Bug 1550786
Summary: | Permit additional FIPS ciphers to be enabled by default for RSA and ECC . . . | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Matthew Harmsen <mharmsen> | |
Component: | pki-core | Assignee: | Matthew Harmsen <mharmsen> | |
Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> | |
Severity: | urgent | Docs Contact: | Marc Muehlfeld <mmuehlfe> | |
Priority: | urgent | |||
Version: | 7.6 | CC: | lkuprova, msauton, rpattath | |
Target Milestone: | rc | Keywords: | TestCaseProvided, ZStream | |
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Enhancement | ||
Doc Text: |
Certificate System now supports additional strong ciphers by default
With this update, the following additional ciphers, which are compliant with the Federal Information Processing Standard (FIPS), are enabled by default in Certificate System:
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* TLS_RSA_WITH_AES_256_GCM_SHA384
For a full list of enabled ciphers, enter:
# /usr/lib64/nss/unsupported-tools/listsuites | grep -B1 --no-group-separator "Enabled"
If you use a Hardware Security Module (HSM) with Certificate System, see the documentation of the HSM for supported ciphers.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1554055 1554727 (view as bug list) | Environment: | ||
Last Closed: | 2018-10-30 11:05:27 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1554055, 1554056, 1554058, 1554727 |
Description
Matthew Harmsen
2018-03-02 02:23:48 UTC
(In reply to Matthew Harmsen from comment #0) > It was determined that the following additional FIPS ciphers should be > enabled by default for RSA: > > TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 > TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > TLS_RSA_WITH_AES_256_GCM_SHA384 > > and the following additional FIPS ciphers should be enabled by default for > ECC: > > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 > TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 > > Reference: Bug 1539125 - restrict default cipher suite to those ciphers > permitted in fips mode As the SHA384 cipher variants are not yet available in JSS, this bug will be altered to ONLY include the following additional ciphers: * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Separate bugs will be filed for both JSS and NSS to include SHA384 ciphers. Author: Matthew Harmsen <mharmsen> Date: Mon Mar 5 18:33:51 2018 -0700 Permit additional FIPS ciphers to be enabled by default for RSA . . . It was determined that the following additional FIPS ciphers should be enabled by default for RSA: * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Reference: dogtagpki Pagure Issue #2855 - restrict default cipher suite to those ciphers permitted in fips mode Fixes: https://pagure.io/dogtagpki/issue/2952 Change-Id: I0947e8581beb3140e4c07800dd2c6bc9d90a6cd8 Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode: Install the latest NSS (e. g. - >= nss-3.34.0-4): # rpm -q nss nss-3.34.0-4.el7.x86_64 Enabling FIPS status: (1) yum install dracut-fips (2) reboot (3) press 'e' on the grub config menu to 'edit' the selected kernel (4) add "fips=1" to the end of the boot line, or when multiple disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1") (5) Ctrl-x to boot with fips mode enabled # sysctl crypto.fips_enabled crypto.fips_enabled = 1 # script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" typescript.ca-rsa-fips where 'ca.cfg' contains: [DEFAULT] pki_admin_password=<password> pki_client_pkcs12_password=<password> pki_ds_password=<password> # pki cert-find Check '<instance>/conf/server.xml': sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, -TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, -TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, -TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256, -TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" The following default ciphers should be enabled for RSA servers: +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA, +TLS_DHE_RSA_WITH_AES_256_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, +TLS_RSA_WITH_AES_128_CBC_SHA256, +TLS_RSA_WITH_AES_256_CBC_SHA256, +TLS_RSA_WITH_AES_128_CBC_SHA, +TLS_RSA_WITH_AES_256_CBC_SHA Marking MODIFIED; inherited from 7.5.z [root@nocp1 ~]# rpm -qi pki-ca Name : pki-ca Version : 10.5.9 Release : 1.el7 Architecture: noarch Install Date: Wed 11 Jul 2018 02:01:35 PM EDT Group : System Environment/Daemons Size : 2451155 License : GPLv2 Signature : RSA/SHA256, Thu 14 Jun 2018 02:28:50 PM EDT, Key ID 199e2f91fd431d51 Source RPM : pki-core-10.5.9-1.el7.src.rpm Build Date : Thu 14 Jun 2018 01:01:34 PM EDT Build Host : ppc-015.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://pki.fedoraproject.org/ Summary : Certificate System - Certificate Authority Verification steps explained in https://bugzilla.redhat.com/show_bug.cgi?id=1554727#c8 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3195 |