Bug 982152 - cryptsetup does not work in FIPS mode
cryptsetup does not work in FIPS mode
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: cryptsetup (Show other bugs)
7.0
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Ondrej Kozina
Release Test Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-08 05:23 EDT by Michal Toman
Modified: 2015-03-22 20:42 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-07-09 07:59:24 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Michal Toman 2013-07-08 05:23:17 EDT
Description of problem:
I'm using RHEL7 with encrypted root and home. Booting into FIPS mode fails when trying to unlock root and drops me into emergency shell. Trying to unlock the device manually using cryptsetup fails with the following error:

# cryptsetup luksOpen /dev/sda2 root
FIPS checksum verification failed.

Version-Release number of selected component (if applicable):
cryptsetup-1.6.1-1.el7.x86_64
dracut-fips-029-1.el7.x86_64
fipscheck-lib-1.3.1-3.el7.x86_64
kernel-3.10.0-0.rc7.64.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Enable FIPS mode in RHEL7
2. Try to unlock an encrypted device

Actual results:
FIPS checksum verification failed.

Expected results:
The device is unlocked and registered to device mapper.
Comment 2 Ondrej Kozina 2013-07-08 07:48:33 EDT
Please, could you supply output from: ls -l /usr/lib{,64}/fipscheck/libcryptsetup.*
Comment 3 Ondrej Kozina 2013-07-08 07:55:27 EDT
turn off FIPS mode temporary, in case you have rootfs on encrypted device...
Comment 4 Michal Toman 2013-07-08 08:00:53 EDT
$ ls -l /usr/lib{,64}/fipscheck/libcryptsetup.*
ls: cannot access /usr/lib/fipscheck/libcryptsetup.*: No such file or directory
-rw-r--r--. 1 root root 65 Apr  4 15:32 /usr/lib64/fipscheck/libcryptsetup.so.4.5.0.hmac
-rw-r--r--. 1 root root 65 Apr  4 15:32 /usr/lib64/fipscheck/libcryptsetup.so.4.hmac
Comment 5 Ondrej Kozina 2013-07-08 10:33:56 EDT
OK. Maybe we are getting somewhere. I installed a fresh RHEL7 and everything worked as intended in FIPS mode. So far, it looks like you have something wrong with checksum files in initramfs image (provided you have encrypted device with root filesystem and you need to open it before rootfs is mounted)

Could you please unpack your initramfs image and look for libcryptsetup checksum files? It will be at the same location inside the image: <initramfs_image>/usr/lib64/fipscheck/libcryptsetup.so.4.5.0.hmac.

In case the checksum files are missing (there should be also checksum for cryptsetup cmd line binary), try to run dracut -f -M once again, to see which modules are actually included in your initramfs image.

In case both files (cryptsetup.hmac and libcryptsetup...) are present, try to run following command and paste the output here, please:

FIPSCHECK_DEBUG=error fipscheck /usr/lib64/libcryptsetup.so.4; echo $?
FIPSCHECK_DEBUG=error fipscheck /usr/sbin/cryptsetup; echo $?
Comment 6 Ondrej Kozina 2013-07-08 10:39:09 EDT
Oh! Concerning the last 2 commands: I need the output from an emergency shell, after the failure
Comment 7 Michal Toman 2013-07-09 04:30:04 EDT
(In reply to Ondrej Kozina from comment #5)
> OK. Maybe we are getting somewhere. I installed a fresh RHEL7 and everything
> worked as intended in FIPS mode. So far, it looks like you have something
> wrong with checksum files in initramfs image (provided you have encrypted
> device with root filesystem and you need to open it before rootfs is mounted)
This is exactly the case

The checksums got pulled into initramfs:
# ls -l /usr/lib64/fipscheck/
total 20
-rw-r--r-- 1 root 0 65 Apr  4 15:32 cryptsetup.hmac
-rw-r--r-- 1 root 0 65 Mar 16 16:59 fipscheck.hmac
-rw-r--r-- 2 root 0 65 Apr  4 15:32 libcryptsetup.so.4.5.0.hmac
-rw-r--r-- 2 root 0 65 Apr  4 15:32 libcryptsetup.so.4.hmac
-rw-r--r-- 1 root 0 65 Mar 16 16:59 libfipscheck.so.1.1.0.hmac
lrwxrwxrwx 1 root 0 26 Jul  8 22:57 libfipscheck.so.1.hmac -> libfipscheck.so.1.1.0.hmac

