Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-14578

Backport implicit rejection mechanism for RSA PKCS#1 v1.5 to RHEL-9.2.z

XMLWordPrintable

    • openssl-3.0.7-18.el9_2
    • None
    • None
    • ZStream
    • 2
    • sst_security_crypto
    • ssg_security
    • 0.5
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q1, Crypto23Q4
    • Hide

      verify that malformed ciphertexts, when decrypted with openssl command line, return a synthetic ciphertext like the one returned by tlslite-ng

      Show
      verify that malformed ciphertexts, when decrypted with openssl command line, return a synthetic ciphertext like the one returned by tlslite-ng
    • Pass
    • None
    • Enhancement
    • Hide
      .OpenSSL now contains protections against Bleichenbacher-like attacks

      This release of the OpenSSL TLS toolkit introduces API-level protections against Bleichenbacher-like attacks on the RSA PKCS #1 v1.5 decryption process. The RSA decryption now returns a randomly generated deterministic message instead of an error if it detects an error when checking padding during a PKCS #1 v1.5 decryption. The change provides general protection against vulnerabilities such as link:https://access.redhat.com/security/cve/CVE-2020-25659[CVE-2020-25659] and link:https://access.redhat.com/security/cve/CVE-2020-25657[CVE-2020-25657].

      You can disable this protection by calling the `EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection". "0")` function on the RSA decryption context, but this makes your system more vulnerable.
      Show
      .OpenSSL now contains protections against Bleichenbacher-like attacks This release of the OpenSSL TLS toolkit introduces API-level protections against Bleichenbacher-like attacks on the RSA PKCS #1 v1.5 decryption process. The RSA decryption now returns a randomly generated deterministic message instead of an error if it detects an error when checking padding during a PKCS #1 v1.5 decryption. The change provides general protection against vulnerabilities such as link: https://access.redhat.com/security/cve/CVE-2020-25659 [CVE-2020-25659] and link: https://access.redhat.com/security/cve/CVE-2020-25657 [CVE-2020-25657]. You can disable this protection by calling the `EVP_PKEY_CTX_ctrl_str(ctx, "rsa_pkcs1_implicit_rejection". "0")` function on the RSA decryption context, but this makes your system more vulnerable.
    • Proposed
    • None

      Please backport the implicit rejection mechanism from rhel-9.3.0: https://bugzilla.redhat.com/show_bug.cgi?id=2153471

            hkario@redhat.com Alicja Kario
            hkario@redhat.com Alicja Kario
            Clemens Lang Clemens Lang
            Alicja Kario Alicja Kario
            Mirek Jahoda Mirek Jahoda
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: