RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1578389 - Unsupported RSA_ ciphers should be removed from the default ciphers list
Summary: Unsupported RSA_ ciphers should be removed from the default ciphers list
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: pki-core
Version: 7.5
Hardware: All
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Christina Fu
QA Contact: Asha Akkiangady
Marc Muehlfeld
URL:
Whiteboard:
Depends On:
Blocks: 1632120
TreeView+ depends on / blocked
 
Reported: 2018-05-15 13:17 UTC by Asha Akkiangady
Modified: 2020-10-04 21:44 UTC (History)
6 users (show)

Fixed In Version: pki-core-10.5.16-2.el7
Doc Type: Bug Fix
Doc Text:
.TLS_RSA_* ciphers are now disabled by default in Certificate System Previously, by default, TLS_RSA_* ciphers were enabled in Certificate System. However, in environments with certain hardware security modules (HSM) in Federal Information Processing Standard (FIPS) mode, these ciphers are not supported. As a consequence, the SSL handshake failed and the connection was not established. This update disables TLS_RSA_* ciphers by default. As a result, connections work with those HSMs in FIPS mode.
Clone Of:
: 1632120 (view as bug list)
Environment:
Last Closed: 2019-08-06 13:07:17 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github dogtagpki pki issues 3145 0 None closed Unsupported RSA_ ciphers should be removed from the default ciphers list 2021-01-26 13:43:11 UTC
Red Hat Product Errata RHBA-2019:2228 0 None None None 2019-08-06 13:07:49 UTC

Description Asha Akkiangady 2018-05-15 13:17:18 UTC 
Description of problem:
When RHCS server is running in FIPS mode with a HSM, the TLS negotiation with RSA_ ciphers is failing with an error BAD_RECORD_MAC. RHCS team decided to document those RSA_ ciphers as unsupported. The unsupported RSA_ ciphers should be removed from the default ciphers list.

Version-Release number of selected component (if applicable):
pki-server-10.5.1-11.el7.noarch
pki-ca-10.5.1-11.el7.noarch

How reproducible:


Steps to Reproduce:
The TLS negotiation when contacting the RHCS server is failing with an error “BAD_RECORD_MAC” for the following RSA_ ciphers.
 TLS_RSA_WITH_AES_128_CBC_SHA
 TLS_RSA_WITH_AES_256_CBC_SHA
 TLS_RSA_WITH_AES_128_CBC_SHA256
 TLS_RSA_WITH_AES_256_CBC_SHA256

After the investigation of the issue, the team decision is:
"We can basically say we don't support  RSA_ algorithms in FIPS mode with a HSM.
   - This may be fine because the RSA_ algorithms are deprecated in TLS 1.3 anyway (and currently not preferred in TLS 1.2)."

The above 4 ciphers should be removed from default supported sslRangeCiphers in server.xml.



Actual results:


Expected results:


Additional info:
Comment 4 Christina Fu 2018-08-29 00:49:00 UTC 
In addition, this bug will cover:
* removal of obsolete algorithms from default profiles
* adjustment / addition of profiles that conform to KU / EKU consistency in RFC 5280.
Comment 5 Christina Fu 2018-08-30 22:08:38 UTC 
moved from https://bugzilla.redhat.com/show_bug.cgi?id=1554055#c7
will also address the following issue reported by Alexander Bokovoy (abokovoy) in this bug:
CA's CS.cfg contains the following:
ca.profiles.defaultSigningAlgsAllowed=SHA256withRSA,SHA512withRSA,SHA256withEC,SHA384withEC,SHA512withEC
which is missing
SHA384withRSA
Comment 6 Christina Fu 2018-08-31 16:21:24 UTC 
Please ignore comments #4 and #5.  They are taken care of in https://bugzilla.redhat.com/show_bug.cgi?id=1554055
Comment 7 Christina Fu 2018-09-01 01:18:40 UTC 
https://review.gerrithub.io/c/dogtagpki/pki/+/424287

commit 04ddc823762b5400f22409bbaceac1a8344708ca (HEAD -> DOGTAG_10_5_BRANCH, origin/DOGTAG_10_5_BRANCH, ticket-3028-disable-TLS_RSA-ciphers)
Author: Christina Fu <cfu>
Date:   Fri Aug 31 17:08:30 2018 -0700

    Ticket3027 Disable TLS_RSA_* ciphers for HSM in FIPS mode
    
    This patch disables the TLS_RSA_* ciphers by default because they do not work
    with HSMs in FIPS mode.
    ciphers.info is also updated to reflect the changes.
    
    fixes https://pagure.io/dogtagpki/issue/3027
    
    Change-Id: Id720b8697976bb344d6dd8e4471a1bb5403af172
Comment 8 Christina Fu 2018-09-01 01:25:20 UTC 
Test procedure:
setup with one of the HSMs, enable FIPS mode.
Should be able to create an RSA CA and EC CA and other subsystems.

If want to see how the fix was working, could enable one of those TLS_RSA_* ciphers and disable others and see that it doesn't work.
Comment 9 Christina Fu 2018-09-07 21:53:10 UTC 
submitted again due to reversion caused by another bug. info:
https://bugzilla.redhat.com/show_bug.cgi?id=1554055#c13

commit 908514da63dd9364df0f17810d9d41bfb5c596d5 (HEAD -> DOGTAG_10_5_BRANCH, origin/DOGTAG_10_5_BRANCH, ladycfu/ticket-3028-disable-TLS_RSA-ciphers, ticket-3028-disable-TLS_RSA-ciphers)
Author: Christina Fu <cfu>
Date:   Fri Aug 31 17:08:30 2018 -0700

    Ticket3027 Disable TLS_RSA_* ciphers for HSM in FIPS mode
    
    This patch disables the TLS_RSA_* ciphers by default because they do not work
    with HSMs in FIPS mode.
    ciphers.info is also updated to reflect the changes.
    
    fixes https://pagure.io/dogtagpki/issue/3027
    
    Change-Id: Id720b8697976bb344d6dd8e4471a1bb5403af172
Comment 10 Christina Fu 2018-09-07 22:34:46 UTC 
just FYI:
The patch re-submitted is exactly the same as what was submitted in comment #7.
Comment 13 Amol K 2019-06-17 10:22:00 UTC 
I tested this BZ on 10.5.16-2.el7 version.

I enabled TLS_RSA_* algorithms and as expected they are not working.


Marking this Bugzilla as verified.
Comment 15 errata-xmlrpc 2019-08-06 13:07:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2228
Note You need to log in before you can comment on or make changes to this bug.