Ticket #1556 Weak HTTPS TLS ciphers

This patch fixes the RSA ciphers that were mistakenly turned on under ECC section, and off under RSA section. A few adjustments have also been made based on Bob Relyea's feedback. A new file, <instance>/conf/ciphers.info was also created to 1. provide info on the ciphers 2. provide default rsa and ecc ciphers for admins to incorporate into earlier instances (as migration script might not be ideal due to possible customization)
author: Christina Fu <cfu@redhat.com> 2015-08-14 19:57:15 +0200
committer: Christina Fu <cfu@redhat.com> 2015-08-14 18:26:05 -0700
commit: 67c895851781d69343979cbcff138184803880ea (patch)
tree: 265dc9539f3d8352cc2fee2b8663a45034334ca8
parent: 4743a86beb48b81edc90d8e35ebbebfa414faea2 (diff)
download: pki-67c895851781d69343979cbcff138184803880ea.tar.gz
pki-67c895851781d69343979cbcff138184803880ea.tar.xz
pki-67c895851781d69343979cbcff138184803880ea.zip
4 files changed, 110 insertions, 34 deletions
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py
index c1b6be395..425b71034 100644
--- a/base/server/python/pki/server/deployment/pkiparser.py
+++ b/base/server/python/pki/server/deployment/pkiparser.py
@@ -921,42 +921,46 @@ class PKIConfigParser:
                 "tls1_0:tls1_2"
             self.mdict['TOMCAT_SSL_VERSION_RANGE_DATAGRAM_SLOT'] = \
                 "tls1_1:tls1_2"
+            ##
+            # Reminder: if the following cipher lists are updated, be sure
+            # to remember to update pki/base/server/share/conf/ciphers.info
+            # accordingly
+            #
             if self.mdict['pki_ssl_server_key_type'] == "ecc":
                 self.mdict['TOMCAT_SSL_RANGE_CIPHERS_SLOT'] = \
-                    "+TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," + \
-                    "+TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA," + \
-                    "+TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA," + \
-                    "+TLS_ECDH_RSA_WITH_AES_128_CBC_SHA," + \
-                    "+TLS_ECDH_RSA_WITH_AES_256_CBC_SHA," + \
-                    "+TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," + \
+                    "-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA," + \
+                    "-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA," + \
+                    "-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA," + \
+                    "-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256," + \
                     "+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA," + \
                     "-TLS_RSA_WITH_3DES_EDE_CBC_SHA," + \
                     "-TLS_RSA_WITH_AES_128_CBC_SHA," + \
                     "-TLS_RSA_WITH_AES_256_CBC_SHA," + \
                     "+TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA," + \
                     "+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + \
-                    "+TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
-                    "+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA," + \
-                    "+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
+                    "-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA," + \
                     "-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA," + \
                     "-TLS_DHE_DSS_WITH_AES_128_CBC_SHA," + \
                     "-TLS_DHE_DSS_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256," + \
                     "-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
                     "-TLS_DHE_RSA_WITH_AES_128_CBC_SHA," + \
                     "-TLS_DHE_RSA_WITH_AES_256_CBC_SHA," + \
                     "-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256," + \
                     "-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256," + \
+                    "-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256," + \
                     "-TLS_RSA_WITH_AES_128_CBC_SHA256," + \
                     "-TLS_RSA_WITH_AES_256_CBC_SHA256," + \
                     "-TLS_RSA_WITH_AES_128_GCM_SHA256," + \
-                    "-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256," + \
-                    "-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256," + \
                     "+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256," + \
-                    "+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256," + \
                     "+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," + \
-                    "+TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256," + \
-                    "+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256," + \
-                    "+TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
+                    "+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA," + \
+                    "+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256," + \
+                    "+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
             else:
                 self.mdict['TOMCAT_SSL_RANGE_CIPHERS_SLOT'] = \
                     "-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA," + \
@@ -965,34 +969,34 @@ class PKIConfigParser:
