Skip to content

fix(utils): disables the SP800-132 compliance checks on FIPS-mode. #200

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bungle merged 2 commits into from
Jul 29, 2025
Merged

fix(utils): disables the SP800-132 compliance checks on FIPS-mode. #200

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6dde03c
fix(utils): disables the SP800-132 compliance checks on FIPS-mode.
ms2008 Jul 24, 2025
d3db7f0
chore(*): document the changes for SP800-132 compliance check
ms2008 Jul 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 16 additions & 14 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ http {
storage = "cookie",
})
}

server {
listen 8080;
server_name localhost;
Expand All @@ -64,7 +64,7 @@ http {
session:set_subject("OpenResty Fan")
session:set("quote", "The quick brown fox jumps over the lazy dog")
local ok, err = session:save()

ngx.say(string.format([[
<html>
<body>
Expand All @@ -79,7 +79,7 @@ http {
location /started {
content_by_lua_block {
local session, err = require "resty.session".start()

ngx.say(string.format([[
<html>
<body>
Expand All @@ -95,14 +95,14 @@ http {
))
}
}

location /modify {
content_by_lua_block {
local session, err = require "resty.session".start()
session:set_subject("Lua Fan")
session:set("quote", "Lorem ipsum dolor sit amet")
local _, err_save = session:save()

ngx.say(string.format([[
<html>
<body>
Expand All @@ -113,7 +113,7 @@ http {
]], err or err_save or "no error"))
}
}

location /modified {
content_by_lua_block {
local session, err = require "resty.session".start()
Expand All @@ -133,7 +133,7 @@ http {
))
}
}

location /destroy {
content_by_lua_block {
local ok, err = require "resty.session".destroy()
Expand All @@ -148,7 +148,7 @@ http {
]], err or "no error"))
}
}

location /destroyed {
content_by_lua_block {
local session, err = require "resty.session".open()
Expand All @@ -165,9 +165,9 @@ http {
err or "no error"
))
}
}
}
}
}
}
```


Expand Down Expand Up @@ -823,7 +823,7 @@ local session = require "resty.session".new()
local ok, err = session:open()
if ok then
-- session exists

else
-- session did not exists or was invalid
end
Expand Down Expand Up @@ -1242,7 +1242,7 @@ and

```
[ PAYLOAD --]
[ Data *B ]
[ Data *B ]
```

Both the `HEADER` and `PAYLOAD` are base64 url-encoded before putting in a `Set-Cookie` header.
Expand All @@ -1257,7 +1257,7 @@ Header fields explained:
- Flags: binary packed flags (short) in a two byte little endian form.
- SID: `32` bytes of crypto random data (Session ID).
- Created at: binary packed secs from epoch in a little endian form, truncated to 5 bytes.
- Rolling Offset: binary packed secs from creation time in a little endian form (integer).
- Rolling Offset: binary packed secs from creation time in a little endian form (integer).
- Size: binary packed data size in a three byte little endian form.
- Tag: `16` bytes of authentication tag from AES-256-GCM encryption of the data.
- Idling Offset: binary packed secs from creation time + rolling offset in a little endian form, truncated to 3 bytes.
Expand All @@ -1269,7 +1269,7 @@ Header fields explained:
1. Initial keying material (IKM):
1. derive IKM from `secret` by hashing `secret` with SHA-256, or
2. use 32 byte IKM when passed to library with `ikm`
2. Generate 32 bytes of crypto random session id (`sid`)
2. Generate 32 bytes of crypto random session id (`sid`)
3. Derive 32 byte encryption key and 12 byte initialization vector with HKDF using SHA-256 (on FIPS-mode it uses PBKDF2 with SHA-256 instead)
1. Use HKDF extract to derive a new key from `ikm` to get `key` (this step can be done just once per `ikm`):
- output length: `32`
Expand Down Expand Up @@ -1312,6 +1312,8 @@ The `PBKDF2` settings:
Iteration counts are based on `remember_safety` setting (`"Low"`, `"Medium"`, `"High"`, `"Very High"`),
if `remember_safety` is set to `"None"`, we will use the HDKF as above.

*Note:* For backwards compatibility, we disabled the SP800-132 compliance checks on FIPS-mode. This checks that the salt length is at least 128 bits, the derived key length is at least 112 bits, and that the iteration count is at least 1000. These checks are disabled by default in OpenSSL's default provider, but are enabled by default in the FIPS provider.


# Cookie Header Authentication

Expand Down
1 change: 1 addition & 0 deletions lib/resty/session/utils.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -631,6 +631,7 @@ local derive_pbkdf2_hmac_sha256 do
iter = 10000,
salt = "",
pass = "",
pkcs5 = 1, -- Disables the SP800-132 compliance checks on FIPS-mode
}
end
derive_pbkdf2_hmac_sha256 = derive_pbkdf2_hmac_sha256_real
Expand Down