Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-47210

-cipher DEFAULT:@SECLEVEL=0 -sigalgs SHA1+RSA does not enable support for SHA-1 signatures

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • rhel-10.0.beta
    • openssl
    • None
    • None
    • 1
    • sst_security_crypto
    • ssg_security
    • 0.2
    • False
    • Hide

      None

      Show
      None
    • Yes
    • Crypto24Q3
    • Hide

      AC1) In DEFAULT policy without SECLEVEL=0, SHA-1 should fail

      AC2) In DEFAULT policy with SECLEVEL=0, SHA-1 should fail

      AC3) In LEGACY policy without SECLEVEL=0, SHA-1 should fail

      AC4) In LEGACY policy with SECLEVEL=0, SHA-1 should be accepted

      Show
      AC1) In DEFAULT policy without SECLEVEL=0, SHA-1 should fail AC2) In DEFAULT policy with SECLEVEL=0, SHA-1 should fail AC3) In LEGACY policy without SECLEVEL=0, SHA-1 should fail AC4) In LEGACY policy with SECLEVEL=0, SHA-1 should be accepted
    • Pass
    • None
    • Removed Functionality
    • Hide
      . Switching to LEGACY policy does not enable support for SHA-1 in TLS connections.

      Support for SHA-1 signatures is controlled by two settings: the @SECLEVEL specified in the default cipher string and by the `rh-allow-sha1-signatures` property.

      Support for SHA-1 in TLS context is enabled by setting @SECLEVEL=0. Caution! This will enable support also for other insecure algorithms!

      But, the SECLEVEL setting is overridden by the `rh-allow-sha1-signatures` property setting, set in `evp_properties` section. That setting defaults to "no" when unspecified in the configuration file. The crypto-policies mechanism will set that property to "yes" when running in LEGACY mode.

      As such, to enable support for SHA-1 in contexts outside TLS, it's necessary to switch the system to LEGACY policy. To enable SHA-1 in TLS, it's necessary to switch the system to LEGACY policy *and* use cipherstring that sets `@SECLEVEL=0` (either by defining custom policy or setting it explicitly for the application using openssl).
      Show
      . Switching to LEGACY policy does not enable support for SHA-1 in TLS connections. Support for SHA-1 signatures is controlled by two settings: the @SECLEVEL specified in the default cipher string and by the `rh-allow-sha1-signatures` property. Support for SHA-1 in TLS context is enabled by setting @SECLEVEL=0. Caution! This will enable support also for other insecure algorithms! But, the SECLEVEL setting is overridden by the `rh-allow-sha1-signatures` property setting, set in `evp_properties` section. That setting defaults to "no" when unspecified in the configuration file. The crypto-policies mechanism will set that property to "yes" when running in LEGACY mode. As such, to enable support for SHA-1 in contexts outside TLS, it's necessary to switch the system to LEGACY policy. To enable SHA-1 in TLS, it's necessary to switch the system to LEGACY policy *and* use cipherstring that sets `@SECLEVEL=0` (either by defining custom policy or setting it explicitly for the application using openssl).
    • Proposed
    • None

      When the server is configured with -cipher DEFAULT:@SECLEVEL=0 -sigalgs SHA1+RSA then TLS1.2 clients that advertise support for SHA-1 signatures implicitly (by not including sig_algs extension) can't connect to the server, the server sends handshake_failure alert

            rh-ee-gpantela George Pantelakis
            hkario@redhat.com Alicja Kario
            Sahana Prasad Hebbur Narasimha Prasad Sahana Prasad Hebbur Narasimha Prasad
            George Pantelakis George Pantelakis
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: