Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 56f351145bcdd5edd7d2a00c25e0df4fd665ae7d
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:07:40 2014 -0400
Added RSA key generation procedures
>---------------------------------------------------------------
Securing_TLS/en-US/OpenSSL.xml | 31 +++++++++++++++++++++++++++++++
1 files changed, 31 insertions(+), 0 deletions(-)
diff --git a/Securing_TLS/en-US/OpenSSL.xml b/Securing_TLS/en-US/OpenSSL.xml
index 191564f..df458d9 100644
--- a/Securing_TLS/en-US/OpenSSL.xml
+++ b/Securing_TLS/en-US/OpenSSL.xml
@@ -160,5 +160,36 @@ EXP-KRB5-RC4-MD5 SSLv3
</para>
</section>
</section>
+ <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Generating_Crypto">
+ <title>Generating Crypto</title>
+ <para>Properly generating keys and certificates is as important as the ciphers suite being used to secure the circuit. The best cipher can be broken with improperly generated keys.</para>
+
+ <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Generating_Crypto-RSA">
+ <title>Generating RSA keys</title>
+ <para>RSA keys are the most common key type used to secure SSL and TLS circuits. It's relatively simple to generate keys and we'll describe how and why now.</para>
+ <para>
+<screen>
+openssl genrsa -aes128 -out key_name.key 3072
+</screen>
+This will generate a 3072-bit RSA key that is sufficently large for true 128 bits of security. To obtain 256 bits of security the RSA key will need to be 15360 bits. If you require that type of security, however, a ECDSA key should be utilized.
+<important><para>The industry standard 2048-bit RSA key only provides 112 bits of security.<footnote><para>NIST SP 800-57 Part 1, Rev 3 <ulink url="http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_gener…" /></para></footnote></para></important>
+
+<screen>
+openssl rsa -in key_name.key -out key_name.key
+</screen>
+This simply removes the password that was placed on the key at generation. You can do this once you are sure you no longer need to protect the key (like when it's going to be used on the server).
+
+<screen>
+openssl req -new -key key_name.key -out key_name.csr
+</screen>
+This will generate a certificate signing request (<abbrev>CSR</abbrev>) to provide to your certificate authority (<abbrev>CA</abbrev>) for signing.
+
+<screen>
+openssl x509 -req -days 365 -sha384 -in key_name.csr -signkey key_name.key -out key_name.crt
+</screen>
+<emphasis>Optional</emphasis> - This last step isn't generally necessary. This is what the CA does on their side except they use their key in place of key_name.key to sign your key. By doing this you are creating a self-signed certificate which is not very useful and should only be used for testing purposes.
+ </para>
+ </section>
+ </section>
</chapter>
Hi guys,
I would like to use obs-sign for signing packages in Copr.
Since this will be important part of Fedora, I would be glad if more people can see it and point out some problem if
there are any.
I already discussed it with Mitr, but more eyes is always better.
This is little bit premature, since I do not have rpm package ready yet (will be in 2 weeks aprox.).
The code is here:
https://github.com/openSUSE/obs-sign
Docs here:
http://en.opensuse.org/openSUSE:Build_Service_Signer
--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys
Hello,
For the purposes of the Crypto Policies change proposal [0], I think
I've settled to the following three policy levels (inspired by the ENISA
levels but with a rename of the good LEGACY level to DEFAULT). Any
comments or suggestions are appreciated.
As these levels will be a moving target across releases (will provide
defaults that reflect the current state of the art), levels of previous
fedora releases will be referenced as LEVELNAME-F21.
[0]. https://fedoraproject.org/wiki/Changes/CryptoPolicy
regards,
Nikos
The levels and their current settings:
=====LEGACY=====
A level that may include algorithms with known weaknesses (but not
completely broken) which will ensure maximum compatibility with legacy
systems. It should provide at least 64-bit security and include RC4, but
not MD5 as signature algorithm.
MACs: MD5, SHA1+
Curves: All supported
Signature algorithms: must use SHA-1 hash or better
Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC, 3DES-CBC, RC4
Key exchange: ECDHE, RSA, DHE
DH params size: 768+
RSA params size: 768+
SSL Protocols: All supported (SSL3.0+)
=====DEFAULT======
A reasonable default for today's standards. For F21 it should provide
80-bit security and no broken ciphers like RC4.
