Category Archives: Security

Articles related to Linux & Network Security. Specifically related to PKI

Using Openssl on RHEL6 in FIPS-140 mode and generating Certificates.

15 Tuesday Nov 2011

Posted by in Security

5 Comments

Tags

,

For long time I have been trying to understand  FIPS-140 Certification and it’s effects. Today, I finally got to  configure RHEL6 system in fips mode and use openssl commands. Before we go and play with it, A brief Intro on what  FIPS and Openssl is.

FIPS-140 standard specifies the security requirements for a cryptographic module utilized within a security system protecting sensitive information in computer and telecommunication systems.   US national Institute of Standards and Technology(NIST) publishes FIPS series of standards for the implementation of Cryptographic modules. The Cryptographic Module Validation Program (CMVP) validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography based standards.

FIPS 140-2 is primarily of interest to U.S., Canadian, and UK government agencies which have formal policies requiring use of FIPS 140 validated cryptographic software.

Products that have received a NIST/CSE validation are listed on the Cryptographic Module Validation List at http://csrc.nist.gov/cryptval/140-1/1401val.htm

OpenSSL is a Open Source software Implementing SSLv2/V3, TLS protocols and also provides general purpose Crypto libraries (aka libcrypto, libssl etc).

The intention of this article is to specify on how fips should be enabled on RHEL6 and to use approved ciphers with openssl.

Before we start using openssl and use FIPS approved security functions, The operating system has to be brought under fips mode, For that we need to rebuilt the initramfs with fips , prelink should be undone on all the libraries. I have enumerated the steps below.

Below are the steps to put RHEL6 system in FIPS mode  and use openssl with fips approved security functions.

Disable prelinking

change the line "PRELINKING=yes" to "PRELINKING=no" in /etc/sysconfig/prelink

For libraries that were already prelinked, the prelink should be  undone on all the system files using the following command:

$ prelink -u -a

initramfs should be regenerated with fips , to do that install dracut-fips package

$ yum install dracut-fips

Edit /etc/grub.conf  and add fips=1 to the end of the “kernel” line and reboot the system

kernel /vmlinuz-2.6.32-131.0.15.el6.x86_64 ro root=/dev/mapper/myvg-rootvol rd_LVM_LV=myvg/rootvol rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us crashkernel=auto fips=1

For generating Certificates, openssl should be used only with specific set of Approvied Security Functions. For the list of Approved Security functions  that can be used refer NIST

In Brief below below algorithms can be used for signing, hashing and encyrption:

  • Symmetric Key (AES, TDEA and EES)
  • Asymmetric Key (DSS – DSA, RSA and ECDSA)
  • Secure Hash Standard (SHS)  Secure Hash Standard (SHS) (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512)
  • Message Authentication (Triple-DES, AES and SHS)

To check if openssl is operating under fips mode,  issue the following

$ openssl md5 somefile

The above should fail as MD5 is not a fips approved Hash Standard.

$ openssl sha1 somefile

The above would work as SHA1 is the fips Approved Hash Standard.

Lets generate Self-signed CA certificate

1. Generate the key

$ openssl genrsa  1024 > dhcp210-11.key

2. Convert the key to PKCS8 Format

The encryption used in the genrsa command cannot be used in the FIPS mode as it uses MD5 to convert the password to a key. We have to either write it unencrypted (no -des3 option) and then convert it using the ‘openssl pkcs8’ command.

if we need it encrypted, or generate the key  using -newkey option during the openssl req command which already writes it encrypted in the pkcs8 format.

$ openssl pkcs8 -in dhcp210-11.key -topk8 -out dhcp210-11-enc.key -v1 PBE-SHA1-3DES

3. Create a Self signed CA certificate.

$ openssl req -new -x509 -key dhcp210-11-enc.key -out dhcp210-11.crt -days 366

or skip step-1 and 2 and generate key inplace (-newkey option) which encrypts private key using pkcs8 format

$ openssl req -new -x509 -newkey rsa:1024 -out dhcp210-11.crt -days 365

References:

1. http://csrc.nist.gov/publications/PubsFIPS.html

2. www.openssl.org

Renewing self signed CA Certs using certutil

06 Sunday Nov 2011

Posted by in Security

4 Comments

Tags

, , ,

This is an how-to article on renewal of self-signed CA Certs using Certutil Commands. To create self signed Certificate authorities and other certificates , Refer the Mozilla Documentation.

