Bug 2071615

Summary: openssl SHA-1 sigalags no longer are offered in LEGACY
Product: [Fedora] Fedora Reporter: Alexander Sosedkin <asosedki>
Component: crypto-policiesAssignee: Alexander Sosedkin <asosedki>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 36CC: asosedki, cllang, crypto-team, florian, luk.claes, rrelyea, tm
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-04-25 16:36:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Alexander Sosedkin 2022-04-04 11:19:40 UTC
I don't see SHA-1 in sigalgs on Fedora 36 LEGACY, which is likely a result of tightening openssl 3 SECLEVEL change.

Some of the options are:
1. WONTFIX, not cool because we do want SHA-1 in LEGACY going forward, even for F39
2. modify SECLEVEL=1 to include it, not cool because it's a deviation of upstream
3. introduce new control to enable SHA-1 in LEGACY,
   not cool because new control is kinda late to introduce post-F36 beta,
   but we'll need that for F37+ anyway.

Comment 1 Alexander Sosedkin 2022-04-04 12:21:57 UTC
related: bz2070977

Comment 2 Clemens Lang 2022-04-05 14:55:38 UTC
We'll probably go for #3 and backport the change in bz2070977 that we're going to do for f37 anyway.

Comment 3 Clemens Lang 2022-04-08 15:15:08 UTC
With https://bodhi.fedoraproject.org/updates/FEDORA-2022-d906a1fd24, crypto-policies needs to set rh-allow-sha1-signatures=yes and SECLEVEL=1 for SHA-1 to work.

Comment 4 Clemens Lang 2022-04-08 15:22:54 UTC
To clarify: rh-allow-sha1-signatures=yes and SECLEVEL=1 will allow SHA-1 in TLS. SHA-1 signatures will work outside of TLS with rh-allow-sha1-signatures=yes (or not set) and SECLEVEL=2.

Comment 5 Florian Apolloner 2022-04-19 07:44:25 UTC
I want to check if this patch helps with https://bugzilla.redhat.com/show_bug.cgi?id=2069239 -- how/where do I need to set rh-allow-sha1-signatures=yes to see if that might help (or is that the default now anyways)?

Comment 6 Clemens Lang 2022-04-19 10:34:32 UTC
See https://bugzilla.redhat.com/show_bug.cgi?id=2070977#c2. The default for rh-allow-sha1-signatures is yes on F36. I didn't check what crypto-policies currently sets on F36, but if it sets SECLEVEL=1, as I believe it does in LEGACY, that combination should already allow SHA-1 signatures in TLS.

Comment 7 Clemens Lang 2022-04-25 16:36:22 UTC
On F36 with crypto-policies 20220203-2.git112f859.fc36, update-crypto-policies --set LEGACY already sets SECLEVEL=1, and rh-allow-sha1-signatures=yes is the default, so this is fixed.