|
Packit Service |
5b558e |
////
|
|
Packit Service |
5b558e |
Copyright (C) 2019, 2020 Red Hat, Inc.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
This program is free software; you can redistribute it and/or modify
|
|
Packit Service |
5b558e |
it under the terms of the GNU Lesser General Public License as published by
|
|
Packit Service |
5b558e |
the Free Software Foundation; either version 2.1 of the License, or
|
|
Packit Service |
5b558e |
(at your option) any later version.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
This program is distributed in the hope that it will be useful,
|
|
Packit Service |
5b558e |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
5b558e |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit Service |
5b558e |
GNU General Public License for more details.
|
|
Packit Service |
5b558e |
////
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
crypto-policies(7)
|
|
Packit Service |
5b558e |
==================
|
|
Packit Service |
5b558e |
:doctype: manpage
|
|
Packit Service |
5b558e |
:man source: crypto-policies
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
NAME
|
|
Packit Service |
5b558e |
----
|
|
Packit Service |
5b558e |
crypto-policies - system-wide crypto policies overview
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
DESCRIPTION
|
|
Packit Service |
5b558e |
-----------
|
|
Packit Service |
5b558e |
The security of cryptographic components of the operating system
|
|
Packit Service |
5b558e |
does not remain constant over time. Algorithms, such as
|
|
Packit Service |
5b558e |
cryptographic hashing and encryption, typically have a lifetime,
|
|
Packit Service |
5b558e |
after which they are considered either too risky to use or plain insecure.
|
|
Packit Service |
5b558e |
That means, we need to phase out such algorithms from the default
|
|
Packit Service |
5b558e |
settings or completely disable them if they could cause an irreparable problem.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
While in the past the algorithms were not disabled in a consistent way
|
|
Packit Service |
5b558e |
and different applications applied different policies, the system-wide
|
|
Packit Service |
5b558e |
crypto-policies followed by the crypto core components allow consistently
|
|
Packit Service |
5b558e |
deprecating and disabling algorithms system-wide.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The individual policy levels (*DEFAULT*, *LEGACY*, *FUTURE*, and *FIPS*)
|
|
Packit Service |
5b558e |
are included in the *crypto-policies(7)* package. In the future, there will
|
|
Packit Service |
5b558e |
be also a mechanism for easy creation and deployment of policies defined
|
|
Packit Service |
5b558e |
by the system administrator or a third party vendor.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
For rationale, see *RFC 7457* for a list of attacks taking advantage of
|
|
Packit Service |
5b558e |
legacy crypto algorithms.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
COVERED APPLICATIONS
|
|
Packit Service |
5b558e |
--------------------
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
Crypto-policies apply to the configuration of the core cryptographic subsystems,
|
|
Packit Service |
5b558e |
covering *TLS*, *IKE*, *IPSec*, *DNSSec*, and *Kerberos* protocols; i.e., the
|
|
Packit Service |
5b558e |
supported secure communications protocols on the base operating system.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
Once an application runs in the operating system, it follows the default
|
|
Packit Service |
5b558e |
or selected policy and refuses to fall back to algorithms and protocols not
|
|
Packit Service |
5b558e |
within the policy, unless the user has explicitly requested the application
|
|
Packit Service |
5b558e |
to do so. That is, the policy applies to the default behavior of applications
|
|
Packit Service |
5b558e |
when running with the system-provided configuration but the user can override
|
|
Packit Service |
5b558e |
it on an application-specific basis.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The policies currently provide settings for these applications and libraries:
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *BIND* DNS name server daemon
|
|
Packit Service |
5b558e |
* *GnuTLS* TLS library
|
|
Packit Service |
5b558e |
* *OpenJDK* runtime environment
|
|
Packit Service |
5b558e |
* *Kerberos 5* library
|
|
Packit Service |
5b558e |
* *Libreswan* IPsec and IKE protocol implementation
|
|
Packit Service |
5b558e |
* *NSS* TLS library
|
|
Packit Service |
5b558e |
* *OpenSSH* SSH2 protocol implementation
|
|
Packit Service |
5b558e |
* *OpenSSL* TLS library
|
|
Packit Service |
5b558e |
* *libssh* SSH2 protocol implementation
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
Applications using the above libraries and tools are covered by the
|
|
Packit Service |
5b558e |
cryptographic policies unless they are explicitly configured not to be so.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
PROVIDED POLICY LEVELS
|
|
Packit Service |
5b558e |
----------------------
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*LEGACY*::
|
|
Packit Service |
5b558e |
This policy ensures maximum compatibility with legacy systems; it is
|
|
Packit Service |
5b558e |
less secure and it includes support for *TLS 1.0*, *TLS 1.1*, and *SSH2*
|
|
Packit Service |
5b558e |
protocols or later. The algorithms *DSA*, *3DES*, and *RC4* are allowed,
|
|
Packit Service |
5b558e |
while *RSA* and *Diffie-Hellman* parameters are accepted if larger than 1023 bits.