As normal User or Server Certificates Expire, the CA certs also do expire after certain period. But one needs to know how to renew.

Since this How-to is based on mozilla NSS. I will explain with an example NSS database where a CA and user certs are created using certutil Commands.

$certutil -L -d /etc/pki/testca

Certificate Nickname          Trust Attributes
                          SSL,S/MIME,JAR/XPI
testca                   CTu,u,u
www                     u,u,u

testca is the CA certificate and www is a user cert

$certutil -L -d /etc/pki/testca -n testca | head -n 15
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 0 (0x0)
        Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
        Issuer: "CN=rootca0,O=Example.com,C=US"
        Validity:
            Not Before: Tue Nov 01 02:29:56 2011
            Not After : Thu Dec 01 02:29:56 2011
        Subject: "CN=rootca0,O=Example.com,C=US"

To view the private key, issue the below command :

 $ certutil -K -d /etc/pki/testca
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services"
 Enter Password or Pin for "NSS Certificate DB":
 < 0> rsa 2caa8cf41a5fc803902034710f59c296326cdcc8 NSS Certificate DB:testca
  < 1> rsa      99059e9f59b710edcee11d4bd32fd97977bc121e   NSS Certificate DB:www

From the above output you could see the Nick of the private key used by testca

The procedure to renew the testca Certificate is:

1. Create a certificate request using the same Private key

2. Get it signed by the Old CA

3. Add the newly signed certificate CA to NSS database

Creating a Certificate request using the same Private key:

$certutil -d . -R -k "NSS Certificate DB:testca" -s "CN=rootca0,o=Example.com,c=US" -a -o rootca.req
Brief Explanation of the command options:

-R:  Create a certificate-request file that can be submitted to a Certificate Authority (CA) for processing into a finished certificate. Output defaults to standard out unless you use 
-o output-file argument.
-s: subject of the Certificate ( Use the same Subject of earlier CA)
-m: serial Number
-v: Period in Months till which Certificate will be valid

Sign the Certificate Request 

$certutil -C -d . -c "testca" -a -i rootca.req -t "CT,," -o cacert.crt  -m 0 -v 12

Add the Certificate to NSS database:

 $certutil -A -d . -n "testca" -a -i cacert.crt -t "CT,,"

