Bug 1681178

Summary: openssl server application should not negotiate TLS 1.3 if the private key from PKCS#11 does not support RSA-PSS nor raw-RSA
Product: Red Hat Enterprise Linux 8 Reporter: Jakub Jelen <jjelen>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: NEW --- QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: low Docs Contact: Alexandra Nikandrova <anikandr>
Priority: low    
Version: 8.1CC: hkario, igkioka, pasik, tmraz
Target Milestone: rcKeywords: Triaged
Target Release: ---Flags: anikandr: needinfo+
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: Known Issue
Doc Text:
.The `OpenSSL TLS` library does not detect if the `PKCS#11` token supports creation of `raw RSA` or `RSA-PSS` signatures The `TLS-1.3` protocol requires the support for `RSA-PSS` signature. If the `PKCS#11` token does not support `raw RSA` or `RSA-PSS` signatures, the server applications which use `OpenSSL` `TLS` library will fail to work with the `RSA` key if it is held by the `PKCS#11` token. As a result, `TLS` communication will fail. To work around this problem, configure server or client to use the `TLS-1.2` version as the highest `TLS` protocol version available.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 1701233    
Bug Blocks:    

Comment 2 Tomas Mraz 2019-02-26 08:43:08 UTC
I'd say this is mostly cosmetic issue. On the server side you can easily workaround it by setting the supported maximum protocol version to TLS-1.2. We should probably document it.