MACs: SHA1+
Curves: All supported
Signature algorithms: must use SHA-1 hash or better
Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC, 3DES-CBC
Key exchange: ECDHE, RSA, DHE
DH params size: 1024+
RSA params size: 1024+
SSL Protocols: All supported (SSL3.0+)
=====FUTURE======
A level that will provide security on a conservative level that is
believed to withstand any near-term future attacks. That will be
an 128-bit security level, without including protocols with known
attacks available (e.g. SSL 3.0/TLS 1.0). This level may prevent
communication with commonly used systems that provide weaker security
levels (e.g., systems that use SHA-1 as signature algorithm).
MACs: SHA1+
Curves: All supported
Signature algorithms: must use SHA-256 hash or better
Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC
Key exchange: ECDHE, RSA, DHE
DH params size: 2048+
RSA params size: 2048+
SSL Protocols: TLS1.1+
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit d3358153498f9611886facb7608fce33c7e22f05
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:49:40 2014 -0400
Added instructions for generating ECDSA keys
>---------------------------------------------------------------
Securing_TLS/en-US/OpenSSL.xml | 20 ++++++++++++++++++++
1 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/Securing_TLS/en-US/OpenSSL.xml b/Securing_TLS/en-US/OpenSSL.xml
index df458d9..1c9c403 100644
--- a/Securing_TLS/en-US/OpenSSL.xml
+++ b/Securing_TLS/en-US/OpenSSL.xml
@@ -190,6 +190,26 @@ openssl x509 -req -days 365 -sha384 -in key_name.csr -signkey key_name.key -out
<emphasis>Optional</emphasis> - This last step isn't generally necessary. This is what the CA does on their side except they use their key in place of key_name.key to sign your key. By doing this you are creating a self-signed certificate which is not very useful and should only be used for testing purposes.
</para>
</section>
+ <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Generating_Crypto-ECDSA">
+ <title>Generating ECDSA keys</title>
+ <para>ECDSA keys are part of the latest generation of cryptography used in TLS-protected circuits. ECDSA keys do not have to be as large as an RSA key to provide similar protection.</para>
+ <para>The process for generating an ECDSA key is similar to that of RSA and we'll go over the commands now.
+
+<screen>
+openssl ecparam -genkey -name <emphasis>curve</emphasis> -out key_name.pem
+</screen>
+In this command you must provide the name of the curve to use. There are many curves to choose from but based on your particular installation of OpenSSL your choices may be limited. To determine what curves are available you run <command>openssl ecparam -list_curves</command>.
+<screen>
+openssl req -new -key key_name.key -out key_name.csr
+</screen>
+This will generate a certificate signing request (<abbrev>CSR</abbrev>) to provide to your certificate authority (<abbrev>CA</abbrev>) for signing.
+<note><para>It's important to find a CA that will sign your ECDSA key with an ECDSA key to keep the security level high.</para></note>
+<screen>
+openssl req -x509 -newkey ecdsa:ECC_params.pem -keyout server.key -out server.crt -subj /CN=localhost -nodes -batch
+</screen>
+This command will actually generate a self-signed certificate in one swipe.
+ </para>
+ </section>
</section>
</chapter>
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 72a9fc4d7c028bb31493c9d317289f9ba6a4d378
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:16:12 2014 -0400
Added installation instructions
>---------------------------------------------------------------
Securing_TLS/en-US/mod_ssl.xml | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/Securing_TLS/en-US/mod_ssl.xml b/Securing_TLS/en-US/mod_ssl.xml
index 365b0bb..2edbade 100644
--- a/Securing_TLS/en-US/mod_ssl.xml
+++ b/Securing_TLS/en-US/mod_ssl.xml
@@ -8,6 +8,12 @@
<para>
<application>Apache</application> web server utilizes <application>mod_ssl</application> to utilize OpenSSL for cryptography. Configuration is handled by the <filename>/etc/httpd/conf.d/ssl.conf</filename> file and can be modified to support a wide range of ciphers and protocols.
</para>
+ <section id="sect-Fedora_Security_Team-Securing_TLS-mod_ssl-installation">
+ <title>Installation</title>
+ <para>
+ To install <application>mod_ssl</application> using <application>yum</application> just issue the following command: <command>yum install mod_ssl openssl</command>.
+ </para>
+ </section>
<section id="sect-Fedora_Security_Team-Securing_TLS-mod_ssl-configuration">
<title>Configuration</title>
<para>
Hey security people: your feedback on this greatly appreciated:
https://fedorahosted.org/fesco/ticket/1311
Thanks!
--
Matthew Miller -- Fedora Project -- <mattdm(a)fedoraproject.org>
"Tepid change for the somewhat better!"
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 76d368729c5e58a8ffb4f53247d22882a69c5978
Author: Eric Christensen <echriste(a)redhat.com>
Date: Thu May 29 15:16:08 2014 -0400
Added cipher suite list for HIGH, MEDIUM, LOW, and EXPORT.
>---------------------------------------------------------------
Securing_TLS/en-US/OpenSSL.xml | 148 +++++++++++++++++++++++++++++++++++++---
1 files changed, 138 insertions(+), 10 deletions(-)
diff --git a/Securing_TLS/en-US/OpenSSL.xml b/Securing_TLS/en-US/OpenSSL.xml
index 115c8e9..191564f 100644
--- a/Securing_TLS/en-US/OpenSSL.xml
+++ b/Securing_TLS/en-US/OpenSSL.xml
@@ -12,25 +12,153 @@
<title>Cipher Categories</title>
<para><application>OpenSSL</application> groups cipher suites together into easy to define sets that make it easy to implement encryption that makes sense for individual systems. These sets include <literal>HIGH</literal>, <literal>MEDIUM</literal>, <literal>LOW</literal>, <literal>EXPORT</literal>, and <literal>DEFAULT</literal>. By utilizing one, or a combination, of these sets in configuration files, the systems administrator can define many ciphers at once.</para>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-High">
- <title>High Ciphers</title>
- <para />
+ <title><literal>High</literal> Ciphers</title>
+ <para><literal>HIGH</literal> ciphers are the ciphers that offer the best protection (generally speaking these cipher suites provide robust 128-bits of security although this is does not hold up completely).</para>
+ <para>The current <literal>HIGH</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2
+ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2
+ECDHE-RSA-AES256-SHA384 TLSv1.2
+ECDHE-ECDSA-AES256-SHA384 TLSv1.2
+ECDHE-RSA-AES256-SHA SSLv3
+ECDHE-ECDSA-AES256-SHA SSLv3
+DHE-DSS-AES256-GCM-SHA384 TLSv1.2
+DHE-RSA-AES256-GCM-SHA384 TLSv1.2
+DHE-RSA-AES256-SHA256 TLSv1.2
+DHE-DSS-AES256-SHA256 TLSv1.2
+DHE-RSA-AES256-SHA SSLv3
+DHE-DSS-AES256-SHA SSLv3
+DHE-RSA-CAMELLIA256-SHA SSLv3
+DHE-DSS-CAMELLIA256-SHA SSLv3
+AECDH-AES256-SHA SSLv3
+ADH-AES256-GCM-SHA384 TLSv1.2
+ADH-AES256-SHA256 TLSv1.2
+ADH-AES256-SHA SSLv3
+ADH-CAMELLIA256-SHA SSLv3
+ECDH-RSA-AES256-GCM-SHA384 TLSv1.2
+ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2
+ECDH-RSA-AES256-SHA384 TLSv1.2
+ECDH-ECDSA-AES256-SHA384 TLSv1.2
+ECDH-RSA-AES256-SHA SSLv3
+ECDH-ECDSA-AES256-SHA SSLv3
+AES256-GCM-SHA384 TLSv1.2
+AES256-SHA256 TLSv1.2
+AES256-SHA SSLv3
+CAMELLIA256-SHA SSLv3
+PSK-AES256-CBC-SHA SSLv3
+ECDHE-RSA-DES-CBC3-SHA SSLv3
+ECDHE-ECDSA-DES-CBC3-SHA SSLv3
+EDH-RSA-DES-CBC3-SHA SSLv3
+EDH-DSS-DES-CBC3-SHA SSLv3
+AECDH-DES-CBC3-SHA SSLv3
+ADH-DES-CBC3-SHA SSLv3
+ECDH-RSA-DES-CBC3-SHA SSLv3
+ECDH-ECDSA-DES-CBC3-SHA SSLv3
+DES-CBC3-SHA SSLv3
+DES-CBC3-MD5 SSLv2
+PSK-3DES-EDE-CBC-SHA SSLv3
+KRB5-DES-CBC3-SHA SSLv3
+KRB5-DES-CBC3-MD5 SSLv3
+ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
+ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2
+ECDHE-RSA-AES128-SHA256 TLSv1.2
+ECDHE-ECDSA-AES128-SHA256 TLSv1.2
+ECDHE-RSA-AES128-SHA SSLv3
+ECDHE-ECDSA-AES128-SHA SSLv3
+DHE-DSS-AES128-GCM-SHA256 TLSv1.2
+DHE-RSA-AES128-GCM-SHA256 TLSv1.2