                     "-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA," + \
                     "-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA," + \
                     "-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256," + \
+                    "-TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256," +\
                     "-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA," + \
-                    "+TLS_RSA_WITH_3DES_EDE_CBC_SHA," + \
-                    "+TLS_RSA_WITH_AES_128_CBC_SHA," + \
-                    "+TLS_RSA_WITH_AES_256_CBC_SHA," + \
                     "-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA," + \
                     "-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA," + \
-                    "-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
-                    "-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA," + \
-                    "-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA," + \
+                    "+TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
+                    "+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA," + \
+                    "+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA," + \
                     "-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA," + \
                     "-TLS_DHE_DSS_WITH_AES_128_CBC_SHA," + \
                     "-TLS_DHE_DSS_WITH_AES_256_CBC_SHA," + \
-                    "+TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
-                    "+TLS_DHE_RSA_WITH_AES_128_CBC_SHA," + \
-                    "+TLS_DHE_RSA_WITH_AES_256_CBC_SHA," + \
-                    "+TLS_DHE_RSA_WITH_AES_128_CBC_SHA256," + \
-                    "+TLS_DHE_RSA_WITH_AES_256_CBC_SHA256," + \
-                    "+TLS_RSA_WITH_AES_128_CBC_SHA256," + \
-                    "+TLS_RSA_WITH_AES_256_CBC_SHA256," + \
-                    "+TLS_RSA_WITH_AES_128_GCM_SHA256," + \
-                    "+TLS_DHE_RSA_WITH_AES_128_GCM_SHA256," + \
+                    "-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA," + \
+                    "-TLS_DHE_RSA_WITH_AES_128_CBC_SHA," + \
+                    "-TLS_DHE_RSA_WITH_AES_256_CBC_SHA," + \
+                    "-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256," + \
+                    "-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256," + \
+                    "-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256," + \
                     "-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256," + \
                     "-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256," + \
-                    "-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256," + \
+                    "+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256," + \
                     "-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256," + \
-                    "-TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256," + \
-                    "-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256," + \
-                    "-TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"
+                    "+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256," + \
+                    "-TLS_RSA_WITH_AES_128_CBC_SHA256," + \
+                    "-TLS_RSA_WITH_AES_256_CBC_SHA256," + \
+                    "-TLS_RSA_WITH_AES_128_GCM_SHA256," + \
+                    "+TLS_RSA_WITH_3DES_EDE_CBC_SHA," + \
+                    "+TLS_RSA_WITH_AES_128_CBC_SHA," + \
+                    "+TLS_RSA_WITH_AES_256_CBC_SHA"
             self.mdict['TOMCAT_SSL2_CIPHERS_SLOT'] = \
                 "-SSL2_RC4_128_WITH_MD5," + \
                 "-SSL2_RC4_128_EXPORT40_WITH_MD5," + \
diff --git a/base/server/share/conf/ciphers.info b/base/server/share/conf/ciphers.info
new file mode 100644
index 000000000..998c51e98
--- /dev/null
+++ b/base/server/share/conf/ciphers.info
@@ -0,0 +1,66 @@
+##
+# BEGIN COPYRIGHT BLOCK
+# Copyright (C) 2015 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+# This file contains the default sslRangeCiphers that come with this version of
+# the PKI software in its <instance>/conf/server.xml file.
+# Depending on which kind of SSL server you have, you want to reference the
+# corresponding cipher suite for making adjustments to your instance server.xml.
+#
+#
+#        About the TLS range related parameters:
+#              'sslVersionRangeStream'
+#              'sslVersionRangeDatagram'
+#              'sslRangeCiphers'
+#        The sslVersionRangeStream and sslVersionRangeDatagram by default
+#        contains values that are supported by the native NSS. Changes can
+#        be made to restrict or relax the support.
+#        The sslRangeCiphers by default conatins a list of ciphers best
+#        for the type of the server installed. Changes can be made to suit
+#        each site's needs.
+#        Although TLS1.2 ciphers (SHA256)  are preferred, many older clients
+#        do not support them.  For example,
+#        the following "preferred modern" ciphers are on by default, and by
+#        simply limiting the sslVersionRange* parameters, they can be turned off.
