Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 921108

Summary: Regression: keyutils fails to generate ssl certificate because of invalid md5 signature default
Product: Red Hat Enterprise Linux 6 Reporter: Philipp Gassmann <gassmann>
Component: crypto-utilsAssignee: Joe Orton <jorton>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.4CC: dan, hartsjc, jscalia, nc, rsawhill
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-10-07 01:41:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1002711    

Description Philipp Gassmann 2013-03-13 13:43:22 UTC 
Description of problem:
Since EL 6.4, a new version of NSS considers MD5 signatures as invalid. [1]
keyutils generated ssl certificates with md5 signatures.
Since EL 6.4 trying to generate a ssl self-signed certificate leads to segfault.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. # /usr/bin/keyutil -c genreq -g 2048 -s "CN=server.example.com, O=Example, L=Bern, ST=Bern, C=CH" -v 36 -a -o server.example.com.csr -k server.example.com.key
2. # /usr/bin/keyutil -c makecert -g 2048 -k server.example.com.key -s "CN=server.example.com, O=Example, L=Bern, ST=Bern, C=CH" -v 36 -a -o server.example.com.crt
3.
  
Actual results:
[...]
Generating key. This may take a few moments...

Made a key
Opened tmprequest for writing
(null): bad certificate request
: error -8016
(null): Segmentation fault (core dumped)

# ls -lah
total 20K
drwxr-xr-x   2 root root 4.0K Mar 13 14:31 .
dr-xr-x---. 13 root root 4.0K Mar 13 13:21 ..
-rw-r-----   1 root root    0 Mar 13 14:31 server.example.com.crt
-rw-r-----   1 root root 1007 Mar 13 14:30 server.example.com.csr
-rw-r-----   1 root root 1.7K Mar 13 14:30 server.example.com.key

Expected results:

Valid Certificate



Additional info:

Manual creation works (creates an sha1 signed certificate):
openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 1095 -key ca.key -out ca.crt  -subj "/CN=ca.puzzle.ch /O=Puzzle ITC/L=Bern/ST=Bern/C=CH"
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr -subj "/CN=server.example.com/O=Puzzle ITC/L=Bern/ST=Bern/C=CH" 
openssl x509 -req -days 1095 -CA ca.crt -CAkey ca.key -set_serial 01 -in server.csr -out server.crt 
openssl x509 -in server.crt -text

Signature Algorithm: sha1WithRSAEncryption


[1] "The upstream Mozilla NSS disabled support for MD5 hash signed
certificates in the 3.14 release, which was added to CentOS 6.4."
http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.4#head-a39645d5503daf52829401f298c60712af070009
Comment 2 James Hartsock 2013-03-18 23:02:12 UTC 
https://developer.mozilla.org/en-US/docs/NSS/NSS_3.14_release_notes
~~~
Changes in NSS 3.14

Certificate signatures that make use of the MD5 hash algorithm will now be rejected by default. Support for MD5 may be manually enabled (but is discouraged) by setting the environment variable of "NSS_HASH_ALG_SUPPORT=+MD5" or by using the NSS_SetAlgorithmPolicy function. Note that SSL cipher suites with "MD5" in their names are NOT disabled by this change; those cipher suites use HMAC-MD5, not plain MD5, and are still considered safe.
~~~




Here can see RHEL 6.4 updated system (ie. nss 3.14) fails 
~~~
# rpm -q nss nss-sysinit nss-tools nss-util
nss-3.14.0.0-12.el6.x86_64
nss-sysinit-3.14.0.0-12.el6.x86_64
nss-tools-3.14.0.0-12.el6.x86_64
nss-util-3.14.0.0-2.el6.x86_64

# unset NSS_HASH_ALG_SUPPORT

# yes | /usr/bin/keyutil -c makecert -g 2048 -k /tmp/server.key -s "CN=server.domain.com, O=Example" -v 36 -a -o /tmp/server.crt 2>&1 | tail -n 5
Generating key. This may take a few moments...

(null): bad certificate request
: error -8016
(null): 
~~~



Then with NSS_HASH_ALG_SUPPORT set to include MD5 we have success:
~~~
# export NSS_HASH_ALG_SUPPORT=+MD5
# yes | /usr/bin/keyutil -c makecert -g 2048 -k /tmp/server.key -s "CN=server.domain.com, O=Example" -v 36 -a -o /tmp/server.crt 2>&1 | tail -n 7
output will be written to /tmp/server.crt
Made a key
Opened tmprequest for writing
Created a certificate
Wrote 1682 bytes of encoded data to /tmp/server.key 
Wrote the key to:
/tmp/server.key
~~~






Also with downgrade of nss to 3.13.6 resolves issue
~~~
# yum -y downgrade nss-3.13.6-2.el6_3 nss-sysinit-3.13.6-2.el6_3 nss-tools-3.13.6-2.el6_3 nss-util-3.13.6-1.el6_3

# unset NSS_HASH_ALG_SUPPORT

# yes | /usr/bin/keyutil -c makecert -g 2048 -k /tmp/server.key -s "CN=server.domain.com, O=Example" -v 36 -a -o /tmp/server.crt 2>&1 | tail -n 7
output will be written to /tmp/server.crt
Made a key
Opened tmprequest for writing
Created a certificate
Wrote 1682 bytes of encoded data to /tmp/server.key 
Wrote the key to:
/tmp/server.key
~~~
Comment 6 Andrius Benokraitis 2013-10-07 01:41:43 UTC 
This Bugzilla has been reviewed by Red Hat and is not planned on being addressed in Red Hat Enterprise Linux 6, and will be closed. If this bug is critical to production systems, please contact your Red Hat support representative and provide sufficient business justification.
Comment 7 Ryan Sawhill 2013-12-30 19:07:11 UTC 
For the record: This bug was fixed with the release of updated NSS packages in RHEL 6.5 that reverted the change made in RHEL 6.4.

See the 6.5 Technical Notes -- specifically, the explanation about bz 918136, quoted for convenience:

> With the 3.14 upstream version of the nss package, support for 
> certificate signatures using the MD5 hash algorithm in digital 
> signatures has been disabled by default. However, certain websites 
> still use MD5-based signatures and therefore an attempt to access such 
> a website failed with an error. With this update, MD5 hash algorithm in 
> digital signatures is supported again so that users can connect to the 
> websites using this algorithm as expected. 

( https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/nss-and-nspr.html#RHBA-2013-1558 )

The wording is a bit odd (because this doesn't just affect users connecting to websites ...) but I've tested and can confirm that genkey works again in RHEL 6.5 (or simply 6.4 with updated nss packages).