|
|
Packit Service |
5b558e |
The level provides at least 64-bit security.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* MACs: all *HMAC* with *SHA-1* or better + all modern MACs (*Poly1305*
|
|
Packit Service |
5b558e |
etc.)
|
|
Packit Service |
5b558e |
* Curves: all prime >= 255 bits (including Bernstein curves)
|
|
Packit Service |
5b558e |
* Signature algorithms: with *SHA1* hash or better (*DSA* allowed)
|
|
Packit Service |
5b558e |
* *TLS* Ciphers: all available >= 112-bit key, >= 128-bit block (including
|
|
Packit Service |
5b558e |
*RC4* and *3DES*)
|
|
Packit Service |
5b558e |
* Non-TLS Ciphers: same as *TLS* ciphers with added *Camellia*
|
|
Packit Service |
5b558e |
* Key exchange: *ECDHE*, *RSA*, *DHE*
|
|
Packit Service |
5b558e |
* *DH* params size: >= 1023
|
|
Packit Service |
5b558e |
* *RSA* keys size: >= 1023
|
|
Packit Service |
5b558e |
* *DSA* params size: >= 1023
|
|
Packit Service |
5b558e |
* *TLS* protocols: *TLS* >= 1.0, *DTLS* >= 1.0
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*DEFAULT*::
|
|
Packit Service |
5b558e |
The *DEFAULT* policy is a reasonable default policy for today's standards.
|
|
Packit Service |
5b558e |
It allows the *TLS 1.2* and *TLS 1.3* protocols, as well as *IKEv2*
|
|
Packit Service |
5b558e |
and *SSH2*. The *RSA* and *Diffie-Hellman* parameters
|
|
Packit Service |
5b558e |
are accepted if larger than 2047 bits.
|
|
Packit Service |
5b558e |
The level provides at least 112-bit security with the exception of *SHA-1*
|
|
Packit Service |
5b558e |
signatures needed for *DNSSec* and other still prevalent legacy use of
|
|
Packit Service |
5b558e |
*SHA-1* signatures.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* MACs: all *HMAC* with *SHA-1* or better + all modern MACs (*Poly1305*
|
|
Packit Service |
5b558e |
etc.)
|
|
Packit Service |
5b558e |
* Curves: all prime >= 255 bits (including Bernstein curves)
|
|
Packit Service |
5b558e |
* Signature algorithms: with *SHA-1* hash or better (no *DSA*)
|
|
Packit Service |
5b558e |
* *TLS* Ciphers: >= 128-bit key, >= 128-bit block (*AES*, *ChaCha20*,
|
|
Packit Service |
5b558e |
including *AES-CBC*)
|
|
Packit Service |
5b558e |
* non-TLS Ciphers: as *TLS* Ciphers with added *Camellia*
|
|
Packit Service |
5b558e |
* key exchange: *ECDHE*, *RSA*, *DHE* (no *DHE-DSS*)
|
|
Packit Service |
5b558e |
* *DH* params size: >= 2048
|
|
Packit Service |
5b558e |
* *RSA* keys size: >= 2048
|
|
Packit Service |
5b558e |
* *TLS* protocols: *TLS* >= 1.2, *DTLS* >= 1.2
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*FUTURE*::
|
|
Packit Service |
5b558e |
A conservative security level that is believed to withstand any near-term
|
|
Packit Service |
5b558e |
future attacks. This level does not allow the use of *SHA-1* in signature
|
|
Packit Service |
5b558e |
algorithms. The level also provides some (not complete) preparation for
|
|
Packit Service |
5b558e |
post-quantum encryption support in form of 256-bit symmetric encryption
|
|
Packit Service |
5b558e |
requirement. The *RSA* and *Diffie-Hellman* parameters are accepted if
|
|
Packit Service |
5b558e |
larger than 3071 bits. The level provides at least 128-bit security.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* MACs: all *HMAC* with *SHA-256* or better + all modern MACs (*Poly1305*
|
|
Packit Service |
5b558e |
etc.)
|
|
Packit Service |
5b558e |
* Curves: all prime >= 255 bits (including Bernstein curves)
|
|
Packit Service |
5b558e |
* Signature algorithms: with *SHA-256* hash or better (no *DSA*)
|
|
Packit Service |
5b558e |
* *TLS* Ciphers: >= 256-bit key, >= 128-bit block, only Authenticated
|
|
Packit Service |
5b558e |
Encryption (AE) ciphers
|
|
Packit Service |
5b558e |
* non-TLS Ciphers: same as *TLS* ciphers with added non AE ciphers and
|
|
Packit Service |
5b558e |
*Camellia*
|
|
Packit Service |
5b558e |
* key exchange: *ECDHE*, *DHE* (no *DHE-DSS*, no *RSA*)
|
|
Packit Service |
5b558e |
* *DH* params size: >= 3072
|
|
Packit Service |
5b558e |
* *RSA* keys size: >= 3072
|
|
Packit Service |
5b558e |
* *TLS* protocols: *TLS* >= 1.2, *DTLS* >= 1.2
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*FIPS*::
|
|
Packit Service |
5b558e |
A level that conforms to the *FIPS 140-2* requirements. This policy is used
|
|
Packit Service |
5b558e |
internally by the *fips-mode-setup(8)* tool which can switch the system
|
|
Packit Service |
5b558e |
into the *FIPS 140-2* compliance mode.
|
|
Packit Service |
5b558e |
The level provides at least 112-bit security.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* MACs: all *HMAC* with *SHA1* or better
|
|
Packit Service |
5b558e |
* Curves: all prime >= 256 bits
|
|
Packit Service |
5b558e |
* Signature algorithms: with *SHA-256* hash or better (no *DSA*)
|
|
Packit Service |
5b558e |
* *TLS* Ciphers: >= 128-bit key, >= 128-bit block (*AES*,
|
|
Packit Service |
5b558e |
including *AES-CBC*)
|
|
Packit Service |
5b558e |
* non-TLS Ciphers: same as *TLS* Ciphers
|
|
Packit Service |
5b558e |
* key exchange: *ECDHE*, *DHE* (no *DHE-DSS*, no *RSA*)
|
|
Packit Service |
5b558e |
* *DH* params size: >= 2048
|
|
Packit Service |
5b558e |
* *RSA* params size: >= 2048
|
|
Packit Service |
5b558e |
* *TLS* protocols: *TLS* >= 1.2, *DTLS* >= 1.2
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*EMPTY*::
|
|
Packit Service |
5b558e |
All cryptographic algorithms are disabled (used for debugging only, do not
|
|
Packit Service |
5b558e |
use).
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
CRYPTO POLICY DEFINITON FORMAT
|
|
Packit Service |
5b558e |
------------------------------
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The crypto policy definiton files have a simple syntax following an *INI* file
|
|
Packit Service |
5b558e |
'key' = 'value' syntax with these particular features:
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* Comments are indicated by '#' character. Everything on the line following the
|
|
Packit Service |
5b558e |
character is ignored.
|
|
Packit Service |
5b558e |
* Backslash '\' character followed immediately with the end-of-line character
|
|
Packit Service |
5b558e |
indicates line continuation. The following line is concatenated to the current
|
|
Packit Service |
5b558e |
line after the backslash and end-of-line characters are removed.
|
|
Packit Service |
5b558e |
* Value types can be either decimal integers, arbitrary strings, or lists of
|
|
Packit Service |
5b558e |
strings without whitespace characters separated by any number of whitespaces.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The allowed keys are:
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *mac*: List of allowed MAC algorithms
|
|
Packit Service |
5b558e |
* *ssh_group*: Optional; list of allowed groups or elliptic curves for key exchanges
|
|
Packit Service |
5b558e |
for use with the SSH protocol. If absent, the value is derived from *group*.
|
|
Packit Service |
5b558e |
* *group*: List of allowed groups or elliptic curves for key exchanges
|
|
Packit Service |
5b558e |
for use with other protocols
|
|
Packit Service |
5b558e |
* *hash*: List of allowed cryptographic hash (message digest) algorithms
|
|
Packit Service |
5b558e |
* *sign*: List of allowed signature algorithms
|
|
Packit Service |
5b558e |
* *tls_cipher*: Optional; list of allowed symmetric encryption algorithms (including the modes)
|
|
Packit Service |
5b558e |
for use with the TLS protocol. If absent, the value is derived from *cipher*.
|
|
Packit Service |
5b558e |
* *ssh_cipher*: Optional; list of allowed symmetric encryption algorithms (including the modes)
|
|
Packit Service |
5b558e |
for use with the SSH protocol. If absent, the value is derived from *cipher*.
|
|
Packit Service |
5b558e |
* *cipher*: List of allowed symmetric encryption algorithms (including the modes)
|
|
Packit Service |
5b558e |
for use with other protocols
|
|
Packit Service |
5b558e |
* *key_exchange*: List of allowed key exchange algorithms
|
|
Packit Service |
5b558e |
* *protocol*: List of allowed TLS and DTLS protocol versions (ignored by *OpenSSL*
|
|
Packit Service |
5b558e |
and *NSS* back ends)
|
|
Packit Service |
5b558e |
* *ike_protocol*: List of allowed IKE protocol versions
|
|
Packit Service |
5b558e |
* *min_tls_version*: Lowest allowed TLS protocol version (used only by *OpenSSL* a
|
|
Packit Service |
5b558e |
and *NSS* back ends)
|
|
Packit Service |
5b558e |
* *min_dtls_version*: Lowest allowed DTLS protocol version (used only by *NSS* back
|
|
Packit Service |
5b558e |
end)
|
|
Packit Service |
5b558e |
* *min_dh_size*: Integer value of minimum number of bits of parameters for *DH*
|
|
Packit Service |
5b558e |
key exchange
|
|
Packit Service |
5b558e |
* *min_dsa_size*: Integer value of minimum number of bits for *DSA* keys
|
|
Packit Service |
5b558e |
* *min_rsa_size*: Integer value of minimum number of bits for *RSA* keys
|
|
Packit Service |
5b558e |
* *sha1_in_certs*: Value of 1 if *SHA1* allowed in certificate signatures,
|
|
Packit Service |
5b558e |
0 otherwise (Applies to *GnuTLS* back end only.)
|
|
Packit Service |
5b558e |
* *arbitrary_dh_groups*: Value of 1 if arbitrary group in
|
|
Packit Service |
5b558e |
*Diffie-Hellman* is allowed, 0 otherwise
|
|
Packit Service |
5b558e |
* *ssh_certs*: Value of 1 if *OpenSSH* certificate authentication is
|
|
Packit Service |
5b558e |
allowed, 0 otherwise
|
|
Packit Service |
5b558e |
* *ssh_etm*: Value of 1 if *OpenSSH* EtM (encrypt-then-mac) extension is
|
|
Packit Service |
5b558e |
allowed, 0 otherwise
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The full policy definition files have suffix `.pol`, the policy module definition
|
|
Packit Service |
5b558e |
files have suffix `.pmod`. The policy module files do not have to have values
|
|
Packit Service |
5b558e |
set for all the keys listed above.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The lists as set in the base (full policy) are modified by the lists specified in the
|
|
Packit Service |
5b558e |
module files in following way:
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *-*'list-item': The 'list-item' is removed from the list specified in the base
|
|
Packit Service |
5b558e |
policy.
|
|
Packit Service |
5b558e |
* *+*'list-item': The 'list-item' is inserted at the beginning of the list specified
|
|
Packit Service |
5b558e |
in the base policy. The inserts are done in the order of appearance in the
|
|
Packit Service |
5b558e |
policy module file so the actual order in the final list will be reversed.
|
|
Packit Service |
5b558e |
* 'list-item'*+*: The 'list-item' is appended to the end of the list specified
|
|
Packit Service |
5b558e |
in the base policy.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
To completely override a list value in a module file just use 'list-items' without any
|
|
Packit Service |
5b558e |
sign. Combining 'list-items' with and without signs in a single list value assignment is
|
|
Packit Service |
5b558e |
not allowed however an existing list value can be modified in multiple further assignments.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
Non-list key values in the policy module files are simply overriden.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The keys marked as *Optional* can be omitted in the policy definition
|
|
Packit Service |
5b558e |
files. In that case, the values will be derived from the base
|
|
Packit Service |
5b558e |
keys. Note that, this value propagation only applies to the policy
|
|
Packit Service |
5b558e |
definition files. In the policy module files, each key that needs
|
|
Packit Service |
5b558e |
modification must be explicitly specified.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*Policy file placement and naming:*
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The policy files shipped in packages are placed in
|
|
Packit Service |
5b558e |
`/usr/share/crypto-policies/policies` and the policy modules in
|
|
Packit Service |
5b558e |
`/usr/share/crypto-policies/policies/modules`.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The locally configured policy files are placed in
|
|
Packit Service |
5b558e |
`/etc/crypto-policies/policies` and the policy modules in
|
|
Packit Service |
5b558e |
`/etc/crypto-policies/policies/modules`.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The policy and policy module files must have names in upper-case except
|
|
Packit Service |
5b558e |
for the `.pol` and `.pmod` suffix as the update-crypto-policies command
|
|
Packit Service |
5b558e |
always converts the policy name to upper-case before searching for
|
|
Packit Service |
5b558e |
the policy on the filesystem.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
COMMANDS
|
|
Packit Service |
5b558e |
--------
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*update-crypto-policies(8)*::
|
|
Packit Service |
5b558e |
This command manages the policies available to the various cryptographic
|
|
Packit Service |
5b558e |
back ends and allows the system administrator to change the active
|
|
Packit Service |
5b558e |
cryptographic policy level.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*fips-mode-setup(8)*::
|
|
Packit Service |
5b558e |
This command allows the system administrator to enable, or disable the
|
|
Packit Service |
5b558e |
system FIPS mode and also apply the *FIPS* cryptographic policy level
|
|
Packit Service |
5b558e |
which limits the allowed algorithms and protocols to these allowed by
|
|
Packit Service |
5b558e |
the FIPS 140-2 requirements.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
NOTES
|
|
Packit Service |
5b558e |
-----
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*Exceptions*
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *Go-language* applications do not yet follow the system-wide policy.
