Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-14578

Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-9.2.z

    • openssl-3.0.7-18.el9_2
    • None
    • None
    • ZStream
    • 2
    • rhel-sst-security-crypto
    • ssg_security
    • 0.5
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q1, Crypto23Q4
    • Hide

      verify that malformed ciphertexts, when decrypted with openssl command line, return a synthetic ciphertext like the one returned by tlslite-ng

      Show
      verify that malformed ciphertexts, when decrypted with openssl command line, return a synthetic ciphertext like the one returned by tlslite-ng
    • Pass
    • None
    • Enhancement
    • Hide
      .OpenSSL now contains protections against Bleichenbacher-like attacks

      This release of the OpenSSL TLS toolkit introduces API-level protections against Bleichenbacher-like attacks on the RSA PKCS #1 v1.5 decryption process. The RSA decryption now returns a randomly generated deterministic message instead of an error if it detects an error when checking padding during a PKCS #1 v1.5 decryption. The change provides general protection against vulnerabilities such as link:https://access.redhat.com/security/cve/CVE-2020-25659[CVE-2020-25659] and link:https://access.redhat.com/security/cve/CVE-2020-25657[CVE-2020-25657].

      You can disable this protection by calling the `EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection". "0")` function on the RSA decryption context, but this makes your system more vulnerable.
      Show
      .OpenSSL now contains protections against Bleichenbacher-like attacks This release of the OpenSSL TLS toolkit introduces API-level protections against Bleichenbacher-like attacks on the RSA PKCS #1 v1.5 decryption process. The RSA decryption now returns a randomly generated deterministic message instead of an error if it detects an error when checking padding during a PKCS #1 v1.5 decryption. The change provides general protection against vulnerabilities such as link: https://access.redhat.com/security/cve/CVE-2020-25659 [CVE-2020-25659] and link: https://access.redhat.com/security/cve/CVE-2020-25657 [CVE-2020-25657]. You can disable this protection by calling the `EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection". "0")` function on the RSA decryption context, but this makes your system more vulnerable.
    • Proposed
    • None

      Please backport the implicit rejection mechanism from rhel-9.3.0: https://bugzilla.redhat.com/show_bug.cgi?id=2153471

              hkario@redhat.com Alicja Kario
              hkario@redhat.com Alicja Kario
              Clemens Lang Clemens Lang
              Alicja Kario Alicja Kario
              Mirek Jahoda Mirek Jahoda
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: