Bug 1057656 - Custom/big DH parameters not supported
Summary: Custom/big DH parameters not supported
Keywords:
Status: CLOSED DUPLICATE of bug 1071883
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: httpd
Version: 6.5
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Web Stack Team
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On: 1064878
Blocks: 1057687
TreeView+ depends on / blocked
 
Reported: 2014-01-24 15:03 UTC by Hubert Kario
Modified: 2014-06-20 11:07 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
: 1057687 (view as bug list)
Environment:
Last Closed: 2014-06-20 11:07:13 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Bugzilla 1035818 None None None Never
Red Hat Bugzilla 1071883 None None None Never

Internal Links: 1035818 1071883

Description Hubert Kario 2014-01-24 15:03:19 UTC
Description of problem:
When using DHE based cipher suites, the offered DH parameters by mod_ssl are always 1024 bit sized, even if the certificate used is 2048 bit.
This makes httpd not compliant with NIST SP 800-131A when DHE cipher suite is negotiated since 1st of January this year.

Version-Release number of selected component (if applicable):
mod_ssl-2.2.15-29.el6_4.x86_64
httpd-2.2.15-29.el6_4.x86_64
openssl-1.0.1e-15.el6.x86_64
nss-3.15.1-15.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Generate RSA certificates that are 2048bit long
2. Generate 2048 bit DH parameters, add them to file referenced by SSLCertificateFile
3. Connect using tstclnt -d /etc/pki/nssdb/ -h localhost -p 443 -V ssl3: -o -v

Actual results:
tstclnt: SSL version 3.3 using 256-bit AES with 160-bit SHA1 MAC
tstclnt: Server Auth: 2048-bit RSA, Key Exchange: 1024-bit DHE
         Compression: NULL

Expected results:
tstclnt: SSL version 3.3 using 256-bit AES with 160-bit SHA1 MAC
tstclnt: Server Auth: 2048-bit RSA, Key Exchange: 2048-bit DHE
         Compression: NULL

(note Key Exchange in second line)

Additional info:
http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf

Httpd should automatically select DH parameters that are at least as long as the RSA keys (see SP 800-131A and SP 800-57 Part 1).


Note You need to log in before you can comment on or make changes to this bug.