Skip to content

Commit

Permalink
tls: update BoringSSL-FIPS to 20190808. (#12168)
Browse files Browse the repository at this point in the history
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
  • Loading branch information
PiotrSikora authored Jul 20, 2020
1 parent 0322b0b commit 75a624e
Show file tree
Hide file tree
Showing 11 changed files with 51 additions and 44 deletions.
4 changes: 2 additions & 2 deletions api/envoy/api/v2/auth/cert.proto
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ message TlsParameters {
// servers.
TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}];

// Maximum TLS protocol version. By default, it's ``TLSv1_3`` for servers in non-FIPS builds, and
// ``TLSv1_2`` for clients and for servers using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`.
// Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
// servers.
TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}];

// If specified, the TLS listener will only support the specified `cipher list
Expand Down
4 changes: 2 additions & 2 deletions api/envoy/extensions/transport_sockets/tls/v3/cert.proto
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,8 @@ message TlsParameters {
// servers.
TlsProtocol tls_minimum_protocol_version = 1 [(validate.rules).enum = {defined_only: true}];

// Maximum TLS protocol version. By default, it's ``TLSv1_3`` for servers in non-FIPS builds, and
// ``TLSv1_2`` for clients and for servers using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`.
// Maximum TLS protocol version. By default, it's ``TLSv1_2`` for clients and ``TLSv1_3`` for
// servers.
TlsProtocol tls_maximum_protocol_version = 2 [(validate.rules).enum = {defined_only: true}];

// If specified, the TLS listener will only support the specified `cipher list
Expand Down
31 changes: 16 additions & 15 deletions bazel/external/boringssl_fips.genrule_cmd
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@

set -e

# BoringSSL build as described in the Security Policy for BoringCrypto module (2018-10-25):
# https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf
# BoringSSL build as described in the Security Policy for BoringCrypto module (2020-07-02):
# https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf

# This works only on Linux-x86_64.
if [[ `uname` != "Linux" || `uname -m` != "x86_64" ]]; then
Expand All @@ -16,16 +16,16 @@ ROOT=$$(dirname $(rootpath boringssl/BUILDING.md))/..
pushd $$ROOT

# Build tools requirements:
# - Clang compiler version 6.0.1 (https://releases.llvm.org/download.html)
# - Go programming language version 1.10.3 (https://golang.org/dl/)
# - Ninja build system version 1.8.2 (https://github.com/ninja-build/ninja/releases)
# - Clang compiler version 7.0.1 (https://releases.llvm.org/download.html)
# - Go programming language version 1.12.7 (https://golang.org/dl/)
# - Ninja build system version 1.9.0 (https://github.com/ninja-build/ninja/releases)

# Override $$PATH for build tools, to avoid picking up anything else.
export PATH="$$(dirname `which cmake`):/usr/bin:/bin"

# Clang 6.0.1
VERSION=6.0.1
SHA256=7ea204ecd78c39154d72dfc0d4a79f7cce1b2264da2551bb2eef10e266d54d91
# Clang 7.0.1
VERSION=7.0.1
SHA256=02ad925add5b2b934d64c3dd5cbd1b2002258059f7d962993ba7f16524c3089c
PLATFORM="x86_64-linux-gnu-ubuntu-16.04"

curl -sLO https://releases.llvm.org/"$$VERSION"/clang+llvm-"$$VERSION"-"$$PLATFORM".tar.xz \
Expand All @@ -41,26 +41,27 @@ if [[ `clang --version | head -1 | awk '{print $$3}'` != "$$VERSION" ]]; then
exit 1
fi

# Go 1.10.3
VERSION=1.10.3
SHA256=fa1b0e45d3b647c252f51f5e1204aba049cde4af177ef9f2181f43004f901035
# Go 1.12.7
VERSION=1.12.7
SHA256=66d83bfb5a9ede000e33c6579a91a29e6b101829ad41fffb5c5bb6c900e109d9
PLATFORM="linux-amd64"

curl -sLO https://dl.google.com/go/go"$$VERSION"."$$PLATFORM".tar.gz \
&& echo "$$SHA256" go"$$VERSION"."$$PLATFORM".tar.gz | sha256sum --check
tar xf go"$$VERSION"."$$PLATFORM".tar.gz

export GOPATH="$$PWD/gopath"
export GOROOT="$$PWD/go"
export PATH="$$GOROOT/bin:$$PATH"
export PATH="$$GOPATH/bin:$$GOROOT/bin:$$PATH"

if [[ `go version | awk '{print $$3}'` != "go$$VERSION" ]]; then
echo "ERROR: Go version doesn't match."
exit 1
fi

# Ninja 1.8.2
VERSION=1.8.2
SHA256=d2fea9ff33b3ef353161ed906f260d565ca55b8ca0568fa07b1d2cab90a84a07
# Ninja 1.9.0
VERSION=1.9.0
SHA256=1b1235f2b0b4df55ac6d80bbe681ea3639c9d2c505c7ff2159a3daf63d196305
PLATFORM="linux"

curl -sLO https://github.com/ninja-build/ninja/releases/download/v"$$VERSION"/ninja-"$$PLATFORM".zip \
Expand Down
18 changes: 18 additions & 0 deletions bazel/external/boringssl_fips.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# Fix FIPS build (from BoringSSL commit 4ca15d5dcbe6e8051a4654df7c971ea8307abfe0).
#
# The modulewrapper is not a part of the FIPS module, so it can be patched without
# concern about breaking the FIPS validation.
--- boringssl/util/fipstools/acvp/modulewrapper/modulewrapper.cc
+++ boringssl/util/fipstools/acvp/modulewrapper/modulewrapper.cc
@@ -12,9 +12,11 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <string>
#include <vector>