|
|
Packit Service |
5b558e |
* *GnuPG-2* application does not follow the system-wide policy.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
In general only the data-in-transit is currently covered by the system-wide
|
|
Packit Service |
5b558e |
policy.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
If the system administrator changes the system-wide policy level with
|
|
Packit Service |
5b558e |
the *update-crypto-policies(8)* command it is advisable to restart the
|
|
Packit Service |
5b558e |
system as the individual back-end libraries read the configuration files
|
|
Packit Service |
5b558e |
usually during their initialization. The changes in the policy level
|
|
Packit Service |
5b558e |
thus take place in most cases only when the applications using the back-end
|
|
Packit Service |
5b558e |
libraries are restarted.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*Removed cipher suites and protocols*
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The following cipher suites and protocols are completely removed from the
|
|
Packit Service |
5b558e |
core cryptographic libraries listed above:
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *DES*
|
|
Packit Service |
5b558e |
* All export grade cipher suites
|
|
Packit Service |
5b558e |
* *MD5* in signatures
|
|
Packit Service |
5b558e |
* *SSLv2*
|
|
Packit Service |
5b558e |
* *SSLv3*
|
|
Packit Service |
5b558e |
* All *ECC* curves smaller than 224 bits
|
|
Packit Service |
5b558e |
* All binary field *ECC* curves
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*Cipher suites and protocols disabled in all policy levels*
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The following ciphersuites and protocols are available but disabled in all
|
|
Packit Service |
5b558e |
crypto policy levels. They can be enabled only by explicit configuration
|
|
Packit Service |
5b558e |
of individual applications:
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *DH* with parameters < 1024 bits
|
|
Packit Service |
5b558e |
* *RSA* with key size < 1024 bits
|
|
Packit Service |
5b558e |
* *Camellia*
|
|
Packit Service |
5b558e |
* *ARIA*
|
|
Packit Service |
5b558e |
* *SEED*
|
|
Packit Service |
5b558e |
* *IDEA*
|
|
Packit Service |
5b558e |
* Integrity only ciphersuites
|
|
Packit Service |
5b558e |
* *TLS* *CBC mode* ciphersuites using *SHA-384* HMAC
|
|
Packit Service |
5b558e |
* *AES-CCM8*
|
|
Packit Service |
5b558e |
* all *ECC* curves incompatible with *TLS 1.3*, including secp256k1
|
|
Packit Service |
5b558e |
* *IKEv1*
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
*Notable irregularities in the individual configuration generators*
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *OpenSSL*: The minimum length of the keys and some other parameters
|
|
Packit Service |
5b558e |
are enforced by the @SECLEVEL value which does not provide a fine
|
|
Packit Service |
5b558e |
granularity. The list of *TLS* ciphers is not generated as an exact list
|
|
Packit Service |
5b558e |
but by subtracting from all the supported ciphers for the enabled key
|
|
Packit Service |
5b558e |
exchange methods. For that reason there is no way to disable a random cipher.
