Bug 1554727
Summary: | Permit additional FIPS ciphers to be enabled by default for RSA . . . [rhel-7.5.z] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Oneata Mircea Teodor <toneata> |
Component: | pki-core | Assignee: | Matthew Harmsen <mharmsen> |
Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 7.6 | CC: | cfu, edewata, jmagne, mharmsen, msauton, rpattath |
Target Milestone: | rc | Keywords: | TestCaseProvided, ZStream |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | pki-core-10.5.1-10.el7 | Doc Type: | No Doc Update |
Doc Text: |
Additional FIPS ciphers as previously documented for https://bugzilla.redhat.com/show_bug.cgi?id=1539125 - restrict default cipher suite to those ciphers permitted in fips mode
|
Story Points: | --- |
Clone Of: | 1550786 | Environment: | |
Last Closed: | 2018-06-26 16:47:58 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1550786 | ||
Bug Blocks: |
Description
Oneata Mircea Teodor
2018-03-13 08:57:39 UTC
commit 7fb0bd0750577bd8c804899ab625799d1fd9ac99 (HEAD -> DOGTAG_10_5_BRANCH, origin/DOGTAG_10_5_BRANCH, gerrit/DOGTAG_10_5_BRANCH) Author: Matthew Harmsen <mharmsen> Date: Mon Mar 5 18:33:51 2018 -0700 Permit additional FIPS ciphers to be enabled by default for RSA . . . It was determined that the following additional FIPS ciphers should be enabled by default for RSA: * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Reference: dogtagpki Pagure Issue #2855 - restrict default cipher suite to those ciphers permitted in fips mode Fixes: https://pagure.io/dogtagpki/issue/2952 Change-Id: I0947e8581beb3140e4c07800dd2c6bc9d90a6cd8 (cherry picked from commit 7809f40bcd49ad11f0a314cd45979cfdcb55686f) Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode: Install the latest NSS (e. g. - >= nss-3.34.0-4): # rpm -q nss nss-3.34.0-4.el7.x86_64 Enabling FIPS status: (1) yum install dracut-fips (2) reboot (3) press 'e' on the grub config menu to 'edit' the selected kernel (4) add "fips=1" to the end of the boot line, or when multiple disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1") (5) Ctrl-x to boot with fips mode enabled # sysctl crypto.fips_enabled crypto.fips_enabled = 1 # script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" typescript.ca-rsa-fips where 'ca.cfg' contains: [DEFAULT] pki_admin_password=<password> pki_client_pkcs12_password=<password> pki_ds_password=<password> # pki cert-find Check '<instance>/conf/server.xml': sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, -TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, -TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, -TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256, -TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" The following default ciphers should be enabled for RSA servers: +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA, +TLS_DHE_RSA_WITH_AES_256_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, +TLS_RSA_WITH_AES_128_CBC_SHA256, +TLS_RSA_WITH_AES_256_CBC_SHA256, +TLS_RSA_WITH_AES_128_CBC_SHA, +TLS_RSA_WITH_AES_256_CBC_SHA (In reply to Matthew Harmsen from comment #3) > Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode: > > Install the latest NSS (e. g. - >= nss-3.34.0-4): > > # rpm -q nss > nss-3.34.0-4.el7.x86_64 > > Enabling FIPS status: > > (1) yum install dracut-fips > (2) reboot > (3) press 'e' on the grub config menu to 'edit' the selected kernel > (4) add "fips=1" to the end of the boot line, or when multiple > disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1") > (5) Ctrl-x to boot with fips mode enabled > > # sysctl crypto.fips_enabled > crypto.fips_enabled = 1 > > # script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" > typescript.ca-rsa-fips > > where 'ca.cfg' contains: > > [DEFAULT] > pki_admin_password=<password> > pki_client_pkcs12_password=<password> > pki_ds_password=<password> > > # pki cert-find > > Check '<instance>/conf/server.xml': > > > sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,- > TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,- > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, > > -TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,- > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, > > -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > > -TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,- > TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, > > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, > > +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,- > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, > > -TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256, > +TLS_RSA_WITH_AES_256_CBC_SHA256, > > -TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA, > +TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" > > The following default ciphers should be enabled for RSA servers: > > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, > +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_256_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, > +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, > +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, > +TLS_RSA_WITH_AES_128_CBC_SHA256, > +TLS_RSA_WITH_AES_256_CBC_SHA256, > +TLS_RSA_WITH_AES_128_CBC_SHA, > +TLS_RSA_WITH_AES_256_CBC_SHA From the above list the following were not enabled by default for an RSA CA server: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Snippet from server.xml <Connector name="Secure" port="8443" protocol="HTTP/1.1" SSLEnabled="true" sslProtocol="SSL" scheme="https" secure="true" maxHttpHeaderSize="8192" connectionTimeout="3000000" keepAliveTimeout="300000" acceptCount="100" maxThreads="150" minSpareThreads="25" enableLookups="false" disableUploadTimeout="true" sslImplementationName="org.apache.tomcat.util.net.jss.JSSImplementation" enableOCSP="false" ocspResponderURL="http://nocp1.idm.lab.eng.rdu2.redhat.com:8080/ca/ocsp" ocspResponderCertNickname="ocspSigningCert cert-pki-ca" ocspCacheSize="1000" ocspMinCacheEntryDuration="60" ocspMaxCacheEntryDuration="120" ocspTimeout="10" strictCiphers="true" clientAuth="want" sslVersionRangeStream="tls1_1:tls1_2" sslVersionRangeDatagram="tls1_1:tls1_2" sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" serverCertNickFile="/var/lib/pki/pki-ca-Apr3/conf/serverCertNick.conf" passwordFile="/var/lib/pki/pki-ca-Apr3/ca/conf/CS.cfg" passwordClass="com.netscape.cms.tomcat.NuxwdogPasswordStore" certdbDir="/var/lib/pki/pki-ca-Apr3/alias"/> [root@auto-hv-01-guest06 ~]# rpm -qi pki-ca Name : pki-ca Version : 10.5.1 Release : 10.el7 Architecture: noarch Install Date: Mon 09 Apr 2018 09:39:10 AM EDT Group : System Environment/Daemons Size : 2449044 License : GPLv2 Signature : RSA/SHA256, Sun 25 Mar 2018 09:31:41 PM EDT, Key ID 199e2f91fd431d51 Source RPM : pki-core-10.5.1-10.el7.src.rpm Build Date : Sun 25 Mar 2018 02:56:04 AM EDT Build Host : ppc-016.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://pki.fedoraproject.org/ Summary : Certificate System - Certificate Authority +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA +TLS_DHE_RSA_WITH_AES_128_CBC_SHA +TLS_DHE_RSA_WITH_AES_256_CBC_SHA +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 +TLS_RSA_WITH_AES_128_CBC_SHA256 +TLS_RSA_WITH_AES_256_CBC_SHA256 +TLS_RSA_WITH_AES_128_CBC_SHA +TLS_RSA_WITH_AES_256_CBC_SHA All of the above mentioned ciphers are enabled for all pki subsystem instances by default. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:1979 |