BC-FIPS does not reject JKS keystores

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

BC-FIPS does not reject JKS keystores

Daniel Jeliński
Hi,
After reading the docs (specifically https://downloads.bouncycastle.org/fips-java/BC-FJA-UserGuide-1.0.2.pdf, page 69, appendix G, point 3) I'm under the impression that BC-FIPS should reject JKS keystores. However, I'm able to run Jetty using JKS keystores with no issues.

I'm using AdoptOpenJDK's Java 8 with the following changes in java.security:
security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider C:HYBRID;ENABLE{ALL}
security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS
security.provider.3=sun.security.provider.Sun
ssl.KeyManagerFactory.algorithm=X509

I had to change KeyManagerFactory because the default SunX509 was not available with this provider list.

I'm starting the application with -Dorg.bouncycastle.fips.approved_only=true, and CryptoServicesRegistrar.isInApprovedOnlyMode() returns true as expected.

I'm using BC-FIPS 1.0.2, BCTLS-FIPS 1.0.9 and BCPKIX-FIPS 1.0.3

Am I doing something wrong, or just misreading the docs?
Thanks,
Daniel
Reply | Threaded
Open this post in threaded view
|

Re: BC-FIPS does not reject JKS keystores

David Hook-3

The module can read JKS files which only contain certificates in approved mode, but this does need to be especially configured. Where the configuration does not allow for it (as seems to be the case below), the module will not load a JKS key store. You might want to check what's loading the keystores.

Regards,

David
On 14/11/19 11:01 pm, Daniel Jeliński wrote:
Hi,
After reading the docs (specifically https://downloads.bouncycastle.org/fips-java/BC-FJA-UserGuide-1.0.2.pdf, page 69, appendix G, point 3) I'm under the impression that BC-FIPS should reject JKS keystores. However, I'm able to run Jetty using JKS keystores with no issues.

I'm using AdoptOpenJDK's Java 8 with the following changes in java.security:
security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider C:HYBRID;ENABLE{ALL}
security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS
security.provider.3=sun.security.provider.Sun
ssl.KeyManagerFactory.algorithm=X509

I had to change KeyManagerFactory because the default SunX509 was not available with this provider list.

I'm starting the application with -Dorg.bouncycastle.fips.approved_only=true, and CryptoServicesRegistrar.isInApprovedOnlyMode() returns true as expected.

I'm using BC-FIPS 1.0.2, BCTLS-FIPS 1.0.9 and BCPKIX-FIPS 1.0.3

Am I doing something wrong, or just misreading the docs?
Thanks,
Daniel


Reply | Threaded
Open this post in threaded view
|

Re: BC-FIPS does not reject JKS keystores

Daniel Jeliński
Thanks David for your response.
I tried with -Dorg.bouncycastle.jca.enable_jks=true, which failed as expected. Without this setting JKS keystores are loaded by sun.security.provider.Sun, which is recommended by user guide.

Anyway, I found the exception. After a long fight with https://github.com/bcgit/bc-java/issues/604 I decided to try out com.sun.net.ssl.internal.ssl.Provider instead of org.bouncycastle.jsse.provider.BouncyCastleJsseProvider, and got this:
java.security.KeyStoreException: FIPS mode: KeyStore must be from provider BCFIPS
at sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineInit(KeyManagerFactoryImpl.java:67)
at javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory.java:256)

So, all is good. I'd just like to know which JSSE provider was BouncyCastle approved with, Sun's or BouncyCastleJsseProvider?
Thanks,
Daniel


pt., 15 lis 2019 o 02:51 David Hook <[hidden email]> napisał(a):

The module can read JKS files which only contain certificates in approved mode, but this does need to be especially configured. Where the configuration does not allow for it (as seems to be the case below), the module will not load a JKS key store. You might want to check what's loading the keystores.

Regards,

David
On 14/11/19 11:01 pm, Daniel Jeliński wrote:
Hi,
After reading the docs (specifically https://downloads.bouncycastle.org/fips-java/BC-FJA-UserGuide-1.0.2.pdf, page 69, appendix G, point 3) I'm under the impression that BC-FIPS should reject JKS keystores. However, I'm able to run Jetty using JKS keystores with no issues.

I'm using AdoptOpenJDK's Java 8 with the following changes in java.security:
security.provider.1=org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider C:HYBRID;ENABLE{ALL}
security.provider.2=org.bouncycastle.jsse.provider.BouncyCastleJsseProvider fips:BCFIPS
security.provider.3=sun.security.provider.Sun
ssl.KeyManagerFactory.algorithm=X509

I had to change KeyManagerFactory because the default SunX509 was not available with this provider list.

I'm starting the application with -Dorg.bouncycastle.fips.approved_only=true, and CryptoServicesRegistrar.isInApprovedOnlyMode() returns true as expected.

I'm using BC-FIPS 1.0.2, BCTLS-FIPS 1.0.9 and BCPKIX-FIPS 1.0.3

Am I doing something wrong, or just misreading the docs?
Thanks,
Daniel


Reply | Threaded
Open this post in threaded view
|

Re: BC-FIPS does not reject JKS keystores

Peter Dettman-3
Hi Daniel,
If I'm understanding your question correctly, the answer is neither; the
JSSE provider is not involved in certification for the FIPS jar itself.

Regards,
Pete Dettman

On 15/11/19 3:06 pm, Daniel Jeliński wrote:
> So, all is good. I'd just like to know which JSSE provider was
> BouncyCastle approved with, Sun's or BouncyCastleJsseProvider?
> Thanks,
> Daniel

Reply | Threaded
Open this post in threaded view
|

Re: BC-FIPS does not reject JKS keystores

David Hook-3

One other thing, FIPS mode in the regular JSSE provider started turning
into a no-op with the arrival of Java 9. There's no assertion that the
JSSE provider is compliant past Java 8.

Regards,

David

On 19/11/19 1:25 pm, Peter Dettman wrote:

> Hi Daniel,
> If I'm understanding your question correctly, the answer is neither; the
> JSSE provider is not involved in certification for the FIPS jar itself.
>
> Regards,
> Pete Dettman
>
> On 15/11/19 3:06 pm, Daniel Jeliński wrote:
>> So, all is good. I'd just like to know which JSSE provider was
>> BouncyCastle approved with, Sun's or BouncyCastleJsseProvider?
>> Thanks,
>> Daniel
>


Reply | Threaded
Open this post in threaded view
|

Re: BC-FIPS does not reject JKS keystores

Daniel Jeliński
In reply to this post by Peter Dettman-3
Ahh thanks Pete. I'm new to FIPS and FedRAMP, and I guess it shows.

I think I had a misconception about FIPS. Please correct me if I'm wrong: FIPS certification applies only to the cryptographic library? And JSSE provider FIPS mode is only used to help developers make sure that their JSSE cryptography actually uses the FIPS-certified provider, and not all providers available?
Thanks,
Daniel

wt., 19 lis 2019 o 03:25 Peter Dettman <[hidden email]> napisał(a):
Hi Daniel,
If I'm understanding your question correctly, the answer is neither; the
JSSE provider is not involved in certification for the FIPS jar itself.

Regards,
Pete Dettman

On 15/11/19 3:06 pm, Daniel Jeliński wrote:
> So, all is good. I'd just like to know which JSSE provider was
> BouncyCastle approved with, Sun's or BouncyCastleJsseProvider?
> Thanks,
> Daniel
Reply | Threaded
Open this post in threaded view
|

Re: BC-FIPS does not reject JKS keystores

Daniel Jeliński
In reply to this post by David Hook-3
Thanks David for your input. Yes I noticed that. The FIPS-related code was actually removed from JDK some time ago, see  http://hg.openjdk.java.net/jdk/jdk/diff/cb1642ccc732/src/java.base/share/classes/sun/security/ssl/SunJSSE.java

Do you plan to replicate that functionality in BCTLS?
Thanks,
Daniel

wt., 19 lis 2019 o 07:50 David Hook <[hidden email]> napisał(a):

One other thing, FIPS mode in the regular JSSE provider started turning
into a no-op with the arrival of Java 9. There's no assertion that the
JSSE provider is compliant past Java 8.

Regards,

David

On 19/11/19 1:25 pm, Peter Dettman wrote:
> Hi Daniel,
> If I'm understanding your question correctly, the answer is neither; the
> JSSE provider is not involved in certification for the FIPS jar itself.
>
> Regards,
> Pete Dettman
>
> On 15/11/19 3:06 pm, Daniel Jeliński wrote:
>> So, all is good. I'd just like to know which JSSE provider was
>> BouncyCastle approved with, Sun's or BouncyCastleJsseProvider?
>> Thanks,
>> Daniel
>