Bug 1255248
| Summary: | Enable curve secp256k1 in OpenSSL | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Bharti Kundal <bkundal> |
| Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED ERRATA | QA Contact: | Stefan Dordevic <sdordevi> |
| Severity: | low | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.1 | CC: | bressers, cww, mgrepl, orion, pjindal, sdordevi, szidek |
| Target Milestone: | rc | Keywords: | FutureFeature |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | openssl-1.0.2k-1.el7 | Doc Type: | Enhancement |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-08-01 18:16:10 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1203710, 1420851 | ||
*** Bug 1324263 has been marked as a duplicate of this bug. *** Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:1929 |
Description of problem: Seems that the version of Openssl on RHEl 6 and RHEL 7 :OpenSSL 1.0.1e-fips 11 Feb 2013 and do not provide secp256k1. 1. Proposed title of this feature request >>>Enable curve secp256k1 in OpenSSL 2. Who is the customer behind the request? Account: name and acct # 1319153 Etes GmbH TAM customer: no SRM customer: no Strategic: no 3. What is the nature and description of the request? >>curve secp256k1 in OpenSSL is enabled for Fedora and likely needs to be included in RHEL 4. Why does the customer need this? (List the business requirements here) >>>There is not yet a specific business requirement, however they think that having the same cryptography options like in Fedora avoids a lack of them at a later time. The intention is to query this early with lower priority in order to hopefully have this feature at a later time when it is needed. 5. How would the customer like to achieve this? (List the functional requirements here) >>>enable the curve in the OpenSSL 6. For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. >>> 7. Is there already an existing RFE upstream or in Red Hat Bugzilla? >>>Yes https://bugzilla.redhat.com/show_bug.cgi?id=1021898 8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)? >>>No specific timeline. RHEL 7, RHEL 6 9. Is the sales team involved in this request and do they have any additional input? >>>No 10. List any affected packages or components. >>>OpenSSL 11. Would the customer be able to assist in testing this functionality if implemented? >>>Yes Version-Release number of selected component (if applicable):OpenSSL 1.0.1e How reproducible: Steps to Reproduce: 1.Run the following command to check for the list of available ciphers: [bkundal@bkundal ~]$ openssl ecparam -list_curves secp384r1 : NIST/SECG curve over a 384 bit prime field prime256v1: X9.62/SECG curve over a 256 bit prime field This does not list the secp256k1 Additional information: curve secp256k1 in OpenSSL is enabled for Fedora