Bug 1724433

Summary: caTransportCert.cfg contains MD2/MD5withRSA as signingAlgsAllowed.
Product: Red Hat Enterprise Linux 8 Reporter: Sudhir Menon <sumenon>
Component: pki-coreAssignee: Alex Scheel <ascheel>
Status: CLOSED ERRATA QA Contact: PKI QE <bugzilla-pkiqe>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.2CC: aakkiang, ascheel, edewata, mharmsen, skhandel
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: pki-core-10.6-8030020200527223446.5ff1562f Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 03:15:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Sudhir Menon 2019-06-27 05:52:45 UTC
Description of problem: caTransportCert.cfg contains MD2/MD5withRSA as signingAlgsAllowed.


Version-Release number of selected component (if applicable):
pki-ca-10.5.16-3.el7.noarch

How reproducible: Always

Steps to Reproduce:
1. Setup FIPS in RHEL7
2. Install CA with SHA384withRSA.
3. Check the caTransportCert.cfg in profiles directory for signingAlgsAllowed


Actual results:

[root@pki1 ~]# grep MD5 /var/lib/pki/topology-01-CA/ca/profiles/ca/*.cfg
/var/lib/pki/topology-01-CA/ca/profiles/ca/caTransportCert.cfg:policyset.transportCertSet.8.constraint.params.signingAlgsAllowed=SHA1withRSA,SHA256withRSA,SHA512withRSA,MD5withRSA,MD2withRSA,SHA1withDSA,SHA1withEC,SHA256withEC,SHA384withRSA

Expected results: As per #bz1554055 fix, signingAlgsAllowed should not contain MD2withRSA and MD5withRSA and hence they should be removed from the only caTransportCert profile where its present.

Additional info: Logging this as a bug to keep track of the required changes in the profile configuration.

Comment 2 Matthew Harmsen 2019-10-21 21:52:01 UTC
Pusing to RHEL 8.

Comment 3 Alex Scheel 2020-03-16 13:30:34 UTC
Checked into master:

commit feae24155a86106917d28315a797cce3911b5aff
Author: Alexander Scheel <ascheel@redhat.com>
Date:   Tue Oct 22 09:40:48 2019 -0400

    Remove MD4 and MD5 from default configuration
    
    We remove MD4- and MD5-based algorithms in favor of more modern SHA-2
    suite algorithms. We replace them in:
     - In the default CS.cfg
     - In the default caTransportCert.cfg
     - In the ca agent updateCRL html and template,
     - In EnrollProfile
    
    Signed-off-by: Alexander Scheel <ascheel@redhat.com>


That should really read MD2 I guess.


Could I get ACKs for 8.3? Thanks!

Comment 7 shalini 2020-07-23 14:12:01 UTC
Bugzilla is verified on FIPS enabled RHEL83 on below builds:
[root@pki1 ~]# rpm -qa | grep pki
pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch
pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch
pki-ca-10.9.0-0.7.module+el8.3.0+7364+90640274.noarch
pki-kra-10.9.0-0.7.module+el8.3.0+7364+90640274.noarch
python3-pki-10.9.0-0.7.module+el8.3.0+7364+90640274.noarch
pki-base-java-10.9.0-0.7.module+el8.3.0+7364+90640274.noarch
pki-symkey-10.9.0-0.7.module+el8.3.0+7364+90640274.x86_64
pki-server-10.9.0-0.7.module+el8.3.0+7364+90640274.noarch
pki-base-10.9.0-0.7.module+el8.3.0+7364+90640274.noarch
pki-tools-10.9.0-0.7.module+el8.3.0+7364+90640274.x86_64


> I could not find MD5 / MD2 in all the profiles. And could not find it in any (including caTransportCert.cfg). Following is the signing Algos shown in caTransportCert.cfg:

policyset.transportCertSet.8.constraint.params.signingAlgsAllowed=SHA256withRSA,SHA384withRSA,SHA512withRSA,SHA256withEC,SHA384withEC,SHA512withEC,SHA256withRSA/PSS,SHA384withRSA/PSS,SHA512withRSA/PSS


> Checked agent ui , crl signing certs also did not have MD5 /MD2 anywhere.


> grep in /etc shows only pkcs11 text file [alex you can confirm if this is used anywhere]:
grep -r MD2 /etc/
/etc/pki/nssdb/pkcs11.txt:NSS=Flags=internal,moduleDBOnly,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
/etc/pki/topology-02-CA/alias/pkcs11.txt:NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[ECC,RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})
/etc/pki/topology-02-KRA/alias/pkcs11.txt:NSS=Flags=internal,critical trustOrder=75 cipherOrder=100 slotParams=(1={slotFlags=[ECC,RSA,DSA,DH,RC2,RC4,DES,RANDOM,SHA1,MD5,MD2,SSL,TLS,AES,Camellia,SEED,SHA256,SHA512] askpw=any timeout=30})


Alex, I will mark this BZ verified once you confirm about the pkcs11.txt file content mentioned above.

Comment 8 Alex Scheel 2020-07-23 14:26:52 UTC
Shalini, This is good. The pkcs11.txt is within your NSS DB, which contains MD2 as an available (but not allowed by CryptoPolicies) algorithm. Note that they're the same across global NSS DB (/etc/pki/nssdb) and our PKI NSS DBs (e.g., /etc/pki/topology-02-CA/alias/pkcs11.tx).


Thanks!

Comment 11 errata-xmlrpc 2020-11-04 03:15:07 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4847