New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Backport][ipa-4-6] Vault: Migrate to RSA-OAEP #7212
base: ipa-4-6
Are you sure you want to change the base?
Conversation
WIP as I need to test well. |
Hi @rcritten, @flo-renaud I spawned RHEL7.9 server and client: RHEL7.9 server/client with the patches in normal mode (KRA uses PKCS1v15), keyWrap.useOAEP is not in the CS.cfg file:
I manually added UseOAEP in the KRA, and restarted pki-tomcatd@pki-tomcat.service, then:
running with pki-kra-10.5.18-27.el7_9.noarch. |
Hi @f-trivino The 7.9 server answers to vaultconfig-show with a result containing only the transport cert. With recent versions the result also contains wrapping_supported_algorithms and wrapping_default_algorithm.
|
958c706
to
7ff3403
Compare
a6b32e5
to
799176e
Compare
The vault plugin has used TripleDES (des-ede3-cbc) as default wrapping algorithm since the plugin was introduced. Allow use of AES-128-CBC as alternative wrapping algorithm for transport of secrets. Fixes: https://pagure.io/freeipa/issue/6524 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com>
This commit sets AES-128-CBC as default wrapping algorithm as TripleDES (des-ede3-cbc) is not supported anymore in C9S. Fixes: https://pagure.io/freeipa/issue/6524 Signed-off-by: Francisco Trivino <ftrivino@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com>
AES-128-CBC was recently enabled as default wrapping algorithm for transport of secrets. This change was done in favor of FIPS as crypto-policies disabled 3DES in RHEL9, but setting AES as default ended-up breaking backwards compatibility with older RHEL systems. This commit is tuning some defaults so that interoperability with older RHEL systems works again. The new logic reflects: - when an old client is calling a new server, it doesn't send any value for wrapping_algo and the old value is used (3DES), so that the client can decrypt using 3DES. - when a new client is calling a new server, it sends wrapping_algo = AES128_CBC - when a new client is calling an old server, it doesn't send any value and the default is to use 3DES. Finally, as this logic is able to handle overlapping wrapping algorithm between server and client, the Option "--wrapping-algo" is hidden from "ipa vault-archive --help" and "ipa vault-retrieve --help" commands. Fixes: https://pagure.io/freeipa/issue/9259 Signed-off-by: Francisco Trivino <ftrivino@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
None of the FIPS certified modules in RHEL support PKCS#1 v1.5 as FIPS approved mechanism. This commit adds support for RSA-OAEP padding as a fallback. Fixes: https://pagure.io/freeipa/issue/9191 Signed-off-by: Francisco Trivino <ftrivino@redhat.com>
If a vault operation fails, the error message just says "InternalError". This commit improves error handling of key archival and retrieval calls by catching the PKIException error and raising it as an IPA error. Related: https://pagure.io/freeipa/issue/9191 Signed-off-by: Francisco Trivino <ftrivino@redhat.com>
799176e
to
0f21faf
Compare
@flo-renaud I believe this is ready now. I'm removing temp_commit (passing tests are here: http://freeipa-org-pr-ci.s3-website.eu-central-1.amazonaws.com/jobs/3974dc32-ca6f-11ee-9f92-fa163eeea21a/) I also did some manual testing with rhel7.9 server and rhel9.4 client with all patches: Without FIPS:
With FIPS:
|
This PR was opened manually because PR #6959 was pushed to master and backport to ipa-4-6 is required.