[BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

Kamal, Murali

Hi All,

 

We are observing the following error when using BC FIPS with SSL Enabled.

 

SSL Certificate Generated using

·         Signature Algorithm – sha256RSA

·         Signature Hash Algorithm – sha256

 

2017/02/10 18:08:29.949 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-1/HMAC

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/10 18:08:29.949 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/10 18:08:29.949 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/10 18:08:29.949 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.NioBlockingSelector.write(NioBlockingSelector.java:101)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioSelectorPool.write(NioSelectorPool.java:157)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.doWrite(NioEndpoint.java:1241)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.doWrite(SocketWrapperBase.java:670)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flushBlocking(SocketWrapperBase.java:607)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flush(SocketWrapperBase.java:597)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.flushBuffer(Http11OutputBuffer.java:519)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.finishResponse(Http11OutputBuffer.java:318)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.finishResponse(Http11Processor.java:1472)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessor.action(AbstractProcessor.java:264)

2017/02/10 18:08:29.950 |       at org.apache.coyote.Response.action(Response.java:168)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:273)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.Response.finishResponse(Response.java:484)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:379)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1437)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

2017/02/10 18:08:29.951 |       at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

2017/02/10 18:08:29.951 |       at java.lang.Thread.run(Thread.java:745)

2017/02/10 18:08:29.951 |

 

Do we need any other setting/config at the tomcat layer or is there any FIPS specific requirement for SSL Certificate?

 

We restricted the allowed Cipher Suites to use SHA-256, but now receiving the error with SHA-256.

 

2017/02/12 00:05:44.375 | SEVERE: Error processing request

2017/02/12 00:05:44.375 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/12 00:05:44.375 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/12 00:05:44.375 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/12 00:05:44.375 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/12 00:05:44.375 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

 

Then, we modified the tomcat server.xml to restrict the cipher suites to the below list based on this link  https://www.owasp.org/index.php/Securing_tomcat#Sample_Configuration_-_Better_Security and removed SHA-1 based cipher suites;

Now, we are able to login from Chrome and Firefox but not from IE 11. With IE11, error persists with SHA-256. 

org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC   

Per https://wiki.openssl.org/index.php/FIPS_mode_and_TLS running openssl ciphers -v "TLSv1.2+FIPS:kRSA+FIPS:!eNULL:!aNULL" also lists the same set of Cipher suites we used (“TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256”). 

Could someone help in pointing the minor thing that we are still missing in the SSL configuration when using the IE browser? 

Regards,

Murali Kamal

Reply | Threaded
Open this post in threaded view
|

Re: [BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

David Hook

You will only see this if you are attempting to pass CSPs between approved and non-approved mode threads.

It is not connected with TLS configuration. Looking at it, I think the approved mode switch in 1.0.1 might prevent this happening, I'm not sure why specifically it would be happening in your case though/\.

Regards,

David

On 13/02/17 22:01, Kamal, Murali wrote:

Hi All,

 

We are observing the following error when using BC FIPS with SSL Enabled.

 

SSL Certificate Generated using

·         Signature Algorithm – sha256RSA

·         Signature Hash Algorithm – sha256

 

2017/02/10 18:08:29.949 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-1/HMAC

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/10 18:08:29.949 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/10 18:08:29.949 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/10 18:08:29.949 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.NioBlockingSelector.write(NioBlockingSelector.java:101)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioSelectorPool.write(NioSelectorPool.java:157)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.doWrite(NioEndpoint.java:1241)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.doWrite(SocketWrapperBase.java:670)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flushBlocking(SocketWrapperBase.java:607)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flush(SocketWrapperBase.java:597)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.flushBuffer(Http11OutputBuffer.java:519)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.finishResponse(Http11OutputBuffer.java:318)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.finishResponse(Http11Processor.java:1472)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessor.action(AbstractProcessor.java:264)

2017/02/10 18:08:29.950 |       at org.apache.coyote.Response.action(Response.java:168)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:273)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.Response.finishResponse(Response.java:484)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:379)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1437)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

2017/02/10 18:08:29.951 |       at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

2017/02/10 18:08:29.951 |       at java.lang.Thread.run(Thread.java:745)

2017/02/10 18:08:29.951 |

 

Do we need any other setting/config at the tomcat layer or is there any FIPS specific requirement for SSL Certificate?

 

We restricted the allowed Cipher Suites to use SHA-256, but now receiving the error with SHA-256.

