Bug 2099438
| Summary: | allow signature verification using RSA keys <2k in FIPS mode [rhel-9.0.0.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | RHEL Program Management Team <pgm-rhel-tools> |
| Component: | nss | Assignee: | Bob Relyea <rrelyea> |
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | low | Docs Contact: | Mirek Jahoda <mjahoda> |
| Priority: | high | ||
| Version: | 9.0 | CC: | hkario, lkuprova, mjahoda, rrelyea, ssorce |
| Target Milestone: | rc | Keywords: | Triaged, ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: |
.NSS no longer support RSA keys shorter than 1023 bits
The update of the Network Security Services (NSS) libraries changes the minimum key size for all RSA operations from 128 to 1023 bits. This means that NSS no longer perform the following functions:
* Generate RSA keys shorter than 1023 bits.
* Sign or verify RSA signatures with RSA keys shorter than 1023 bits.
* Encrypt or decrypt values with RSA key shorter than 1023 bits.
|
Story Points: | --- |
| Clone Of: | 2091905 | Environment: | |
| Last Closed: | 2022-09-20 14:00:48 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2091905 | ||
| Bug Blocks: | |||
|
Comment 23
errata-xmlrpc
2022-09-20 14:00:48 UTC
|