Fedora Crypto Consolidation Project
Steve Grubb
sgrubb at redhat.com
Wed Aug 22 12:32:32 UTC 2007
Hi,
I wanted to announce a new Fedora Project that will span several distro
releases and outline the reasons why we are starting this project. I believe
this issue affects the whole Open Source Community. But don't think anyone
has explained all the issues.
The basic problem is that users want to have high quality, tested crypto that
can meet any certifications that the user wishes to deploy into, is easy to
manage, and works seamlessly across all applications.
Wouldn't it be neat if you could obtain a digital certificate from a CA using
Firefox, and then immediately turn around and use it to ssh to another
machine? Wouldn't it be nice to be able to turn off SSL2 in a central control
panel, and be guaranteed that all apps on your desktop obey that decision?
Wouldn't it be cool if every app needing crypto noticed that you inserted a
smart card, and immediately took advantage of it for operations like signing
email or setting up IPSec connections?
What prevents this is two problems: lack of tested crypto engine and the
proliferation of crypto into many packages. In order to deploy Fedora into
some environments like government or financial settings, you have to have a
crypto engine that passes FIPS 140-2. This certification ensures that the
crypto is correct for the algorithms tested.
The other problem is that there are dozens of packages that implement their
own version of crypto functions. If they make a mistake in one, the others
need to be checked to see if they copied the same bug. Because they are all
implemented separately, no sharing of keys, algorithm selection, or other
configuration data is possible.
The current state of certified crypto is that OpenSSL has passed a level 1
certification on a version that Red Hat has never shipped and therefore
unusable. Then there is NSS which is certified regularly at level 2. A level
1 crypto cert means that its good for use in Single User Mode, while level 2
means its good for multi-user mode. I'm not aware of any other FIPS
certifications of crypto contained within Fedora. So its down to these two.
So, if we want to make crypto easier to manage and enable Fedora's use in
these environments, that leaves us with a choice to make. We looked at
OpenSSL which has been supported well in the community, but it seems to have
a flaw that makes it unsuitable. For some applications like openssh, it draws
the crypto boundary inside the application. Openssh has to handle raw crypto
keys. This means that not only does OpenSSL need FIPS certification, but
openssh does, too.
If the crypto boundary was completely contained within the library and the
library has been FIPS 140-2 certified, many applications will gain the cert
just by linking to it. Its that simple. The only requirement is to follow the
system security policy. Nss only allows applications to have a handle to a
crypto session and the keys are not accessible to the application.
What we'd like to do in order to enable certified crypto is to update some
applications so that they can link against either OpenSSL or NSS. For Fedora,
we would then set the configure option to use NSS. We only want to do 2-3
packages for Fedora 8 and then some more in Fedora 9. We've already converted
some apps, like pam_pkcs11. Apache has mod_nss. We've built some tools to
help with enabling NSS by using an an abstraction library that presents some
of OpenSSL's API for easy conversion, while allowing other upstream users to
continue to use other libraries. Now we want to expand the effort and bring
other packages on-board.
Linux has a plethora of applications which use encryption technologies. Most
of these applications use encryption as a minor part the the application's
main functionality, just as it uses name service, file system services, etc.
Getting these applications on single toolkit will allow new encryption
technologies (like pkix, new crypto algorithms, etc.) to be added without
adding a burden on each of the many applications that use crypto.
We're looking for people interested in enabling NSS in their packages and
feeding the changes upstream.
For those unfamiliar with NSS, its the Secure Sockets library in FireFox.
There are already several applications using it such as Thunderbird and
evolution. More information about it can be found here:
http://www.mozilla.org/projects/security/pki/nss/
For more information about this Fedora Project, please see:
http://fedoraproject.org/wiki/FedoraCryptoConsolidation
Some developer resources:
http://fedoraproject.org/wiki/nss_compat_ossl
And a comparison of crypto libraries:
http://fedoraproject.org/wiki/CryptoConsolidationEval
-Steve Grubb
More information about the devel
mailing list