github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/fips/api.go (about) 1 // Copyright (c) 2015-2021 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 // Package fips provides functionality to configure cryptographic 19 // implementations compliant with FIPS 140. 20 // 21 // FIPS 140 [1] is a US standard for data processing that specifies 22 // requirements for cryptographic modules. Software that is "FIPS 140 23 // compliant" must use approved cryptographic primitives only and that 24 // are implemented by a FIPS 140 certified cryptographic module. 25 // 26 // So, FIPS 140 requires that a certified implementation of e.g. AES 27 // is used to implement more high-level cryptographic protocols. 28 // It does not require any specific security criteria for those 29 // high-level protocols. FIPS 140 focuses only on the implementation 30 // and usage of the most low-level cryptographic building blocks. 31 // 32 // [1]: https://en.wikipedia.org/wiki/FIPS_140 33 package fips 34 35 import ( 36 "crypto/tls" 37 38 "github.com/minio/sio" 39 ) 40 41 // Enabled indicates whether cryptographic primitives, 42 // like AES or SHA-256, are implemented using a FIPS 140 43 // certified module. 44 // 45 // If FIPS-140 is enabled no non-NIST/FIPS approved 46 // primitives must be used. 47 const Enabled = enabled 48 49 // DARECiphers returns a list of supported cipher suites 50 // for the DARE object encryption. 51 func DARECiphers() []byte { 52 if Enabled { 53 return []byte{sio.AES_256_GCM} 54 } 55 return []byte{sio.AES_256_GCM, sio.CHACHA20_POLY1305} 56 } 57 58 // TLSCiphers returns a list of supported TLS transport 59 // cipher suite IDs. 60 // 61 // The list contains only ciphers that use AES-GCM or 62 // (non-FIPS) CHACHA20-POLY1305 and ellitpic curve key 63 // exchange. 64 func TLSCiphers() []uint16 { 65 if Enabled { 66 return []uint16{ 67 tls.TLS_AES_128_GCM_SHA256, // TLS 1.3 68 tls.TLS_AES_256_GCM_SHA384, 69 tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, // TLS 1.2 70 tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 71 tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 72 tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 73 } 74 } 75 return []uint16{ 76 tls.TLS_CHACHA20_POLY1305_SHA256, // TLS 1.3 77 tls.TLS_AES_128_GCM_SHA256, 78 tls.TLS_AES_256_GCM_SHA384, 79 tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, // TLS 1.2 80 tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 81 tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 82 tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 83 tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 84 tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 85 } 86 } 87 88 // TLSCiphersBackwardCompatible returns a list of supported 89 // TLS transport cipher suite IDs. 90 // 91 // In contrast to TLSCiphers, the list contains additional 92 // ciphers for backward compatibility. In particular, AES-CBC 93 // and non-ECDHE ciphers. 94 func TLSCiphersBackwardCompatible() []uint16 { 95 if Enabled { 96 return []uint16{ 97 tls.TLS_AES_128_GCM_SHA256, // TLS 1.3 98 tls.TLS_AES_256_GCM_SHA384, 99 tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, // TLS 1.2 ECDHE GCM 100 tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 101 tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 102 tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 103 tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, // TLS 1.2 ECDHE CBC 104 tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 105 tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 106 tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 107 tls.TLS_RSA_WITH_AES_128_GCM_SHA256, // TLS 1.2 non-ECDHE 108 tls.TLS_RSA_WITH_AES_256_GCM_SHA384, 109 tls.TLS_RSA_WITH_AES_128_CBC_SHA, 110 tls.TLS_RSA_WITH_AES_256_CBC_SHA, 111 } 112 } 113 return []uint16{ 114 tls.TLS_CHACHA20_POLY1305_SHA256, // TLS 1.3 115 tls.TLS_AES_128_GCM_SHA256, 116 tls.TLS_AES_256_GCM_SHA384, 117 tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, // TLS 1.2 ECDHE GCM / POLY1305 118 tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 119 tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 120 tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 121 tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 122 tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 123 tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, // TLS 1.2 ECDHE CBC 124 tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 125 tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 126 tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 127 tls.TLS_RSA_WITH_AES_128_GCM_SHA256, // TLS 1.2 non-ECDHE 128 tls.TLS_RSA_WITH_AES_256_GCM_SHA384, 129 tls.TLS_RSA_WITH_AES_128_CBC_SHA, 130 tls.TLS_RSA_WITH_AES_256_CBC_SHA, 131 } 132 } 133 134 // TLSCurveIDs returns a list of supported elliptic curve IDs 135 // in preference order. 136 func TLSCurveIDs() []tls.CurveID { 137 var curves []tls.CurveID 138 if !Enabled { 139 curves = append(curves, tls.X25519) // Only enable X25519 in non-FIPS mode 140 } 141 curves = append(curves, tls.CurveP256) 142 if go19 { 143 // With go1.19 enable P384, P521 newer constant time implementations. 144 curves = append(curves, tls.CurveP384, tls.CurveP521) 145 } 146 return curves 147 }