Bug 1878151

Summary: 1536bit group from RFC3526 is allowed in FIPS mode when in policy DH-MIN is set to be lower than 1536
Product: Red Hat Enterprise Linux 8 Reporter: Ivan Nikolchev <inikolch>
Component: nssAssignee: Bob Relyea <rrelyea>
Status: CLOSED CURRENTRELEASE QA Contact: Ivan Nikolchev <inikolch>
Severity: high Docs Contact:
Priority: high    
Version: 8.4CC: rrelyea, ssorce
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nss-3.53.1-12.el8 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of:
: 1896432 (view as bug list) Environment:
Last Closed: 2021-05-26 15:13:01 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1896432    

Description Ivan Nikolchev 2020-09-11 13:30:10 UTC 
Description of problem:
1536bit group from RFC3526 is not allowed in FIPS mode according to 'SP800-56A rev 3'

NSS should not allow this group regardless of what DH-MIN is set in the policy.

Version-Release number of selected component (if applicable):

nss-3.53.1-11

How reproducible:
Always

Steps to Reproduce:
We have reproducer in /CoreOS/nss/Sanity/Well-known-DH-parameters

1. Run the test on rhel8 machine in fips mode, but before executing the test change DH-MIN to be lower than 1536 in the policy.


Actual results:
'Testing rfc3526-group-5-1536.pem' fails because the DH group is allowed and the connection is successful.


Expected results:
2. The DH group is not allowed and NSS aborts the connection.


Additional info:
Comment 5 Bob Relyea 2020-11-10 00:11:48 UTC 
We need zstream+ for this bug, thanks.
Comment 8 CongLi 2021-05-26 06:12:44 UTC 
Hi,

Since the issue described in this bug should be resolved (VERIFIED), could you please close this bug with resolution 'CURRENTRELEASE' if this bug got fixed ?

If the fix for this is not released yet, check if this will ever get fixed. In case of a negative answer then please change it as WONTFIX.

If there's anything else to be done on this BZ, if it's still active, not released yet and we actually intend to release it, then please ignore my message.

Please note: for those bugs which are not included in errata, please add 'TestOnly' keyword, and those bugs with 'TestOnly' keyword will be closed automatically after GA.
TestOnly: Use this when there is no code delivery involved, or for use when code is already upstream and will be incorporated automatically to the next release for testing purposes only.

Thank you.