 

2017/02/12 00:05:44.375 | SEVERE: Error processing request

2017/02/12 00:05:44.375 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/12 00:05:44.375 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/12 00:05:44.375 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/12 00:05:44.375 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/12 00:05:44.375 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

 

Then, we modified the tomcat server.xml to restrict the cipher suites to the below list based on this link  https://www.owasp.org/index.php/Securing_tomcat#Sample_Configuration_-_Better_Security and removed SHA-1 based cipher suites;

Now, we are able to login from Chrome and Firefox but not from IE 11. With IE11, error persists with SHA-256. 

org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC   

Per https://wiki.openssl.org/index.php/FIPS_mode_and_TLS running openssl ciphers -v "TLSv1.2+FIPS:kRSA+FIPS:!eNULL:!aNULL" also lists the same set of Cipher suites we used (“TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256”). 

Could someone help in pointing the minor thing that we are still missing in the SSL configuration when using the IE browser? 

Regards,

Murali Kamal


Reply | Threaded
Open this post in threaded view
|

RE: [BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

Kamal, Murali

Hi David,

 

Thank you for the quick response.

 

Is the 1.0.1 version of BC-FIPS approved by NIST?

Or does that have a “vendor-affirmed” status? If yes, where can I download it from?

 

Regards,

Murali Kamal

From: David Hook [mailto:[hidden email]]
Sent: Monday, February 13, 2017 9:45 PM
To: [hidden email]
Subject: Re: [dev-crypto] [BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

 


You will only see this if you are attempting to pass CSPs between approved and non-approved mode threads.

It is not connected with TLS configuration. Looking at it, I think the approved mode switch in 1.0.1 might prevent this happening, I'm not sure why specifically it would be happening in your case though/\.

Regards,

David

On 13/02/17 22:01, Kamal, Murali wrote:

Hi All,

 

We are observing the following error when using BC FIPS with SSL Enabled.

 

SSL Certificate Generated using

·         Signature Algorithm – sha256RSA

·         Signature Hash Algorithm – sha256

 

2017/02/10 18:08:29.949 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-1/HMAC

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/10 18:08:29.949 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/10 18:08:29.949 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/10 18:08:29.949 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.NioBlockingSelector.write(NioBlockingSelector.java:101)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioSelectorPool.write(NioSelectorPool.java:157)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.doWrite(NioEndpoint.java:1241)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.doWrite(SocketWrapperBase.java:670)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flushBlocking(SocketWrapperBase.java:607)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flush(SocketWrapperBase.java:597)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.flushBuffer(Http11OutputBuffer.java:519)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.finishResponse(Http11OutputBuffer.java:318)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.finishResponse(Http11Processor.java:1472)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessor.action(AbstractProcessor.java:264)

2017/02/10 18:08:29.950 |       at org.apache.coyote.Response.action(Response.java:168)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:273)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.Response.finishResponse(Response.java:484)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:379)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1437)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

2017/02/10 18:08:29.951 |       at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

2017/02/10 18:08:29.951 |       at java.lang.Thread.run(Thread.java:745)

2017/02/10 18:08:29.951 |

 

Do we need any other setting/config at the tomcat layer or is there any FIPS specific requirement for SSL Certificate?

 

We restricted the allowed Cipher Suites to use SHA-256, but now receiving the error with SHA-256.

 

2017/02/12 00:05:44.375 | SEVERE: Error processing request

2017/02/12 00:05:44.375 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/12 00:05:44.375 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/12 00:05:44.375 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/12 00:05:44.375 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/12 00:05:44.375 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

 

Then, we modified the tomcat server.xml to restrict the cipher suites to the below list based on this link  https://www.owasp.org/index.php/Securing_tomcat#Sample_Configuration_-_Better_Security and removed SHA-1 based cipher suites;

Now, we are able to login from Chrome and Firefox but not from IE 11. With IE11, error persists with SHA-256. 

org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC   

Per https://wiki.openssl.org/index.php/FIPS_mode_and_TLS running openssl ciphers -v "TLSv1.2+FIPS:kRSA+FIPS:!eNULL:!aNULL" also lists the same set of Cipher suites we used (“TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256”). 

Could someone help in pointing the minor thing that we are still missing in the SSL configuration when using the IE browser? 

Regards,

Murali Kamal

 

Reply | Threaded
Open this post in threaded view
|

Re: [BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

David Hook

1.0.1 is ready for submission but not yet certified. It is available under our early access program.

Regards,

David

On 14/02/17 03:22, Kamal, Murali wrote:

Hi David,

 

Thank you for the quick response.

 

Is the 1.0.1 version of BC-FIPS approved by NIST?

Or does that have a “vendor-affirmed” status? If yes, where can I download it from?

