Bug 1570782

Summary: CRYPT, CRYPT-MD5 and PBKDF2_SHA256 are not accepted as password storage schemes in FIPS mode
Product: Red Hat Enterprise Linux 7 Reporter: Viktor Ashirov <vashirov>
Component: 389-ds-baseAssignee: mreynolds
Status: CLOSED NOTABUG QA Contact: Viktor Ashirov <vashirov>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.5CC: nkinder, rmeggins
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-04-23 13:36:33 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Viktor Ashirov 2018-04-23 12:08:12 UTC 
Description of problem:
In FIPS mode the following tests are failing:
suites/password/pwd_algo_test.py::test_pwd_algo_test[CRYPT] FAILED
suites/password/pwd_algo_test.py::test_pwd_algo_test[CRYPT-MD5] FAILED
suites/password/pwd_algo_test.py::test_pwd_algo_test[PBKDF2_SHA256] FAILED

E         ldap.UNWILLING_TO_PERFORM: {'desc': 'Server is unwilling to perform', 'info': 'Unable to store attribute "userPassword" correctly\n'}

Version-Release number of selected component (if applicable):
389-ds-base: 1.3.7.5-18.el7
nss: 3.34.0-4.el7


How reproducible:
always

Steps to Reproduce:
1. Enable FIPS mode
2.  py.test -v suites/password/pwd_algo_test.py
Comment 1 mreynolds 2018-04-23 12:35:29 UTC 
I know FIPS does NOT support PBKDF2, and it looks like its not supporting CRYPT either.  So perhaps this a doc bug?
Comment 2 Viktor Ashirov 2018-04-23 12:49:49 UTC 
CRYPT-SHA256 and CRYPT-SHA512 are accepted though. If that's not a bug, then we'll update the tests to check if we're running in FIPS mode.
Comment 3 mreynolds 2018-04-23 13:18:53 UTC 
(In reply to Viktor Ashirov from comment #2)
> CRYPT-SHA256 and CRYPT-SHA512 are accepted though. If that's not a bug, then
> we'll update the tests to check if we're running in FIPS mode.

I know FIPS does not accept weak hashing algos.  So maybe that's why CRYPT-SHA256 and CRYPT-SHA512 work, but the other CRYPTs are not.  PBKDF2 I think it just too new and FIPS has not caught up with it yet (I know its officially not supported).  I'll ask the security guys to confirm the CRYPT issues though.
Comment 4 mreynolds 2018-04-23 13:32:36 UTC 
Okay so looking at the FIPS docs 

https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402annexa.pdf

I think this explains the behavior.  We support SHA256 & SHA512 - and that's why FIPS supports CRYPT-"SHA256", etc, but not CRYPT-"MD5".
Comment 5 Viktor Ashirov 2018-04-23 13:36:33 UTC 
Makes sense, thanks Mark!

Closing as NOTABUG.