# FIPSCHECK_DEBUG=error fipscheck /usr/lib64/libcryptsetup.so.4; echo $?
fipscheck: FIPS_mode_set() failed
14

# FIPSCHECK_DEBUG=error fipscheck /usr/sbin/cryptsetup; echo $?
fipscheck: FIPS_mode_set() failed
14
Comment 8 Tomas Mraz 2013-07-09 05:25:10 EDT
We need also the .hmac files from the openssl-libs package for the fipscheck to work. These are:

/usr/lib64/.libcrypto.so.1.0.1e.hmac
/usr/lib64/.libcrypto.so.10.hmac
/usr/lib64/.libssl.so.1.0.1e.hmac
/usr/lib64/.libssl.so.10.hmac
/usr/lib64/libcrypto.so.1.0.1e
/usr/lib64/libcrypto.so.10
/usr/lib64/libssl.so.1.0.1e
/usr/lib64/libssl.so.10
Comment 9 Michal Toman 2013-07-09 06:03:49 EDT
These are also present:

# ls -l <the list>
-rw-r--r-- 1 root 0      65 May 10 19:20 /usr/lib64/.libcrypto.so.1.0.1e.hmac
lrwxrwxrwx 1 root 0      25 Jul  9 11:49 /usr/lib64/.libcrypto.so.10.hmac -> .libcrypto.so.1.0.1e.hmac
-rw-r--r-- 1 root 0      65 May 10 19:20 /usr/lib64/.libssl.so.1.0.1e.hmac
lrwxrwxrwx 1 root 0      22 Jul  9 11:49 /usr/lib64/.libssl.so.10.hmac -> .libssl.so.1.0.1e.hmac
-rwxr-xr-x 1 root 0 1960312 May 10 19:20 /usr/lib64/libcrypto.so.1.0.1e
lrwxrwxrwx 1 root 0      19 Jul  9 11:49 /usr/lib64/libcrypto.so.10 -> libcrypto.so.1.0.1e
-rwxr-xr-x 1 root 0  441920 May 10 19:20 /usr/lib64/libssl.so.1.0.1e
lrwxrwxrwx 1 root 0      16 Jul  9 11:49 /usr/lib64/libssl.so.10 -> libssl.so.1.0.1e

Running fipscheck on libssl or libcrypto results into the same behavior as on cryptsetup:

# FIPSCHECK_DEBUG=error fipscheck /usr/lib64/libcrypto.so.1.0.1e; echo $?
fipscheck: FIPS_mode_set() failed
14

# FIPSCHECK_DEBUG=error fipscheck /usr/lib64/libssl.so.1.0.1e; echo $?
fipscheck: FIPS_mode_set() failed
14

Here's the list of modules that dracut pulls:

# dracut -f -M
fips
i18n
drm
plymouth
crypt
dm
kernel-modules
resume
rootfs-block
terminfo
udev-rules
biosdevname
systemd
usrmount
base
fs-lib
shutdown

I have openssl-libs-1.0.1e-8.el7.x86_64 installed.
Comment 10 Michal Toman 2013-07-09 06:19:06 EDT
One thing that comes to my mind is that all the .hmac files seem to contain 256-bit long hashes. In my initramfs, I can only see /usr/bin/sha512hmac and /usr/lib64/hmaccalc/sha512hmac.hmac
Comment 11 Tomas Mraz 2013-07-09 06:40:21 EDT
hmaccalc and sha512hmac is not used by fipscheck and cryptsetup.
Comment 12 Tomas Mraz 2013-07-09 06:43:43 EDT
Are the libcrypto and libssl files exactly the same as in vanilla openssl-libs-1.0.1e-8.el7 package?

Do you have prelink disabled?
Comment 13 Michal Toman 2013-07-09 06:58:52 EDT
Although I didn't have prelink installed, installing it and unprelinking everything fixed the problem. Thank you for your quick responses and consider this NOTABUG.
Comment 14 Ondrej Kozina 2013-07-09 07:59:24 EDT
More on that in comment #12 and #13
Comment 15 Ondrej Kozina 2013-07-09 08:44:32 EDT
For anyone experiencing same chain of errors, please look into:

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sect-Security_Guide-Federal_Standards_And_Regulations-Federal_Information_Processing_Standard.html, chapter 7.2.1, item 1:

You have to use prelink -u -a command before creating initramfs image every time unless you are absolutely sure there is no prelinked binary or library in your system.

Note You need to log in before you can comment on or make changes to this bug.