Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-73334

plugin is not FIPS compliant

XMLWordPrintable

    • Icon: New Feature New Feature
    • Resolution: Fixed
    • Icon: Minor Minor
    • credentials-plugin
    • None
    • 1361.v56f5ca_35d21c

      The Credentials plugin uses a hard coded PKCS#12 store for CertificateCredentialsImpl (KeyStoreSource)

       

      PKCS#12 is not FIPS compliant due to the use of the outer integrity check.

       

      As such this functionality should not be usable when in FIPS mode.

          [JENKINS-73334] plugin is not FIPS compliant

          Tim Jacomb added a comment -

          What makes PKCS#12 not compliant? This seems to indicate that it can be: https://davidscode.com/blog/2022/02/15/generating-fips-compliant-pkcs12-files-with-openssl/

          Tim Jacomb added a comment - What makes PKCS#12 not compliant? This seems to indicate that it can be: https://davidscode.com/blog/2022/02/15/generating-fips-compliant-pkcs12-files-with-openssl/

          James Nord added a comment - - edited

          it lies   (certainly with the date it was published!)

          the key derivation function (PKCS12KDF) is the part that is non compliant for PKCS12.  There is an open draft (expired) RFC to add PBKDF2 support but the standard only supports 2 non compliant ways today.

          The KDF is used for integrity checking - and if you do not do integrity checking its fine, but then FIPS you want integrity checking to prevent tampering (because FIPS)  

          https://github.com/openssl/openssl/issues/20427#issuecomment-1455286294

           

          appears as though the draft is now ready (may 2024!) - but there are still issues.

          1. the algorithms used need to come from a validated library for FIPS compliance. 
          2. the (stadard) JVM implementation appears to utilise its own providers in preference to anything configured in the JVM (ie it ignores BouncyCastle and will parse a PKCS12 and not error - the older versions are certainly not using that updated KDF!)
          3. This has not evloved into Bouncycastle (or the FIPS version) yet to use a BC-FIPS variety.
          https://downloads.bouncycastle.org/fips-java/docs/BC-FJA-UserGuide-1.0.2.pdf sec 7

          James Nord added a comment - - edited it lies   (certainly with the date it was published!) the key derivation function (PKCS12KDF) is the part that is non compliant for PKCS12.  There is an open draft (expired) RFC to add PBKDF2 support but the standard only supports 2 non compliant ways today. The KDF is used for integrity checking - and if you do not do integrity checking its fine, but then FIPS you want integrity checking to prevent tampering (because FIPS)   https://github.com/openssl/openssl/issues/20427#issuecomment-1455286294   appears as though the draft is now ready (may 2024!) - but there are still issues. 1. the algorithms used need to come from a validated library for FIPS compliance.  2. the (stadard) JVM implementation appears to utilise its own providers in preference to anything configured in the JVM (ie it ignores BouncyCastle and will parse a PKCS12 and not error - the older versions are certainly not using that updated KDF!) 3. This has not evloved into Bouncycastle (or the FIPS version) yet to use a BC-FIPS variety. https://downloads.bouncycastle.org/fips-java/docs/BC-FJA-UserGuide-1.0.2.pdf sec 7

          Tim Jacomb added a comment -

          Java seems to be adding a HKDF for KDF in Java 25 for FIPS, FYI: https://bugs.openjdk.org/browse/JDK-8344464

          (https://github.com/openjdk/jdk/pull/22215)

          Tim Jacomb added a comment - Java seems to be adding a HKDF for KDF in Java 25 for FIPS, FYI: https://bugs.openjdk.org/browse/JDK-8344464 ( https://github.com/openjdk/jdk/pull/22215 )

          James Nord added a comment -

          The JDK providers are not FIPS certified - so even if a future JDK adds support for some algorithm, it doesn't make anything compliant.
          The code that that performs the encryption (hashing etc) needs to be validated and whilst RedHat purport to have support for FIPS in their OpenJDK build via numerous patches, however it is woeful and currently known to be broken in at least one critical area.

          Bouncy Castle already has support for HKDF (non FIPS) and some lower level support in the FIPS variant

          https://github.com/bcgit/bc-java/issues/1739 and any support from BouncyCastle is more interesting for us at least as far as supporting PKCS12 in credentials

          James Nord added a comment - The JDK providers are not FIPS certified - so even if a future JDK adds support for some algorithm, it doesn't make anything compliant. The code that that performs the encryption (hashing etc) needs to be validated and whilst RedHat purport to have support for FIPS in their OpenJDK build via numerous patches, however it is woeful and currently known to be broken in at least one critical area. Bouncy Castle already has support for HKDF (non FIPS) and some lower level support in the FIPS variant https://github.com/bcgit/bc-java/issues/1739 and any support from BouncyCastle is more interesting for us at least as far as supporting PKCS12 in credentials

            teilo James Nord
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: