.`crypto-policies` now can disable `ChaCha20` cipher usage
Previously, the `crypto-policies` package used a wrong keyword to disable the `ChaCha20` cipher in OpenSSL. Consequently, you could not disable `ChaCha20` for the TLS 1.2 protocol in OpenSSL through `crypto-policies`. With this update, the `-CHACHA20` keyword is used instead of `-CHACHA20-POLY1305`. As a result, you now can use the cryptographic policies for disabling `ChaCha20` cipher usage in OpenSSL for TLS 1.2 and TLS 1.3.
DescriptionAlexander Sosedkin
2021-09-14 17:31:02 UTC
Description of problem:
crypto-policies uses `-CHACHA20-POLY1305` in openssl configs,
which doesn't correspond to anything. `-CHACHA20` should be used instead.
opensslcnf's Ciphersuites setting seems to correctly omit TLS_CHACHA20_POLY1305_SHA256 though
Version-Release number of selected component: crypto-policies-20210914-1.git97d08ef.el9, and all of them to date
How reproducible: always
Steps to Reproduce:
1. Disable CHACHA20 through c-p. On current 9 you can also switch to FIPS mode
2. openssl req -x509 -newkey rsa -keyout /tmp/localhost.key -out /tmp/localhost.crt -subj /CN=localhost -nodes -batch
3. openssl s_server -key /tmp/localhost.key -cert /tmp/localhost.crt -www
4. curl --insecure https://localhost:4433 | grep -i chacha
Actual results:
TLSv1.2 :ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 :ECDHE-ECDSA-CHACHA20-POLY1305
TLSv1.2 :ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 :ECDHE-ECDSA-AES256-CCM
TLSv1.2 :DHE-RSA-CHACHA20-POLY1305 TLSv1.2 :DHE-RSA-AES256-CCM
TLSv1.2 :PSK-AES256-GCM-SHA384 TLSv1.2 :PSK-CHACHA20-POLY1305
TLSv1.2 :DHE-PSK-AES256-GCM-SHA384 TLSv1.2 :DHE-PSK-CHACHA20-POLY1305
TLSv1.2 :ECDHE-PSK-CHACHA20-POLY1305 TLSv1.0 :ECDHE-PSK-AES256-CBC-SHA
ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-CCM ECDHE-ECDSA-AES128-GCM-SHA256
DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-CCM DHE-RSA-AES128-GCM-SHA256
Expected results: no output
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (new packages: crypto-policies), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2022:3953
Description of problem: crypto-policies uses `-CHACHA20-POLY1305` in openssl configs, which doesn't correspond to anything. `-CHACHA20` should be used instead. opensslcnf's Ciphersuites setting seems to correctly omit TLS_CHACHA20_POLY1305_SHA256 though Version-Release number of selected component: crypto-policies-20210914-1.git97d08ef.el9, and all of them to date How reproducible: always Steps to Reproduce: 1. Disable CHACHA20 through c-p. On current 9 you can also switch to FIPS mode 2. openssl req -x509 -newkey rsa -keyout /tmp/localhost.key -out /tmp/localhost.crt -subj /CN=localhost -nodes -batch 3. openssl s_server -key /tmp/localhost.key -cert /tmp/localhost.crt -www 4. curl --insecure https://localhost:4433 | grep -i chacha Actual results: TLSv1.2 :ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 :ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 :ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 :ECDHE-ECDSA-AES256-CCM TLSv1.2 :DHE-RSA-CHACHA20-POLY1305 TLSv1.2 :DHE-RSA-AES256-CCM TLSv1.2 :PSK-AES256-GCM-SHA384 TLSv1.2 :PSK-CHACHA20-POLY1305 TLSv1.2 :DHE-PSK-AES256-GCM-SHA384 TLSv1.2 :DHE-PSK-CHACHA20-POLY1305 TLSv1.2 :ECDHE-PSK-CHACHA20-POLY1305 TLSv1.0 :ECDHE-PSK-AES256-CBC-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-CCM ECDHE-ECDSA-AES128-GCM-SHA256 DHE-RSA-CHACHA20-POLY1305 DHE-RSA-AES256-CCM DHE-RSA-AES128-GCM-SHA256 Expected results: no output