Add configuration option to allow the FIPS provider to use the jitter source internally

Enabling this breaks FIPS compliance unless an entropy assessment and a revalidation
are undertaken.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

diff --git a/Configure b/Configure
index fff97bd6fc82043f61b91a2172677bd15a8e3329..2b41c4f69f665da0bf8e71cc61ad7d7012fa5033 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -472,6 +472,7 @@ my @disablables = (
     "fips",
     "fips-securitychecks",
     "fips-post",
+    "fips-jitter",
     "fuzz-afl",
     "fuzz-libfuzzer",
     "gost",
@@ -573,6 +574,7 @@ my %deprecated_disablables = (
 
 our %disabled = ( # "what"         => "comment"
                   "fips"                => "default",
+                  "fips-jitter"         => "default",
                   "asan"                => "default",
                   "brotli"              => "default",
                   "brotli-dynamic"      => "default",
@@ -689,7 +691,8 @@ my @disable_cascades = (
 
     "cmp"               => [ "crmf" ],
 
-    "fips"              => [ "fips-securitychecks", "fips-post", "acvp-tests" ],
+    "fips"              => [ "fips-securitychecks", "fips-post", "acvp-tests",
+                             "fips-jitter" ],
 
     "threads"           => [ "thread-pool" ],
     "thread-pool"       => [ "default-thread-pool" ],
@@ -957,6 +960,11 @@ while (@argvcopy)
                         {
                         delete $disabled{"zstd"};
                         }
+                elsif ($1 eq "fips-jitter")
+                        {
+                        delete $disabled{"fips"};
+                        delete $disabled{"jitter"};
+                        }
                 my $algo = $1;
                 delete $disabled{$algo};
 

diff --git a/INSTALL.md b/INSTALL.md
index 63ca4e37a5dc31e5e8558a786b874804389cacef..cf942ae1721efb41c157013328521ddda156947f 100644 (file)
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -536,7 +536,7 @@ shown below:
     [random]
     seed=JITTER
 
-It uses a statically linked [jitterentropy-library](https://github.com/smuellerDD/jitterentropy-library) as the seed source.
+It uses a statically linked [jitterentropy-library] as the seed source.
 
 Additional configuration flags available:
 
@@ -841,6 +841,19 @@ Don't perform FIPS module Power On Self Tests.
 This option MUST be used for debugging only as it makes the FIPS provider
 non-compliant. It is useful when setting breakpoints in FIPS algorithms.
 
+### enable-fips-jitter
+
+Use the CPU Jitter library as a FIPS validated entropy source.
+
+This option will only produce a compliant FIPS provider if you have:
+
+1. independently performed the required [SP 800-90B] entropy assessments;
+2. meet the minimum required entropy as specified by [jitterentropy-library];
+3. obtain an [ESV] certificate for the [jitterentropy-library] and
+4. have had the resulting FIPS provider certified by the [CMVP].
+
+Failure to do all of these will produce a non-compliant FIPS provider.
+
 ### enable-fuzz-libfuzzer, enable-fuzz-afl
 
 Build with support for fuzzing using either libfuzzer or AFL.
@@ -2006,3 +2019,15 @@ is used, as it is the version of the GNU assembler that will be checked.
 
 [10-main.conf]:
     Configurations/10-main.conf
+
+[CMVP]:
+    <https://csrc.nist.gov/projects/cryptographic-module-validation-program>
+
+[ESV]:
+    <https://csrc.nist.gov/Projects/cryptographic-module-validation-program/entropy-validations>
+
+[SP 800-90B]:
+    <https://csrc.nist.gov/pubs/sp/800/90/b/final>
+
+[jitterentropy-library]:
+    <https://github.com/smuellerDD/jitterentropy-library>