wpa_supplicant in FIPS 140-2 mode

Jate Sujjavanich jatedev
Wed Jul 29 11:50:09 PDT 2015 

I wish I had noticed your reply earlier. I have some gmail filtering issues.

I figured out an issue with the aes_wrap/aes_unwrap function calls causing
the exit. The ones implemented in crypto_openssl.c make a lower level call
which is not allowed in FIPS mode for 1.0.1. I will submit a patch which
uses the more generic callbacks in src/crypto/aes_wrap.c and
src/crypto/aes_unwrap.c.


Now I am looking into the OpenSSL FIPS error in the context of the
following debug output:

EAP: EAP entering state IDLE
EAPOL: SUPP_PAE entering state AUTHENTICATING
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
OpenSSL: EVP_DigestInit_ex failed: error:060A80A3:digital envelope
routines:FIPS
_DIGESTINIT:disabled for fips
EAP: Received EAP-Request id=1 method=1 vendor=0 vendorMethod=0

In function eap_sm_parseEapReq in eap.c, the following call is triggering
the OpenSSL error. It is approximately line 1769:

        ret = md5_vector(1, addr, &plen, sm->req_md5);

It appears that the eap_workaround setting tells wpa_supplicant to make the
call to md5_vector. The wpa_supplicant is able to successfully
authenticate. I can also set eap_workaround=0, and it still works with my
networking equipment. In FIPS mode, I believe that this call does not do
anything because OpenSSL in FIPS mode returns an error before doing
anything.

On Sat, Jul 25, 2015 at 12:14 PM, Jouni Malinen <j at w1.fi> wrote:

> On Fri, Jul 24, 2015 at 05:54:27PM -0400, Jate Sujjavanich wrote:
> > Anybody have any information about running wpa_supplicant in FIPS mode?
> >
> > I have been trying to run wpa_supplicant 2.0 with OpenSSL 1.0.0 with a
> FIPS
> > certified cryptographic module. I patched wpa_supplicant so that it puts
> > itself into FIPS mode.
> >
> > I received a warning about use of the md5 algorithm within
> > tls_prf_sha1_md5. The code generates a pseudorandom key from an xor of a
> > sha1 and md5 sum of the key. I have come across some discussion whether
> it
> > is valid to use md5. That may have been 2009.
> >
> > I moved from version 2.0 to 2.4 of wpa_supplicant after I noticed changes
> > that could improve FIPS mode operation.
> >
> > I am still receiving the warning which I believe has to do with
> > tls_prf_sha1_md5. I have not yet traced the call.
>
> Are you setting CONFIG_FIPS=y in the build configuration
> (wpa_supplicant/.config)?
>
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at lists.shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20150729/c124ab35/attachment.htm>

More information about the Hostap mailing list