Hide Forgot
It was determined that the following additional FIPS ciphers should be enabled by default for RSA: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_GCM_SHA384 and the following additional FIPS cipher should be enabled by default for ECC: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 Reference: Bug 1539125 - restrict default cipher suite to those ciphers permitted in fips mode
(In reply to Matthew Harmsen from comment #0) > It was determined that the following additional FIPS ciphers should be > enabled by default for RSA: > > TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 > TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > TLS_RSA_WITH_AES_256_GCM_SHA384 > > and the following additional FIPS ciphers should be enabled by default for > ECC: > > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 > TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 > > Reference: Bug 1539125 - restrict default cipher suite to those ciphers > permitted in fips mode
As the SHA384 cipher variants are not yet available in JSS, this bug will be altered to ONLY include the following additional ciphers: * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Separate bugs will be filed for both JSS and NSS to include SHA384 ciphers.
Author: Matthew Harmsen <mharmsen> Date: Mon Mar 5 18:33:51 2018 -0700 Permit additional FIPS ciphers to be enabled by default for RSA . . . It was determined that the following additional FIPS ciphers should be enabled by default for RSA: * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Reference: dogtagpki Pagure Issue #2855 - restrict default cipher suite to those ciphers permitted in fips mode Fixes: https://pagure.io/dogtagpki/issue/2952 Change-Id: I0947e8581beb3140e4c07800dd2c6bc9d90a6cd8
Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode: Install the latest NSS (e. g. - >= nss-3.34.0-4): # rpm -q nss nss-3.34.0-4.el7.x86_64 Enabling FIPS status: (1) yum install dracut-fips (2) reboot (3) press 'e' on the grub config menu to 'edit' the selected kernel (4) add "fips=1" to the end of the boot line, or when multiple disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1") (5) Ctrl-x to boot with fips mode enabled # sysctl crypto.fips_enabled crypto.fips_enabled = 1 # script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" typescript.ca-rsa-fips where 'ca.cfg' contains: [DEFAULT] pki_admin_password=<password> pki_client_pkcs12_password=<password> pki_ds_password=<password> # pki cert-find Check '<instance>/conf/server.xml': sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, -TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, -TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, -TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256, -TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" The following default ciphers should be enabled for RSA servers: +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA, +TLS_DHE_RSA_WITH_AES_256_CBC_SHA, +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, +TLS_RSA_WITH_AES_128_CBC_SHA256, +TLS_RSA_WITH_AES_256_CBC_SHA256, +TLS_RSA_WITH_AES_128_CBC_SHA, +TLS_RSA_WITH_AES_256_CBC_SHA
Marking MODIFIED; inherited from 7.5.z
[root@nocp1 ~]# rpm -qi pki-ca Name : pki-ca Version : 10.5.9 Release : 1.el7 Architecture: noarch Install Date: Wed 11 Jul 2018 02:01:35 PM EDT Group : System Environment/Daemons Size : 2451155 License : GPLv2 Signature : RSA/SHA256, Thu 14 Jun 2018 02:28:50 PM EDT, Key ID 199e2f91fd431d51 Source RPM : pki-core-10.5.9-1.el7.src.rpm Build Date : Thu 14 Jun 2018 01:01:34 PM EDT Build Host : ppc-015.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://pki.fedoraproject.org/ Summary : Certificate System - Certificate Authority Verification steps explained in https://bugzilla.redhat.com/show_bug.cgi?id=1554727#c8
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:3195