List the CA cert to check the validity period

$certutil -L -d . -n testca
-----BEGIN CERTIFICATE-----
 MIIB4jCCAUugAwIBAgIFAJYUeXowDQYJKoZIhvcNAQEFBQAwNTELMAkGA1UEBhMC
 VVMxFDASBgNVBAoTC0V4YW1wbGUuY29tMRAwDgYDVQQDEwdyb290Y2EwMB4XDTEx
 MTEwMTAzMTczMloXDTEyMTEwMTAzMTczMlowNTELMAkGA1UEBhMCVVMxFDASBgNV
 BAoTC0V4YW1wbGUuY29tMRAwDgYDVQQDEwdyb290Y2EwMIGfMA0GCSqGSIb3DQEB
 AQUAA4GNADCBiQKBgQDHiALVOGuCo2c0xjIXqL5Q6RBSUva/b+NivWk9knSpe998
 yFQ7mzbi8g4EzlOt896iVLkjiekSbtffxx6ye5ruGfwddpo6AnpXMhZvG7DKrWpZ
 4CD1EPpW++DszuKBoZE50rcdHZC2o6iMAm2POXWCaHIapPfXbdahuyQQtgC+RQID
 AQABMA0GCSqGSIb3DQEBBQUAA4GBALVoqevbP7haPKPyZwgD4kB4OofOc8z22KZh
 +/KTai5RgnXbiGRK0hpV/imHC6j2KrPb3awmUTMXzWjQ9Pj4f4nuKFmM2QY8Vspb
 PziB7IPlxKh1m30QZzVJHlTL7uMMFud5CJVSb1iB4J6BackhN+5MTGZRytXfN9A2
 pHPzcjQM
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIB8DCCAVmgAwIBAgIBADANBgkqhkiG9w0BAQUFADA1MQswCQYDVQQGEwJVUzEU
 MBIGA1UEChMLRXhhbXBsZS5jb20xEDAOBgNVBAMTB3Jvb3RjYTAwHhcNMTExMTAx
 MDIyOTU2WhcNMTExMjAxMDIyOTU2WjA1MQswCQYDVQQGEwJVUzEUMBIGA1UEChML
 RXhhbXBsZS5jb20xEDAOBgNVBAMTB3Jvb3RjYTAwgZ8wDQYJKoZIhvcNAQEBBQAD
 gY0AMIGJAoGBAMeIAtU4a4KjZzTGMheovlDpEFJS9r9v42K9aT2SdKl733zIVDub
 NuLyDgTOU63z3qJUuSOJ6RJu19/HHrJ7mu4Z/B12mjoCelcyFm8bsMqtalngIPUQ
 +lb74OzO4oGhkTnStx0dkLajqIwCbY85dYJochqk99dt1qG7JBC2AL5FAgMBAAGj
 EDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAP6F9K/y+WcL4tLij
 5vmxdDK+iV/jRktQc0/QugpUUcoWT7pRVsGfsYhAUYMhlZmnxHuQeLp13xPn1FcY
 DaojOPoQCifadC0OvlOivTnxQNU1nOLvWuYTfVoQq79Ji5fZVywQ5T41irV5uvGb
 hU00Ebw6/UtJOA4TwaIgXDSs45g=
 -----END CERTIFICATE-----

As you can see above , it lists both the certificates (old and new), Remove -a option in the above command to see in pretty print output

