Bug 2097837
Summary: | allow signature verification using RSA keys <2k in FIPS mode [rhel-8.7.0] | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Bob Relyea <rrelyea> | |
Component: | nss | Assignee: | Bob Relyea <rrelyea> | |
Status: | CLOSED CURRENTRELEASE | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | |
Severity: | low | Docs Contact: | Mirek Jahoda <mjahoda> | |
Priority: | high | |||
Version: | 8.6 | CC: | cllang, qe-baseos-security, rrelyea, ssorce | |
Target Milestone: | rc | Keywords: | Triaged, ZStream | |
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | nss-3.79.0-7.el8_6 | Doc Type: | Enhancement | |
Doc Text: |
.NSS no longer support RSA keys shorter than 1023 bits
The update of the Network Security Services (NSS) libraries changes the minimum key size for all RSA operations from 128 to 1023 bits. This means that NSS no longer perform the following functions:
* Generate RSA keys shorter than 1023 bits.
* Sign or verify RSA signatures with RSA keys shorter than 1023 bits.
* Encrypt or decrypt values with RSA key shorter than 1023 bits.
|
Story Points: | --- | |
Clone Of: | 2091905 | |||
: | 2098642 (view as bug list) | Environment: | ||
Last Closed: | 2023-06-05 16:47:13 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | 2091905 | |||
Bug Blocks: | 2098642 |
Description
Bob Relyea
2022-06-16 16:32:49 UTC
RHEL 8.7 contains nss-3.79.0-10.el8_6 |