#include <assert.h>
+#include <errno.h>
#include <string.h>
#include <sys/uio.h>
#include <unistd.h>
1 change: 1 addition & 0 deletions bazel/repositories.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,7 @@ def _boringssl_fips():
sha256 = location["sha256"],
genrule_cmd_file = "@envoy//bazel/external:boringssl_fips.genrule_cmd",
build_file = "@envoy//bazel/external:boringssl_fips.BUILD",
patches = ["@envoy//bazel/external:boringssl_fips.patch"],
)

def _com_github_circonus_labs_libcircllhist():
Expand Down
6 changes: 3 additions & 3 deletions bazel/repository_locations.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,9 @@ REPOSITORY_LOCATIONS = dict(
urls = ["https://github.com/google/boringssl/archive/65e0aad1b721a5aa67f2a8041cf48f691139bb9f.tar.gz"],
),
boringssl_fips = dict(
sha256 = "b12ad676ee533824f698741bd127f6fbc82c46344398a6d78d25e62c6c418c73",
# fips-20180730
urls = ["https://commondatastorage.googleapis.com/chromium-boringssl-docs/fips/boringssl-66005f41fbc3529ffe8d007708756720529da20d.tar.xz"],
sha256 = "3b5fdf23274d4179c2077b5e8fa625d9debd7a390aac1d165b7e47234f648bb8",
# fips-20190808
urls = ["https://commondatastorage.googleapis.com/chromium-boringssl-fips/boringssl-ae223d6138807a13006342edfeef32e813246b39.tar.xz"],
),
com_google_absl = dict(
sha256 = "190b0c9e65ef0866b44c54b517b5a3e15b67a1001b34547f03f8f4d8553c2851",
Expand Down
6 changes: 3 additions & 3 deletions docs/root/intro/arch_overview/security/ssl.rst
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ FIPS 140-2
BoringSSL can be built in a
`FIPS-compliant mode <https://boringssl.googlesource.com/boringssl/+/master/crypto/fipsmodule/FIPS.md>`_,
following the build instructions from the `Security Policy for BoringCrypto module
<https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf>`_,
<https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf>`_,
using ``--define boringssl=fips`` Bazel option. Currently, this option is only available on Linux-x86_64.

The correctness of the FIPS build can be verified by checking the presence of ``BoringSSL-FIPS``
Expand All @@ -53,11 +53,11 @@ it's not sufficient by itself, and depending on the context, additional steps mi
The extra requirements may include using only approved algorithms and/or using only private keys
generated by a module operating in FIPS-approved mode. For more information, please refer to the
`Security Policy for BoringCrypto module
<https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3318.pdf>`_
<https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3678.pdf>`_
and/or an `accredited CMVP laboratory <https://csrc.nist.gov/projects/testing-laboratories>`_.

Please note that the FIPS-compliant build is based on an older version of BoringSSL than
the non-FIPS build, and it predates the final version of TLS 1.3.
the non-FIPS build, and it doesn't support the most recent QUIC APIs.

.. _arch_overview_ssl_enabling_verification:

Expand Down
4 changes: 2 additions & 2 deletions generated_api_shadow/envoy/api/v2/auth/cert.proto

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -340,12 +340,7 @@ ClientContextConfigImpl::ClientContextConfigImpl(
}

const unsigned ServerContextConfigImpl::DEFAULT_MIN_VERSION = TLS1_VERSION;
const unsigned ServerContextConfigImpl::DEFAULT_MAX_VERSION =
#ifndef BORINGSSL_FIPS
TLS1_3_VERSION;
#else // BoringSSL FIPS
TLS1_2_VERSION;
#endif
const unsigned ServerContextConfigImpl::DEFAULT_MAX_VERSION = TLS1_3_VERSION;

const std::string ServerContextConfigImpl::DEFAULT_CIPHER_SUITES =
#ifndef BORINGSSL_FIPS
Expand Down
10 changes: 1 addition & 9 deletions test/extensions/transport_sockets/tls/ssl_socket_test.cc
Original file line number Diff line number Diff line change
Expand Up @@ -3360,7 +3360,7 @@ TEST_P(SslSocketTest, ProtocolVersions) {
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();

// Connection using TLSv1.3 (client) and defaults (server) succeeds (non-FIPS) or fails (FIPS).
// Connection using TLSv1.3 (client) and defaults (server) succeeds.
client_params->set_tls_minimum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
client_params->set_tls_maximum_protocol_version(
Expand All @@ -3370,11 +3370,7 @@ TEST_P(SslSocketTest, ProtocolVersions) {
TestUtilOptionsV2 error_test_options(listener, client, false, GetParam());
error_test_options.setExpectedServerStats("ssl.connection_error")
.setExpectedTransportFailureReasonContains("TLSV1_ALERT_PROTOCOL_VERSION");
#ifndef BORINGSSL_FIPS
testUtilV2(tls_v1_3_test_options);
#else // BoringSSL FIPS
testUtilV2(error_test_options);
#endif
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();

Expand All @@ -3383,11 +3379,7 @@ TEST_P(SslSocketTest, ProtocolVersions) {
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_0);
client_params->set_tls_maximum_protocol_version(
envoy::extensions::transport_sockets::tls::v3::TlsParameters::TLSv1_3);
#ifndef BORINGSSL_FIPS
testUtilV2(tls_v1_3_test_options);
#else // BoringSSL FIPS
testUtilV2(tls_v1_2_test_options);
#endif
client_params->clear_tls_minimum_protocol_version();
client_params->clear_tls_maximum_protocol_version();

Expand Down

0 comments on commit 75a624e

Please sign in to comment.