Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1335915 - Disable the MD5 as a signing algorithm in NSS library
Summary: Disable the MD5 as a signing algorithm in NSS library
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nss
Version: 6.9
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Daiki Ueno
QA Contact: Hubert Kario
Mirek Jahoda
URL:
Whiteboard:
Depends On:
Blocks: 1343211 1335911 1397979
TreeView+ depends on / blocked
 
Reported: 2016-05-13 14:23 UTC by Nikos Mavrogiannopoulos
Modified: 2017-03-21 10:26 UTC (History)
7 users (show)

Fixed In Version: nss-3.27.1-1.el6
Doc Type: Deprecated Functionality
Doc Text:
MD5 as the signing algorithm disabled This change prevents the Network Security Services (NSS) library from using MD5 as the signing algorithm in *TLS*. This change ensures that programs using *NSS* are not vulnerable to attacks such as the SLOTH attack. A system administrator can enable MD5 support by modifying the `/etc/pki/nss-legacy/nss-rhel6.config` policy configuration file to: library= name=Policy NSS=flags=policyOnly,moduleDB config="allow=MD5" Note that an empty line is required at the end of the file.
Clone Of: 1335914
: 1335919 1335920 (view as bug list)
Environment:
Last Closed: 2017-03-21 10:26:29 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1397979 0 medium CLOSED Policy file requires empty line at the end 2021-02-22 00:41:40 UTC
Red Hat Product Errata RHEA-2017:0671 0 normal SHIPPED_LIVE nspr and nss bug fix update 2017-03-21 12:35:29 UTC

Internal Links: 1397979

Description Nikos Mavrogiannopoulos 2016-05-13 14:23:47 UTC
RHEL includes several cryptographic components who's security doesn't remain constant over time. Algorithms such as (cryptographic) hashing and encryption typically have a lifetime after which they are considered either too risky to use or plain insecure. That would mean we need to phase out such algorithms from the default settings, or completely disable if they could cause irreparable issue. 

This bug is about disabling the MD5 algorithm from the NSS library, while at the same hand providing a configuration method for MD5 to be allowed when needed.

For future extensibility in RHEL-7 it is recommended for any introduced configuration method to be re-usable for future algorithm or parameter deprecation (e.g., SHA1 or less than 1024-bit RSA/DH parameters), and ideally part of upstream.

Comment 4 Kai Engert (:kaie) (inactive account) 2016-09-30 09:50:52 UTC
Hubert, do you know the syntax of the NSS_HASH_ALG_SUPPORT variable? If not, I can try to find old emails, where this had been discussed.

Comment 6 Kai Engert (:kaie) (inactive account) 2016-10-10 17:41:56 UTC
Another clarification question:

Is this about "disable active signing of certificates with algorithms that involve a MD5 hash" ?

Or, is this about "reject any signatures that involve a MD5 hash"?

Or is it about both?


Also, how will we test?

Hubert, do you expect Daiki to test that this works locally, before submitting a build to QE? If yes, do you possibly already have commands that could be used to test it?

Comment 10 Hubert Kario 2016-11-15 15:33:10 UTC
(In reply to Kai Engert (:kaie) from comment #4)
> Hubert, do you know the syntax of the NSS_HASH_ALG_SUPPORT variable? If not,
> I can try to find old emails, where this had been discussed.

sorry, didn't notice this question before

the syntax is "NSS_HASH_ALG_SUPPORT=+MD5" for allowing support, "NSS_HASH_ALG_SUPPORT=-MD5" explicitly disabling support and "NSS_HASH_ALG_SUPPORT=" for using the default

Comment 17 Hubert Kario 2016-11-23 18:37:22 UTC
Issue with NSS requiring an empty line at the end of policy file before it is recognised is tracked in bug 1397979.

Comment 22 errata-xmlrpc 2017-03-21 10:26:29 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2017-0671.html


Note You need to log in before you can comment on or make changes to this bug.