Red Hat Bugzilla – Bug 1004106
softoken needs to address FIPS review comments.
Last modified: 2017-04-18 17:53:31 EDT
+++ This bug was initially created as a clone of Bug #1004105 +++
The lab has a set of comments for the FIPS review in:
- update to continous random test.
- memset in error patch for prng_generateNewBytes()
- zeroize data struct, buffer and counter Buffer in gcmHash_DestroyContext.
- zeroize C_i in gcmHash_Mult
- seroize T in gcmHash_final
- GCM_DestroyContext: zeroization of tagBits and tagKey missing
- GCM_DecryptUpdate: zeroization of tag
- ctr_GetNextCtr: need to prevent wrap of the counter here.
- CTS_EncryptUpdate/CTS_DecryptUpdate: zeroization of the chars
- ECDSA_VerifyDigest: zeroization of pointC missing
- ec_GenerateRandomPrivateKey: zeroization of privKeyBytes missing in
- DH_NewKey: there is no CHECK_SEC_OK around RNG_GenerateGlobalRandomBytes\
- DH_NewKey: zeroize key in case of error (e.g mp_mod can cause an error
even after a random value is generated)
- DH_Derive / KEA_Derive: there is no check for NULL after allocation of
- makePrimefromPrimesShaweTaylor / makePrimefromSeedShaweTaylor:
- RSA_NewKey / RSA_PopulatePrivateKey: zeroize arena in error case
The following is public data that may need to be zeroized?:
- AESKeyWrap_DestroyContext: zeroization of iv?
- DH_GenParam: zeroize arena in error case
- CTS_DestroyContext: zeroization of iv?
- PQG_DestroyParams: zeroize all stuff before release
- PQG_DestroyVerify: zeroize all entries
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release. Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products. This request is not yet committed for inclusion in
We need this for RHEL 5, but we won't have all the requirements until after 6.6, so we are looking at either 5.12 or 5.11z.
(In reply to Bob Relyea from comment #4)
> We need this for RHEL 5, but we won't have all the requirements until after
> 6.6, so we are looking at either 5.12 or 5.11z.
That means then that we should postpone this bug to rhel-5.12 when 5.12 it's available for setting flags. Subsequnetly we will clone it as a rhel-5.11.z bug. I propose clearing the rhel-5.11.0? flag
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
We will address this as part of the FIPS update to 5.11.z which will occur after RHEL 6.6 nss FIPS certification is completed.
Red Hat Enterprise Linux 5 shipped it's last minor release, 5.11, on September 14th, 2014. On March 31st, 2017 RHEL 5 exited Production Phase 3 and entered Extended Life Phase. For RHEL releases in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only. If the customer purchases the Extended Life-cycle Support (ELS), certain critical-impact security fixes and selected urgent priority bug fixes for the last minor release will be provided. For more details please consult the Red Hat Enterprise Linux Life Cycle Page:
This BZ does not appear to meet ELS criteria so is being closed WONTFIX. If this BZ is critical for your environment and you have an Extended Life-cycle Support Add-on entitlement, please open a case in the Red Hat Customer Portal, https://access.redhat.com ,provide a thorough business justification and ask that the BZ be re-opened for consideration of an errata. Please note, only certain critical-impact security fixes and selected urgent priority bug fixes for the last minor release can be considered.