIdContext
    [#3866](#3866)
* TTY
  * Previously deprecated setRawMode wrapper is removed
    [#2528](#2528).
* Util
  * Changes to Error object formatting
    [#4582](#4582).
* Windows
  * Windows XP and Vista are no longer supported
    [#5167](#5167),
    [#5167](#5167).
jasnell added a commit that referenced this pull request Apr 26, 2016
@jasnell
2016-04-26, Version 6.0.0 (Current) Release
ce3e3c5 
The following significant (semver-major) changes have been made since the
previous Node v5.0.0 release.

* Buffer
  * New Buffer constructors have been added
    [#4682](#4682)
  * Previously deprecated Buffer APIs are removed
    [#5048](#5048),
    [#4594](#4594)
  * Improved error handling [#4514](#4514)
* Cluster
  * Worker emitted as first argument in 'message' event
    [#5361](#5361).
* Crypto
  * Improved error handling [#3100](#3100),
    [#5611](#5611)
  * Simplified Certificate class bindings
    [#5382](#5382)
  * Improved control over FIPS mode
    [#5181](#5181)
  * pbkdf2 digest overloading is deprecated
    [#4047](#4047)
* Dependencies
  * Reintroduce shared c-ares build support
    [#5775](#5775).
  * V8 updated to 5.0.71.31 [#6111](#6111).
* DNS
  * Add resolvePtr API to query plain DNS PTR records
    [#4921](#4921).
* Domains
  * Clear stack when no error handler
  [#4659](#4659).
* File System
  * The `fs.realpath()` and `fs.realpathSync()` methods have been updated
    to use a more efficient libuv implementation. This change includes the
    removal of the `cache` argument and the method can throw new errors
    [#3594](#3594)
  * FS apis can now accept and return paths as Buffers
    [#5616](#5616).
  * Error handling and type checking improvements
    [#5616](#5616),
    [#5590](#5590),
    [#4518](#4518),
    [#3917](#3917).
  * fs.read's string interface is deprecated
    [#4525](#4525)
* HTTP
  * 'clientError' can now be used to return custom errors from an
    HTTP server [#4557](#4557).
* Modules
  * Current directory is now prioritized for local lookups
    [#5689](#5689)
  * Symbolic links are preserved when requiring modules
    [#5950](#5950)
* Net
  * DNS hints no longer implicitly set
    [#6021](#6021).
  * Improved error handling and type checking
    [#5981](#5981),
    [#5733](#5733),
    [#2904](#2904)
* OS X
  * MACOSX_DEPLOYMENT_TARGET has been bumped up to 10.7
    [#6402](#6402).
* Path
  * Improved type checking [#5348](#5348).
* Process
  * Introduce process warnings API
    [#4782](#4782).
  * Throw exception when non-function passed to nextTick
    [#3860](#3860).
* Readline
  * Emit key info unconditionally
    [#6024](#6024)
* REPL
  * Assignment to `_` will emit a warning.
    [#5535](#5535)
* Timers
  * Fail early when callback is not a function
    [#4362](#4362)
* TLS
  * Rename 'clientError' to 'tlsClientError'
    [#4557](#4557)
  * SHA1 used for sessionIdContext
    [#3866](#3866)
* TTY
  * Previously deprecated setRawMode wrapper is removed
    [#2528](#2528).
* Util
  * Changes to Error object formatting
    [#4582](#4582).
* Windows
  * Windows XP and Vista are no longer supported
    [#5167](#5167),
    [#5167](#5167).
jasnell added a commit that referenced this pull request Apr 26, 2016
@jasnell
2016-04-26, Version 6.0.0 (Current) Release
1a29a57 
The following significant (semver-major) changes have been made since the
previous Node v5.0.0 release.

* Buffer
  * New Buffer constructors have been added
    [#4682](#4682)
  * Previously deprecated Buffer APIs are removed
    [#5048](#5048),
    [#4594](#4594)
  * Improved error handling [#4514](#4514)
* Cluster
  * Worker emitted as first argument in 'message' event
    [#5361](#5361).
* Crypto
  * Improved error handling [#3100](#3100),
    [#5611](#5611)
  * Simplified Certificate class bindings
    [#5382](#5382)
  * Improved control over FIPS mode
    [#5181](#5181)
  * pbkdf2 digest overloading is deprecated
    [#4047](#4047)
* Dependencies
  * Reintroduce shared c-ares build support
    [#5775](#5775).
  * V8 updated to 5.0.71.31 [#6111](#6111).
* DNS
  * Add resolvePtr API to query plain DNS PTR records
    [#4921](#4921).
* Domains
  * Clear stack when no error handler
  [#4659](#4659).
* File System
  * The `fs.realpath()` and `fs.realpathSync()` methods have been updated
    to use a more efficient libuv implementation. This change includes the
    removal of the `cache` argument and the method can throw new errors
    [#3594](#3594)
  * FS apis can now accept and return paths as Buffers
    [#5616](#5616).
  * Error handling and type checking improvements
    [#5616](#5616),
    [#5590](#5590),
    [#4518](#4518),
    [#3917](#3917).
  * fs.read's string interface is deprecated
    [#4525](#4525)
* HTTP
  * 'clientError' can now be used to return custom errors from an
    HTTP server [#4557](#4557).
* Modules
  * Current directory is now prioritized for local lookups
    [#5689](#5689)
  * Symbolic links are preserved when requiring modules
    [#5950](#5950)
* Net
  * DNS hints no longer implicitly set
    [#6021](#6021).
  * Improved error handling and type checking
    [#5981](#5981),
    [#5733](#5733),
    [#2904](#2904)
* OS X
  * MACOSX_DEPLOYMENT_TARGET has been bumped up to 10.7
    [#6402](#6402).
* Path
  * Improved type checking [#5348](#5348).
* Process
  * Introduce process warnings API
    [#4782](#4782).
  * Throw exception when non-function passed to nextTick
    [#3860](#3860).
* Readline
  * Emit key info unconditionally
    [#6024](#6024)
* REPL
  * Assignment to `_` will emit a warning.
    [#5535](#5535)
* Timers
  * Fail early when callback is not a function
    [#4362](#4362)
* TLS
  * Rename 'clientError' to 'tlsClientError'
    [#4557](#4557)
  * SHA1 used for sessionIdContext
    [#3866](#3866)
* TTY
  * Previously deprecated setRawMode wrapper is removed
    [#2528](#2528).
* Util
  * Changes to Error object formatting
    [#4582](#4582).
* Windows
  * Windows XP and Vista are no longer supported
    [#5167](#5167),
    [#5167](#5167).
@gibfahn gibfahn mentioned this pull request Jan 21, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@mhdawson mhdawson

Labels
crypto Issues and PRs related to the crypto subsystem. semver-major PRs that contain breaking changes and should be released in the next major version.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@stefanmb @mscdex @mhdawson @lordjabez @indutny @jelmd @chrisamoore