From: Radoslaw Zarzynski Date: Tue, 12 Mar 2019 14:17:43 +0000 (+0100) Subject: auth, rgw, common: switch to PK11_ImportSymKey_FIPS wrapper. X-Git-Tag: v12.2.12~33^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=1f969449a2db1d2f5b0b6ca5a82c3e36bfd24354;p=ceph.git auth, rgw, common: switch to PK11_ImportSymKey_FIPS wrapper. PK11_ImportSymKey() is a part of NSS API that becomes unavailable in the FIPS mode. Apparently NSS targets stricter restrictions than those coming from Level 1 of FIPS 140-2. In the consequence, loading a symmetric key from plain keyring or key db (which Ceph needs to do due to architectural reasons) fails. The same issue affected corosync and this patchset deals with it the same way like already followed by corosync [1]: a raw crypto key is in-memory wrapped with fresh, random wrapping key just before being imported via PK11_UnwrapSymKey(). Of course, this effectively lowers to FIPS level 1. Still, this would be no different from what OpenSSL (to which we are currently migrating in master) gives in the matter. The patch can be *roughly* verified in following steps: 1. mkdir ./nssdb 2. certutil -N -d ./nssdb --empty-password 3. modutil -dbdir ./nssdb -fips true 4. ../src/vstart.sh -l -n -b -o "nss_db_path=/work/ceph-3/build/nssdb" This fix is dedicated to Luminous. In master we're switching to OpenSSL. [1] 5dadebd21862074deaeb9a337fc9e49f5e9f692a in corosync's public repo. Fixes: http://tracker.ceph.com/issues/38843 Signed-off-by: Radoslaw Zarzynski --- diff --git a/src/auth/Crypto.cc b/src/auth/Crypto.cc index 150052bfef17..62636785803a 100644 --- a/src/auth/Crypto.cc +++ b/src/auth/Crypto.cc @@ -291,8 +291,9 @@ public: keyItem.type = siBuffer; keyItem.data = (unsigned char*)secret.c_str(); keyItem.len = secret.length(); - key = PK11_ImportSymKey(slot, mechanism, PK11_OriginUnwrap, CKA_ENCRYPT, - &keyItem, NULL); + using ceph::crypto::PK11_ImportSymKey_FIPS; + key = PK11_ImportSymKey_FIPS(slot, mechanism, PK11_OriginUnwrap, CKA_ENCRYPT, + &keyItem, NULL); if (!key) { err << "cannot convert AES key for NSS: " << PR_GetError(); return -1; diff --git a/src/common/ceph_crypto.h b/src/common/ceph_crypto.h index c0900b7248ef..c58f1d0b552a 100644 --- a/src/common/ceph_crypto.h +++ b/src/common/ceph_crypto.h @@ -150,8 +150,8 @@ namespace ceph { keyItem.type = siBuffer; keyItem.data = (unsigned char*)key; keyItem.len = length; - symkey = PK11_ImportSymKey(slot, cktype, PK11_OriginUnwrap, - CKA_SIGN, &keyItem, NULL); + symkey = PK11_ImportSymKey_FIPS(slot, cktype, PK11_OriginUnwrap, + CKA_SIGN, &keyItem, NULL); assert(symkey); SECItem param; param.type = siBuffer; diff --git a/src/rgw/rgw_crypt.cc b/src/rgw/rgw_crypt.cc index d5893734ff71..f857c5b0108d 100644 --- a/src/rgw/rgw_crypt.cc +++ b/src/rgw/rgw_crypt.cc @@ -31,6 +31,7 @@ using namespace CryptoPP; #define dout_subsys ceph_subsys_rgw using namespace rgw; +using ceph::crypto::PK11_ImportSymKey_FIPS; /** * Encryption in CTR mode. offset is used as IV for each block. @@ -129,7 +130,7 @@ public: keyItem.data = key; keyItem.len = AES_256_KEYSIZE; - symkey = PK11_ImportSymKey(slot, CKM_AES_CTR, PK11_OriginUnwrap, CKA_UNWRAP, &keyItem, NULL); + symkey = PK11_ImportSymKey_FIPS(slot, CKM_AES_CTR, PK11_OriginUnwrap, CKA_UNWRAP, &keyItem, NULL); if (symkey) { static_assert(sizeof(ctr_params.cb) >= AES_256_IVSIZE, "Must fit counter"); ctr_params.ulCounterBits = 128; @@ -317,7 +318,7 @@ public: keyItem.type = siBuffer; keyItem.data = const_cast(&key[0]); keyItem.len = AES_256_KEYSIZE; - symkey = PK11_ImportSymKey(slot, CKM_AES_CBC, PK11_OriginUnwrap, CKA_UNWRAP, &keyItem, NULL); + symkey = PK11_ImportSymKey_FIPS(slot, CKM_AES_CBC, PK11_OriginUnwrap, CKA_UNWRAP, &keyItem, NULL); if (symkey) { memcpy(ctr_params.iv, iv, AES_256_IVSIZE); ivItem.type = siBuffer; @@ -577,7 +578,7 @@ bool AES_256_ECB_encrypt(CephContext* cct, param = PK11_ParamFromIV(CKM_AES_ECB, NULL); if (param) { - symkey = PK11_ImportSymKey(slot, CKM_AES_ECB, PK11_OriginUnwrap, CKA_UNWRAP, &keyItem, NULL); + symkey = PK11_ImportSymKey_FIPS(slot, CKM_AES_ECB, PK11_OriginUnwrap, CKA_UNWRAP, &keyItem, NULL); if (symkey) { ectx = PK11_CreateContextBySymKey(CKM_AES_ECB, CKA_ENCRYPT, symkey, param); if (ectx) {