Bug 2137557
Summary: | In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | Clemens Lang <cllang> | ||||
Component: | openssl | Assignee: | Clemens Lang <cllang> | ||||
Status: | CLOSED ERRATA | QA Contact: | Hubert Kario <hkario> | ||||
Severity: | urgent | Docs Contact: | Jan Fiala <jafiala> | ||||
Priority: | high | ||||||
Version: | 9.0 | CC: | cllang, gfialova, hkario, ssorce | ||||
Target Milestone: | rc | Keywords: | Triaged, ZStream | ||||
Target Release: | --- | ||||||
Hardware: | x86_64 | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | openssl-3.0.7-1.el9 | Doc Type: | Deprecated Functionality | ||||
Doc Text: |
.OpenSSL in FIPS mode requires longer passwords for key-derivation with PBKDF2
With this update, key-derivation in OpenSSL from passwords shorter than 8 characters with the PBKDF2 algorithm fails in FIPS mode.
|
Story Points: | --- | ||||
Clone Of: | |||||||
: | 2144003 2144004 (view as bug list) | Environment: | |||||
Last Closed: | 2023-05-09 08:20:47 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 2144003, 2144004 | ||||||
Attachments: |
|
Description
Clemens Lang
2022-10-25 13:49:21 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: openssl security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2023:2523 |