Certificate:
 Data:
 Version: 3 (0x2)
 Serial Number:
 00:96:14:79:7a
 Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
 Issuer: "CN=rootca0,O=Example.com,C=US"
 Validity:
 Not Before: Tue Nov 01 03:17:32 2011
 Not After : Thu Nov 01 03:17:32 2012
 Subject: "CN=rootca0,O=Example.com,C=US"
 Subject Public Key Info:
 Public Key Algorithm: PKCS #1 RSA Encryption
 RSA Public Key:
 Modulus:
 c7:88:02:d5:38:6b:82:a3:67:34:c6:32:17:a8:be:50:
 e9:10:52:52:f6:bf:6f:e3:62:bd:69:3d:92:74:a9:7b:
 df:7c:c8:54:3b:9b:36:e2:f2:0e:04:ce:53:ad:f3:de:
 a2:54:b9:23:89:e9:12:6e:d7:df:c7:1e:b2:7b:9a:ee:
 19:fc:1d:76:9a:3a:02:7a:57:32:16:6f:1b:b0:ca:ad:
 6a:59:e0:20:f5:10:fa:56:fb:e0:ec:ce:e2:81:a1:91:
 39:d2:b7:1d:1d:90:b6:a3:a8:8c:02:6d:8f:39:75:82:
 68:72:1a:a4:f7:d7:6d:d6:a1:bb:24:10:b6:00:be:45
 Exponent: 65537 (0x10001)
 Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
 Signature:
 b5:68:a9:eb:db:3f:b8:5a:3c:a3:f2:67:08:03:e2:40:
 78:3a:87:ce:73:cc:f6:d8:a6:61:fb:f2:93:6a:2e:51:
 82:75:db:88:64:4a:d2:1a:55:fe:29:87:0b:a8:f6:2a:
 b3:db:dd:ac:26:51:33:17:cd:68:d0:f4:f8:f8:7f:89:
 ee:28:59:8c:d9:06:3c:56:ca:5b:3f:38:81:ec:83:e5:
 c4:a8:75:9b:7d:10:67:35:49:1e:54:cb:ee:e3:0c:16:
 e7:79:08:95:52:6f:58:81:e0:9e:81:69:c9:21:37:ee:
 4c:4c:66:51:ca:d5:df:37:d0:36:a4:73:f3:72:34:0c
 Fingerprint (MD5):
 2B:90:4E:AE:E5:91:37:20:AD:41:A2:B1:4A:CC:16:A5
 Fingerprint (SHA1):
 DA:6C:F5:A1:A1:03:9B:6E:11:2C:BF:FA:DA:43:5C:D1:52:0B:B5:1B
 Certificate Trust Flags:
 SSL Flags:
 Valid CA
 Trusted CA
 User
 Trusted Client CA
 Email Flags:
 User
 Object Signing Flags:
 User
 Certificate:
 Data:
 Version: 3 (0x2)
 Serial Number: 0 (0x0)
 Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
 Issuer: "CN=rootca0,O=Example.com,C=US"
 Validity:
 Not Before: Tue Nov 01 02:29:56 2011
 Not After : Thu Dec 01 02:29:56 2011
 Subject: "CN=rootca0,O=Example.com,C=US"
 Subject Public Key Info:
 Public Key Algorithm: PKCS #1 RSA Encryption
 RSA Public Key:
 Modulus:
 c7:88:02:d5:38:6b:82:a3:67:34:c6:32:17:a8:be:50:
 e9:10:52:52:f6:bf:6f:e3:62:bd:69:3d:92:74:a9:7b:
 df:7c:c8:54:3b:9b:36:e2:f2:0e:04:ce:53:ad:f3:de:
 a2:54:b9:23:89:e9:12:6e:d7:df:c7:1e:b2:7b:9a:ee:
 19:fc:1d:76:9a:3a:02:7a:57:32:16:6f:1b:b0:ca:ad:
 6a:59:e0:20:f5:10:fa:56:fb:e0:ec:ce:e2:81:a1:91:
 39:d2:b7:1d:1d:90:b6:a3:a8:8c:02:6d:8f:39:75:82:
 68:72:1a:a4:f7:d7:6d:d6:a1:bb:24:10:b6:00:be:45
 Exponent: 65537 (0x10001)
 Signed Extensions:
 Name: Certificate Basic Constraints
 Data: Is a CA with no maximum path length.
 Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
 Signature:
 3f:a1:7d:2b:fc:be:59:c2:f8:b4:b8:a3:e6:f9:b1:74:
 32:be:89:5f:e3:46:4b:50:73:4f:d0:ba:0a:54:51:ca:
 16:4f:ba:51:56:c1:9f:b1:88:40:51:83:21:95:99:a7:
 c4:7b:90:78:ba:75:df:13:e7:d4:57:18:0d:aa:23:38:
 fa:10:0a:27:da:74:2d:0e:be:53:a2:bd:39:f1:40:d5:
 35:9c:e2:ef:5a:e6:13:7d:5a:10:ab:bf:49:8b:97:d9:
 57:2c:10:e5:3e:35:8a:b5:79:ba:f1:9b:85:4d:34:11:
 bc:3a:fd:4b:49:38:0e:13:c1:a2:20:5c:34:ac:e3:98
 Fingerprint (MD5):
 58:C8:D8:75:3A:81:90:94:C9:06:04:51:52:8E:E7:4B
 Fingerprint (SHA1):
 07:D2:80:8F:05:74:C1:86:43:1F:96:52:1F:A7:B4:4E:BF:61:7F:70
 Certificate Trust Flags:
 SSL Flags:
 Valid CA
 Trusted CA
 User
 Trusted Client CA
 Email Flags:
 User
 Object Signing Flags:
 User

Validate the user Certificates

$ certutil -V -d . -u C -n www
certutil: certificate is valid
$ certutil -V -d . -u C -n testca
certutil: certificate is valid