 

Regards,

Murali Kamal

From: David Hook [[hidden email]]
Sent: Monday, February 13, 2017 9:45 PM
To: [hidden email]
Subject: Re: [dev-crypto] [BC-FIPS] Error on Tomcat 8.5.9 with SSL Enabled

 


You will only see this if you are attempting to pass CSPs between approved and non-approved mode threads.

It is not connected with TLS configuration. Looking at it, I think the approved mode switch in 1.0.1 might prevent this happening, I'm not sure why specifically it would be happening in your case though/\.

Regards,

David

On 13/02/17 22:01, Kamal, Murali wrote:

Hi All,

 

We are observing the following error when using BC FIPS with SSL Enabled.

 

SSL Certificate Generated using

·         Signature Algorithm – sha256RSA

·         Signature Hash Algorithm – sha256

 

2017/02/10 18:08:29.949 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-1/HMAC

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/10 18:08:29.949 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/10 18:08:29.949 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/10 18:08:29.949 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/10 18:08:29.949 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/10 18:08:29.949 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/10 18:08:29.949 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

2017/02/10 18:08:29.949 |       at org.apache.tomcat.util.net.NioBlockingSelector.write(NioBlockingSelector.java:101)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioSelectorPool.write(NioSelectorPool.java:157)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper.doWrite(NioEndpoint.java:1241)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.doWrite(SocketWrapperBase.java:670)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flushBlocking(SocketWrapperBase.java:607)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketWrapperBase.flush(SocketWrapperBase.java:597)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.flushBuffer(Http11OutputBuffer.java:519)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11OutputBuffer.finishResponse(Http11OutputBuffer.java:318)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.finishResponse(Http11Processor.java:1472)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessor.action(AbstractProcessor.java:264)

2017/02/10 18:08:29.950 |       at org.apache.coyote.Response.action(Response.java:168)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:273)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.Response.finishResponse(Response.java:484)

2017/02/10 18:08:29.950 |       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:379)

2017/02/10 18:08:29.950 |       at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:783)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)

2017/02/10 18:08:29.950 |       at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:789)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1437)

2017/02/10 18:08:29.950 |       at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

2017/02/10 18:08:29.950 |       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

2017/02/10 18:08:29.951 |       at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

2017/02/10 18:08:29.951 |       at java.lang.Thread.run(Thread.java:745)

2017/02/10 18:08:29.951 |

 

Do we need any other setting/config at the tomcat layer or is there any FIPS specific requirement for SSL Certificate?

 

We restricted the allowed Cipher Suites to use SHA-256, but now receiving the error with SHA-256.

 

2017/02/12 00:05:44.375 | SEVERE: Error processing request

2017/02/12 00:05:44.375 | org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.Utils.approvedModeCheck(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.internal.io.MacOutputStream.write(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.crypto.UpdateOutputStream.update(Unknown Source)

2017/02/12 00:05:44.375 |       at org.bouncycastle.jcajce.provider.BaseHMac.engineUpdate(Unknown Source)

2017/02/12 00:05:44.375 |       at javax.crypto.Mac.update(Mac.java:485)

2017/02/12 00:05:44.375 |       at sun.security.ssl.MAC.compute(MAC.java:160)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:262)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineOutputRecord.write(EngineOutputRecord.java:225)

2017/02/12 00:05:44.375 |       at sun.security.ssl.EngineWriter.writeRecord(EngineWriter.java:186)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeRecord(SSLEngineImpl.java:1300)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1271)

2017/02/12 00:05:44.375 |       at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)

2017/02/12 00:05:44.375 |       at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)

2017/02/12 00:05:44.375 |       at org.apache.tomcat.util.net.SecureNioChannel.write(SecureNioChannel.java:639)

 

Then, we modified the tomcat server.xml to restrict the cipher suites to the below list based on this link  https://www.owasp.org/index.php/Securing_tomcat#Sample_Configuration_-_Better_Security and removed SHA-1 based cipher suites;

Now, we are able to login from Chrome and Firefox but not from IE 11. With IE11, error persists with SHA-256. 

org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: Attempt to use unapproved implementation in approved thread: SHA-256/HMAC   

Per https://wiki.openssl.org/index.php/FIPS_mode_and_TLS running openssl ciphers -v "TLSv1.2+FIPS:kRSA+FIPS:!eNULL:!aNULL" also lists the same set of Cipher suites we used (“TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256”). 

Could someone help in pointing the minor thing that we are still missing in the SSL configuration when using the IE browser? 

Regards,

Murali Kamal