Bug 1554727
| Summary: | Permit additional FIPS ciphers to be enabled by default for RSA . . . [rhel-7.5.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Oneata Mircea Teodor <toneata> |
| Component: | pki-core | Assignee: | Matthew Harmsen <mharmsen> |
| Status: | CLOSED ERRATA | QA Contact: | Asha Akkiangady <aakkiang> |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 7.6 | CC: | cfu, edewata, jmagne, mharmsen, msauton, rpattath |
| Target Milestone: | rc | Keywords: | TestCaseProvided, ZStream |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | pki-core-10.5.1-10.el7 | Doc Type: | No Doc Update |
| Doc Text: |
Additional FIPS ciphers as previously documented for https://bugzilla.redhat.com/show_bug.cgi?id=1539125 - restrict default cipher suite to those ciphers permitted in fips mode
|
Story Points: | --- |
| Clone Of: | 1550786 | Environment: | |
| Last Closed: | 2018-06-26 16:47:58 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1550786 | ||
| Bug Blocks: | |||
|
Description
Oneata Mircea Teodor
2018-03-13 08:57:39 UTC
commit 7fb0bd0750577bd8c804899ab625799d1fd9ac99 (HEAD -> DOGTAG_10_5_BRANCH, origin/DOGTAG_10_5_BRANCH, gerrit/DOGTAG_10_5_BRANCH)
Author: Matthew Harmsen <mharmsen>
Date: Mon Mar 5 18:33:51 2018 -0700
Permit additional FIPS ciphers to be enabled by default for RSA . . .
It was determined that the following additional FIPS ciphers should be
enabled by default for RSA:
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Reference: dogtagpki Pagure Issue #2855 - restrict default cipher suite to
those ciphers permitted in fips mode
Fixes: https://pagure.io/dogtagpki/issue/2952
Change-Id: I0947e8581beb3140e4c07800dd2c6bc9d90a6cd8
(cherry picked from commit 7809f40bcd49ad11f0a314cd45979cfdcb55686f)
Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode:
Install the latest NSS (e. g. - >= nss-3.34.0-4):
# rpm -q nss
nss-3.34.0-4.el7.x86_64
Enabling FIPS status:
(1) yum install dracut-fips
(2) reboot
(3) press 'e' on the grub config menu to 'edit' the selected kernel
(4) add "fips=1" to the end of the boot line, or when multiple
disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1")
(5) Ctrl-x to boot with fips mode enabled
# sysctl crypto.fips_enabled
crypto.fips_enabled = 1
# script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" typescript.ca-rsa-fips
where 'ca.cfg' contains:
[DEFAULT]
pki_admin_password=<password>
pki_client_pkcs12_password=<password>
pki_ds_password=<password>
# pki cert-find
Check '<instance>/conf/server.xml':
sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256,
-TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA"
The following default ciphers should be enabled for RSA servers:
+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+TLS_RSA_WITH_AES_128_CBC_SHA256,
+TLS_RSA_WITH_AES_256_CBC_SHA256,
+TLS_RSA_WITH_AES_128_CBC_SHA,
+TLS_RSA_WITH_AES_256_CBC_SHA
(In reply to Matthew Harmsen from comment #3) > Sample Test Procedure to create an RHCS CA RSA Server in FIPS mode: > > Install the latest NSS (e. g. - >= nss-3.34.0-4): > > # rpm -q nss > nss-3.34.0-4.el7.x86_64 > > Enabling FIPS status: > > (1) yum install dracut-fips > (2) reboot > (3) press 'e' on the grub config menu to 'edit' the selected kernel > (4) add "fips=1" to the end of the boot line, or when multiple > disks/partitions are involved (e. g. - "fips=1 boot=/dev/sda1") > (5) Ctrl-x to boot with fips mode enabled > > # sysctl crypto.fips_enabled > crypto.fips_enabled = 1 > > # script -c "pkispawn -s CA -f /root/pki/ca.cfg -vvv" > typescript.ca-rsa-fips > > where 'ca.cfg' contains: > > [DEFAULT] > pki_admin_password=<password> > pki_client_pkcs12_password=<password> > pki_ds_password=<password> > > # pki cert-find > > Check '<instance>/conf/server.xml': > > > sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,- > TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,- > TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, > > -TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,- > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, > > -TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > > -TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,- > TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, > > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, > > +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,- > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, > > -TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256, > +TLS_RSA_WITH_AES_256_CBC_SHA256, > > -TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA, > +TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" > > The following default ciphers should be enabled for RSA servers: > > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, > +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_256_CBC_SHA, > +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, > +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, > +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, > +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, > +TLS_RSA_WITH_AES_128_CBC_SHA256, > +TLS_RSA_WITH_AES_256_CBC_SHA256, > +TLS_RSA_WITH_AES_128_CBC_SHA, > +TLS_RSA_WITH_AES_256_CBC_SHA From the above list the following were not enabled by default for an RSA CA server: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Snippet from server.xml <Connector name="Secure" port="8443" protocol="HTTP/1.1" SSLEnabled="true" sslProtocol="SSL" scheme="https" secure="true" maxHttpHeaderSize="8192" connectionTimeout="3000000" keepAliveTimeout="300000" acceptCount="100" maxThreads="150" minSpareThreads="25" enableLookups="false" disableUploadTimeout="true" sslImplementationName="org.apache.tomcat.util.net.jss.JSSImplementation" enableOCSP="false" ocspResponderURL="http://nocp1.idm.lab.eng.rdu2.redhat.com:8080/ca/ocsp" ocspResponderCertNickname="ocspSigningCert cert-pki-ca" ocspCacheSize="1000" ocspMinCacheEntryDuration="60" ocspMaxCacheEntryDuration="120" ocspTimeout="10" strictCiphers="true" clientAuth="want" sslVersionRangeStream="tls1_1:tls1_2" sslVersionRangeDatagram="tls1_1:tls1_2" sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA,+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_AES_128_CBC_SHA256,+TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA" serverCertNickFile="/var/lib/pki/pki-ca-Apr3/conf/serverCertNick.conf" passwordFile="/var/lib/pki/pki-ca-Apr3/ca/conf/CS.cfg" passwordClass="com.netscape.cms.tomcat.NuxwdogPasswordStore" certdbDir="/var/lib/pki/pki-ca-Apr3/alias"/> [root@auto-hv-01-guest06 ~]# rpm -qi pki-ca Name : pki-ca Version : 10.5.1 Release : 10.el7 Architecture: noarch Install Date: Mon 09 Apr 2018 09:39:10 AM EDT Group : System Environment/Daemons Size : 2449044 License : GPLv2 Signature : RSA/SHA256, Sun 25 Mar 2018 09:31:41 PM EDT, Key ID 199e2f91fd431d51 Source RPM : pki-core-10.5.1-10.el7.src.rpm Build Date : Sun 25 Mar 2018 02:56:04 AM EDT Build Host : ppc-016.build.eng.bos.redhat.com Relocations : (not relocatable) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Vendor : Red Hat, Inc. URL : http://pki.fedoraproject.org/ Summary : Certificate System - Certificate Authority +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA +TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA +TLS_DHE_RSA_WITH_AES_128_CBC_SHA +TLS_DHE_RSA_WITH_AES_256_CBC_SHA +TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 +TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 +TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 +TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 +TLS_RSA_WITH_AES_128_CBC_SHA256 +TLS_RSA_WITH_AES_256_CBC_SHA256 +TLS_RSA_WITH_AES_128_CBC_SHA +TLS_RSA_WITH_AES_256_CBC_SHA All of the above mentioned ciphers are enabled for all pki subsystem instances by default. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2018:1979 |