+#            TLS_RSA_WITH_AES_128_CBC_SHA256,
+#            TLS_RSA_WITH_AES_256_CBC_SHA256,
+#            TLS_RSA_WITH_AES_128_GCM_SHA256,
+#            TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+#            TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+#            TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+#            TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+#        The following  ciphers are supported in rhel7.2 or greater, and they
+#        are off by default, and can be turned on by sites running rhel7.2 or
+#        greater:
+#            TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
+#            TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+#            TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+#            TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+#            TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+#            TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+#        Although the following (somewhat weaker ciphers, in CBC mode), though
+#        adaquate for the CS operations, they can be turned off if needed:
+#            TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+#            TLS_RSA_WITH_AES_128_CBC_SHA,
+#            TLS_RSA_WITH_AES_256_CBC_SHA,
+#            TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+#        Note: In an EC CS server setup, you will see by default that the
+#           following RSA ciphers are left on.  Those are used for installation
+#           where the actual systems certs have not yet been crated, and a
+#           temporary RSA ssl server cert is at play.
+#           Those can be turned off manually by sites.
+#               TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+#               TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+#               TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+#           These ciphers might be removed by the installation script in some
+#           future release.
+#
+##
+# For RSA servers:
+           sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,-TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_AES_128_CBC_SHA256,-TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_AES_128_GCM_SHA256,+TLS_RSA_WITH_3DES_EDE_CBC_SHA,+TLS_RSA_WITH_AES_128_CBC_SHA,+TLS_RSA_WITH_AES_256_CBC_SHA"
+#
+#
+# For ECC servers:
+           sslRangeCiphers="-TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_RSA_WITH_AES_128_CBC_SHA,-TLS_RSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,-TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_CBC_SHA,-TLS_DHE_DSS_WITH_AES_256_CBC_SHA,-TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,-TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA,-TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,-TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,-TLS_RSA_WITH_AES_128_CBC_SHA256,-TLS_RSA_WITH_AES_256_CBC_SHA256,-TLS_RSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
diff --git a/base/server/tomcat7/conf/server.xml b/base/server/tomcat7/conf/server.xml
index d944d324b..7deb8a201 100644
--- a/base/server/tomcat7/conf/server.xml
+++ b/base/server/tomcat7/conf/server.xml
@@ -179,6 +179,9 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
         ocspMinCacheEntryDuration - sets minimum seconds to next fetch attempt
         ocspMaxCacheEntryDuration - sets maximum seconds to next fetch attempt
         ocspTimeout -sets OCSP timeout in seconds
+
+        See <instance dir>/conf/ciphers.info
+            About the TLS range related parameters
     -->
     <Connector name="[PKI_SECURE_PORT_CONNECTOR_NAME]" port="[PKI_SECURE_PORT]" protocol="HTTP/1.1" SSLEnabled="true" sslProtocol="SSL" scheme="https" secure="true"
            maxHttpHeaderSize="8192"
diff --git a/base/server/tomcat8/conf/server.xml b/base/server/tomcat8/conf/server.xml
index 2c2536b7f..7c74d7ced 100644
--- a/base/server/tomcat8/conf/server.xml
+++ b/base/server/tomcat8/conf/server.xml
@@ -198,6 +198,9 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
         ocspMinCacheEntryDuration - sets minimum seconds to next fetch attempt
         ocspMaxCacheEntryDuration - sets maximum seconds to next fetch attempt
         ocspTimeout -sets OCSP timeout in seconds
+
+        See <instance dir>/conf/ciphers.info
+            About the TLS range related parameters
     -->
     <Connector name="[PKI_SECURE_PORT_CONNECTOR_NAME]"
            port="[PKI_SECURE_PORT]"
author	Christina Fu <cfu@redhat.com>	2015-08-14 19:57:15 +0200
committer	Christina Fu <cfu@redhat.com>	2015-08-14 18:26:05 -0700
commit	67c895851781d69343979cbcff138184803880ea (patch)
tree	265dc9539f3d8352cc2fee2b8663a45034334ca8
parent	4743a86beb48b81edc90d8e35ebbebfa414faea2 (diff)
download	pki-67c895851781d69343979cbcff138184803880ea.tar.gz pki-67c895851781d69343979cbcff138184803880ea.tar.xz pki-67c895851781d69343979cbcff138184803880ea.zip