Bug 1741641

Summary: OpenSSL will sign ServerKeyExchange message with SHA-1 in FIPS mode
Product: Red Hat Enterprise Linux 8 Reporter: Hubert Kario <hkario>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: Hubert Kario <hkario>
Severity: unspecified Docs Contact:
Priority: high    
Version: 8.0CC: asosedki, szidek
Target Milestone: rcKeywords: Triaged
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openssl-1.1.1c-9.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-04-28 16:51:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Hubert Kario 2019-08-15 17:03:32 UTC 
Description of problem:
When openssl server is running in FIPS mode (i.e. with policy disallowing SHA-1 signatures), it will still sign ServerKeyExchange message in TLS 1.2 using SHA-1 if the client didn't include signature_algorithms extension in ClientHello.

Version-Release number of selected component (if applicable):
openssl-1.1.1c-2.el8.x86_64

How reproducible:
always

Steps to Reproduce:
1. Set system in FIPS mode, start openssl s_server
2. connect with client that advertises TLS 1.2 at most and does not include signature_algorithms (but does include supported_curves with P-256 and a ECDHE cipher
3.

Actual results:
Connection successful

Expected results:
Connection should be aborted by server, either with handshake_failure or insufficient_security alert

Additional info:
Comment 14 errata-xmlrpc 2020-04-28 16:51:58 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:1840
Comment 15 Fedora Update System 2020-05-29 00:56:57 UTC 
FEDORA-EPEL-2020-ff94ccbdec has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.