Bug 2053135

Summary: RC4 enctypes failing because MD4/MD5 unavailable in OpenSSL 3.0 FIPS mode
Product: Red Hat Enterprise Linux 9 Reporter: Julien Rische <jrische>
Component: krb5Assignee: Julien Rische <jrische>
Status: CLOSED ERRATA QA Contact: Filip Dvorak <fdvorak>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 9.0CC: abokovoy, asosedki, cllang, dbelyavs, dpal, fdvorak, ftrivino, mpolovka, pvlasin
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: krb5-1.19.1-14.el9_0 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-05-17 15:54:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2027125, 2057471, 2067971, 2124308, 2124310    

Description Julien Rische 2022-02-10 15:32:01 UTC 
Password hashing fails for RC4 encryption types in FIPS mode:

# In /var/kerberos/krb5kdc/kdc.conf
supported_enctypes = arcfour-hmac:normal

kadmin.local -q "addprinc -pw bbb bob"
add_principal: Cryptosystem internal error while creating "bob(at)TEST.REDHAT.COM".

This is because OpenSSL's "legacy" provider[1] is not available by default in this mode. Hence MD4[2] and MD5[3] hashing is impossible, and disabling FIPS properties similarly to the solution mentioned in bug 2039684, will not work here.

A solution would be to fetch the hashing algorithm from an OpenSSL local context provider following this example[4], instead of fetching it from the global provider[5].

[1] https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-legacy.html
[2] https://www.openssl.org/docs/man3.0/man3/EVP_md4.html
[3] https://www.openssl.org/docs/man3.0/man3/EVP_md5.html
[4] https://github.com/cyrusimap/cyrus-sasl/pull/668/files#diff-19656c308089249f956b708a5037d00e771478b6d1db3bce17425d93c46d1ee1R1136
[5] https://github.com/krb5/krb5/blob/krb5-1.19.2-final/src/lib/crypto/openssl/hash_provider/hash_evp.c#L67
Comment 12 Michal Polovka 2022-03-18 17:57:53 UTC 
Pre-verified tested using automation krb5-tests/tests/Sanity/sanity-test-of-cipher-suites in FIPS mode run in gating pipeline for krb5-1.19.1-15.el9_0.x86_64 on link http://idm-artifacts.usersys.redhat.com/krb5/Gating-krb5/RHEL9.0/43922298/gating-tests/bash-gating/2/gating-restraint.01/index.html.gz


krb5-tests/tests/Sanity/sanity-test-of-cipher-suites	2022-03-18T15:26:14+0000

2022-03-18T15:27:39+0000 00:01:25 Completed	PASS

Therefore marking as pre-verified: tested.
Comment 19 errata-xmlrpc 2022-05-17 15:54:14 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (new packages: krb5), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:3951