|
|
Packit Service |
5b558e |
In particular all *AES-128* ciphers are disabled if the *AES-128-GCM* is not
|
|
Packit Service |
5b558e |
present in the list; all *AES-256* ciphers are disabled if the *AES-256-GCM*
|
|
Packit Service |
5b558e |
is not present. The *CBC* ciphers are disabled if there isn't *HMAC-SHA1*
|
|
Packit Service |
5b558e |
in the hmac list and *AES-256-CBC* in the cipher list. To disable the *CCM*
|
|
Packit Service |
5b558e |
ciphers both *AES-128-CCM* and *AES-256-CCM* must not be present in the cipher
|
|
Packit Service |
5b558e |
list.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *GnuTLS*: The minimum length of the keys and some other parameters
|
|
Packit Service |
5b558e |
are enforced by min-verification-profile setting in the *GnuTLS* configuration
|
|
Packit Service |
5b558e |
file which does not provide fine granularity.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
* *OpenSSH*: *DH* group 1 is always disabled on server even if the policy
|
|
Packit Service |
5b558e |
allows 1024 bit *DH* groups in general. The OpenSSH configuration option
|
|
Packit Service |
5b558e |
HostKeyAlgorithms is set only for the *SSH* server as otherwise the
|
|
Packit Service |
5b558e |
handling of the existing known hosts entries would be broken on client.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
HISTORY
|
|
Packit Service |
5b558e |
-------
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
The *ECDHE-GSS* and *DHE-GSS* algorithms are newly introduced and must be
|
|
Packit Service |
5b558e |
specified in the base policy for the SSH GSSAPI key exchange methods
|
|
Packit Service |
5b558e |
to be enabled. Previously the legacy SSH GSSAPI key exchange methods were
|
|
Packit Service |
5b558e |
automatically enabled when the *SHA1* hash and *DH* parameters of at least
|
|
Packit Service |
5b558e |
2048 bits were enabled.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
Before the introduction of the *custom crypto policies* support it
|
|
Packit Service |
5b558e |
was possible to have an completely arbitrary crypto policy created as
|
|
Packit Service |
5b558e |
a set of arbitrary back-end config files in
|
|
Packit Service |
5b558e |
`/usr/share/crypto-policies/<POLICYNAME>` directory. With the introduction
|
|
Packit Service |
5b558e |
of the *custom crypto policies* it is still possible but there must
|
|
Packit Service |
5b558e |
be an empty (possibly with any comment lines) `<POLICYNAME>.pol` file
|
|
Packit Service |
5b558e |
in `/usr/share/crypto-policies/policies` so the `update-crypto-policies`
|
|
Packit Service |
5b558e |
command can recognize the arbitrary custom policy.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
FILES
|
|
Packit Service |
5b558e |
-----
|
|
Packit Service |
5b558e |
/etc/crypto-policies/back-ends::
|
|
Packit Service |
5b558e |
The individual cryptographical back-end configuration files.
|
|
Packit Service |
5b558e |
Usually linked to the configuration shipped in the crypto-policies
|
|
Packit Service |
5b558e |
package unless a configuration from `local.d` is added.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/etc/crypto-policies/config::
|
|
Packit Service |
5b558e |
The active crypto-policies level set on the system.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/etc/crypto-policies/local.d::
|
|
Packit Service |
5b558e |
Additional configuration shipped by other packages or created by
|
|
Packit Service |
5b558e |
the system administrator. The contents of the `<back-end>-file.config`
|
|
Packit Service |
5b558e |
is appended to the configuration from the policy back end as
|
|
Packit Service |
5b558e |
shipped in the crypto-policies package.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/usr/share/crypto-policies/policies::
|
|
Packit Service |
5b558e |
System policy definition files.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/usr/share/crypto-policies/policies/modules::
|
|
Packit Service |
5b558e |
System subpolicy module definition files.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/etc/crypto-policies/policies::
|
|
Packit Service |
5b558e |
Custom policy definition files as configured by the system
|
|
Packit Service |
5b558e |
administrator.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/etc/crypto-policies/policies/modules::
|
|
Packit Service |
5b558e |
Custom subpolicy module definition files as configured by the system
|
|
Packit Service |
5b558e |
administrator.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
/usr/share/crypto-policies/<'POLICYNAME'>::
|
|
Packit Service |
5b558e |
Pre-generated back-end configurations for policy 'POLICYNAME'.
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
SEE ALSO
|
|
Packit Service |
5b558e |
--------
|
|
Packit Service |
5b558e |
update-crypto-policies(8), fips-mode-setup(8)
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
|
|
Packit Service |
5b558e |
AUTHOR
|
|
Packit Service |
5b558e |
------
|
|
Packit Service |
5b558e |
Written by Tomáš Mráz.
|