[Swan] FIPS mode - general

Paul Wouters paul at nohats.ca
Thu Mar 5 03:55:42 EET 2015

On Wed, 4 Mar 2015, jonetsu wrote:

>   I|m looking at using libreswan.  NSS can be put into FIPS mode by a proper modutil command. 

Note that putting NSS into fips mode is not enough. Libreswan does its
own detecting of FIPS mode. In general, this means you need to pass
the kernel parameters fips=1, and have the file /etc/system-fips. This
file is normally provided by dracut-fips.

> I understand so far that libreswan uses NSS only.  Is that the case ?  Once in FIPS mode, will libreswan restrict the calls to approved algorithms ? 

That's a good question. It recently came to our attention that NSS might
not fully do this restriction for us and expects the application to do
so. So currently we might not be restricting the algorithms, meaning
that we might accidentally allow twofish, serpent and md5 in FIPS mode.
All other ciphers we support are valid in FIPS mode. Note that PSK
(authby=secret) is specifically not allowed in FIPS mode and libreswan
_does_ prevent that.

Ping me again in a day or two for more information - I should have a
patch once I confirm this error in behaviour and a patch would be part
of libreswan-3.13 and would go into RHEL-7.1 (and likely RHEL-6.7) (and
their centos counterparts)


More information about the Swan mailing list