add new pkg/fips for FIPS 140-2 (#12051)

This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2025-11-11 22:40:14 -05:00 · 2021-04-14 17:29:56 +02:00
parent b4eeeb8449
commit 97aa831352
11 changed files with 178 additions and 44 deletions
--- a/cmd/http/server.go
+++ b/cmd/http/server.go
@@ -33,6 +33,7 @@ import (
 	"github.com/minio/minio/cmd/config/api"
 	"github.com/minio/minio/pkg/certs"
 	"github.com/minio/minio/pkg/env"
+	"github.com/minio/minio/pkg/fips"
 )

 const (
@@ -159,28 +160,6 @@ func (srv *Server) Shutdown() error {
 	}
 }

-// Secure Go implementations of modern TLS ciphers
-// The following ciphers are excluded because:
-//  - RC4 ciphers:              RC4 is broken
-//  - 3DES ciphers:             Because of the 64 bit blocksize of DES (Sweet32)
-//  - CBC-SHA256 ciphers:       No countermeasures against Lucky13 timing attack
-//  - CBC-SHA ciphers:          Legacy ciphers (SHA-1) and non-constant time
-//                              implementation of CBC.
-//                              (CBC-SHA ciphers can be enabled again if required)
-//  - RSA key exchange ciphers: Disabled because of dangerous PKCS1-v1.5 RSA
-//                              padding scheme. See Bleichenbacher attacks.
-var secureCipherSuites = []uint16{
-	tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
-	tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
-	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-	tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-	tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-	tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
-}
-
-// Go only provides constant-time implementations of Curve25519 and NIST P-256 curve.
-var secureCurves = []tls.CurveID{tls.X25519, tls.CurveP256}
-
 // NewServer - creates new HTTP server using given arguments.
 func NewServer(addrs []string, handler http.Handler, getCert certs.GetCertificateFunc) *Server {
 	secureCiphers := env.Get(api.EnvAPISecureCiphers, config.EnableOn) == config.EnableOn
@@ -188,17 +167,15 @@ func NewServer(addrs []string, handler http.Handler, getCert certs.GetCertificat
 	var tlsConfig *tls.Config
 	if getCert != nil {
 		tlsConfig = &tls.Config{
-			// TLS hardening
 			PreferServerCipherSuites: true,
 			MinVersion:               tls.VersionTLS12,
 			NextProtos:               []string{"http/1.1", "h2"},
+			GetCertificate:           getCert,
+		}
+		if secureCiphers || fips.Enabled() {
+			tlsConfig.CipherSuites = fips.CipherSuitesTLS()
+			tlsConfig.CurvePreferences = fips.EllipticCurvesTLS()
 		}
-		tlsConfig.GetCertificate = getCert
-	}
-
-	if secureCiphers && tlsConfig != nil {
-		tlsConfig.CipherSuites = secureCipherSuites
-		tlsConfig.CurvePreferences = secureCurves
 	}

 	httpServer := &Server{