| Summary: | restrict default cipher suite to those ciphers permitted in fips mode | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Matthew Harmsen <mharmsen> |
| Component: | pki-core | Assignee: | Matthew Harmsen <mharmsen> |
| Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> |
| Severity: | unspecified | Docs Contact: | Marc Muehlfeld <mmuehlfe> |
| Priority: | unspecified | ||
| Version: | 7.5 | CC: | akahat, enewland, mharmsen |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | pki-core-10.5.1-7.el7 | Doc Type: | Bug Fix |
| Doc Text: |
Certificate System now uses strong ciphers by default
With this update, the list of enabled ciphers has been changed. By default, only strong ciphers, which are compliant with the Federal Information Processing Standard (FIPS), are enabled in Certificate System.
RSA ciphers enabled by default:
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA
* TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
* TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
* TLS_RSA_WITH_AES_128_CBC_SHA256
* TLS_RSA_WITH_AES_256_CBC_SHA256
* TLS_RSA_WITH_AES_128_CBC_SHA
* TLS_RSA_WITH_AES_256_CBC_SHA
Note that the *TLS_RSA_WITH_AES_128_CBC_SHA* and *TLS_RSA_WITH_AES_256_CBC_SHA* ciphers need to be enabled to enable the *pkispawn* utility to connect to the LDAP server during the installation and configuration.
ECC ciphers enabled by default:
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
* TLS_RSA_WITH_AES_256_CBC_SHA
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
* TLS_RSA_WITH_AES_256_CBC_SHA256
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
In addition, the default ranges of the "sslVersionRangeStream" and "sslVersionRangeDatagram" parameters in the `/var/lib/pki/<instance_name>/conf/server.xml` file now use only TLS 1.1 and TLS 1.2 ciphers.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-04-10 17:04:05 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Matthew Harmsen
2018-01-26 18:13:56 UTC
* master:
```
commit 8f3700681ea2cbcc3dbe0c768dca177051e9a243
Author: Matthew Harmsen <mharmsen>
Date: Wed Jan 31 17:01:55 2018 -0700
Enable FIPS ciphers as the new default cipher suites
https://pagure.io/dogtagpki/issue/2855
Change-Id: I968cd0e08f69401cb30ecdbdc86eb1f5049a5f37
```
* DOGTAG_10_5_BRANCH:
```
commit 427edd6d16d7d74bb98bb0cda7c0bf67a4463bb9
Author: Matthew Harmsen <mharmsen>
Date: Wed Jan 31 17:01:55 2018 -0700
Enable FIPS ciphers as the new default cipher suites
https://pagure.io/dogtagpki/issue/2855
Change-Id: I968cd0e08f69401cb30ecdbdc86eb1f5049a5f37
(cherry picked from commit 8f3700681ea2cbcc3dbe0c768dca177051e9a243)
```
The external Wiki has been updated to reflect these changes: * http://pki.fedoraproject.org/wiki/SSL Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode:
Enabling FIPS status:
(1) yum install dracut-fips
(2) reboot
(3) press 'e' on the grub config menu to 'edit' the selected kernel
(4) add "fips=1" to the end of the boot line, or when multiple
disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1")
(5) Ctrl-x to boot with fips mode enabled
# sysctl crypto.fips_enabled
crypto.fips_enabled = 1
# script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" typescript.ca-rsa-fips
where 'ca.cfg' contains:
[DEFAULT]
pki_admin_password=<password>
pki_client_pkcs12_password=<password>
pki_ds_password=<password>
# Optionally keep client databases
pki_client_database_purge=False
# pki cert-find
Check '<instance>/conf/server.xml':
sslVersionRangeStream="tls1_1:tls1_2"
sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256,
-TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA"
The following default ciphers should be enabled for RSA servers:
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+TLS_RSA_WITH_AES_128_CBC_SHA256,
+TLS_RSA_WITH_AES_256_CBC_SHA256,
+TLS_RSA_WITH_AES_128_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA
Sample Test Procedure to create an RHCS CA ECC Server in FIPS mode:
Enabling FIPS status:
(1) yum install dracut-fips
(2) reboot
(3) press 'e' on the grub config menu to 'edit' the selected kernel
(4) add "fips=1" to the end of the boot line, or when multiple
disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1")
(5) Ctrl-x to boot with fips mode enabled
# sysctl crypto.fips_enabled
crypto.fips_enabled = 1
# script -c "pkispawn -s CA -f /root/pki/ca_ecc.cfg -vvv" typescript.ca-ecc-fips
where 'ca_ecc.cfg' contains:
[DEFAULT]
pki_admin_password=<password>
pki_client_pkcs12_password=<password>
pki_ds_password=<password>
# Override default RSA Admin parameters with ECC parameters
pki_admin_key_algorithm=SHA256withEC
pki_admin_key_size=nistp256
pki_admin_key_type=ecc
# Override default RSA SSL Server parameters with ECC parameters
pki_sslserver_key_algorithm=SHA256withEC
pki_sslserver_key_size=nistp256
pki_sslserver_key_type=ecc
# Override default RSA Subsystem parameters with ECC parameters
pki_subsystem_key_algorithm=SHA256withEC
pki_subsystem_key_size=nistp256
pki_subsystem_key_type=ecc
# Optionally keep client databases
pki_client_database_purge=False
[CA]
# Override default RSA CA Signing parameters with ECC parameters
pki_ca_signing_key_algorithm=SHA256withEC
pki_ca_signing_key_size=nistp256
pki_ca_signing_key_type=ecc
pki_ca_signing_signing_algorithm=SHA256withEC
# Override default RSA CA OCSP Signing parameters with ECC parameters
pki_ocsp_signing_key_algorithm=SHA256withEC
pki_ocsp_signing_key_size=nistp256
pki_ocsp_signing_key_type=ecc
pki_ocsp_signing_signing_algorithm=SHA256withEC
# pki cert-find
Check '<instance>/conf/server.xml':
sslVersionRangeStream="tls1_1:tls1_2"
sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-TLS_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
-TLS_DHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
-TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
The following default ciphers should be enabled for ECC servers:
+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA,
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA256,
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
I tested this Bugzilla on the version 10.5.1-7.el7. I'm able to see the mentioned algorithms are enabled by default in the server.xml file with fips enabled system for RSA. And for ECC all the mentioned algorithms are enabled by default in the fips enabled system. Verifying this bug. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0925 |