+DHE-RSA-AES128-SHA256 TLSv1.2
+DHE-DSS-AES128-SHA256 TLSv1.2
+DHE-RSA-AES128-SHA SSLv3
+DHE-DSS-AES128-SHA SSLv3
+DHE-RSA-CAMELLIA128-SHA SSLv3
+DHE-DSS-CAMELLIA128-SHA SSLv3
+AECDH-AES128-SHA SSLv3
+ADH-AES128-GCM-SHA256 TLSv1.2
+ADH-AES128-SHA256 TLSv1.2
+ADH-AES128-SHA SSLv3
+ADH-CAMELLIA128-SHA SSLv3
+ECDH-RSA-AES128-GCM-SHA256 TLSv1.2
+ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2
+ECDH-RSA-AES128-SHA256 TLSv1.2
+ECDH-ECDSA-AES128-SHA256 TLSv1.2
+ECDH-RSA-AES128-SHA SSLv3
+ECDH-ECDSA-AES128-SHA SSLv3
+AES128-GCM-SHA256 TLSv1.2
+AES128-SHA256 TLSv1.2
+AES128-SHA SSLv3
+CAMELLIA128-SHA SSLv3
+PSK-AES128-CBC-SHA SSLv3
+</screen>
+ </para>
</section>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Medium">
<title>Medium Ciphers</title>
- <para />
+ <para><literal>MEDIUM</literal> ciphers are the ciphers that offer moderate protection and should not be used for any serious security. Many times these ciphers are used for interoperability but that should really be few and far between.</para>
+ <para>The current <literal>MEDIUM</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+DHE-RSA-SEED-SHA SSLv3
+DHE-DSS-SEED-SHA SSLv3
+ADH-SEED-SHA SSLv3
+SEED-SHA SSLv3
+IDEA-CBC-SHA SSLv3
+IDEA-CBC-MD5 SSLv2
+RC2-CBC-MD5 SSLv2
+KRB5-IDEA-CBC-SHA SSLv3
+KRB5-IDEA-CBC-MD5 SSLv3
+ECDHE-RSA-RC4-SHA SSLv3
+ECDHE-ECDSA-RC4-SHA SSLv3
+AECDH-RC4-SHA SSLv3
+ADH-RC4-MD5 SSLv3
+ECDH-RSA-RC4-SHA SSLv3
+ECDH-ECDSA-RC4-SHA SSLv3
+RC4-SHA SSLv3
+RC4-MD5 SSLv3
+RC4-MD5 SSLv2
+PSK-RC4-SHA SSLv3
+KRB5-RC4-SHA SSLv3
+KRB5-RC4-MD5 SSLv3
+</screen>
+ </para>
</section>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Low">
<title>Low Ciphers</title>
- <para />
+ <para><literal>LOW</literal> ciphers are the ciphers that offer little to no protection and should not be used for any serious security. Many times these ciphers are used for interoperability but that should really be few and far between.</para>
+ <para>The current <literal>LOW</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+EDH-RSA-DES-CBC-SHA SSLv3
+EDH-DSS-DES-CBC-SHA SSLv3
+ADH-DES-CBC-SHA SSLv3
+DES-CBC-SHA SSLv3
+DES-CBC-MD5 SSLv2
+KRB5-DES-CBC-SHA SSLv3
+KRB5-DES-CBC-MD5 SSLv3
+</screen>
+ </para>
</section>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Export">
<title>Export Ciphers</title>
- <para />
- </section>
- <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Default">
- <title>Default Ciphers</title>
- <para />
- </section>
+ <para><literal>EXPORT</literal> ciphers are the ciphers that offer little to no protection and should not be used for any serious security. Many times these ciphers are used for interoperability but that should really be few and far between.</para>
+ <para>The current <literal>EXPORT</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+EXP-EDH-RSA-DES-CBC-SHA SSLv3
+EXP-EDH-DSS-DES-CBC-SHA SSLv3
+EXP-ADH-DES-CBC-SHA SSLv3
+EXP-DES-CBC-SHA SSLv3
+EXP-RC2-CBC-MD5 SSLv3
+EXP-RC2-CBC-MD5 SSLv2
+EXP-KRB5-RC2-CBC-SHA SSLv3
+EXP-KRB5-DES-CBC-SHA SSLv3
+EXP-KRB5-RC2-CBC-MD5 SSLv3
+EXP-KRB5-DES-CBC-MD5 SSLv3
+EXP-ADH-RC4-MD5 SSLv3
+EXP-RC4-MD5 SSLv3
+EXP-RC4-MD5 SSLv2
+EXP-KRB5-RC4-SHA SSLv3
+EXP-KRB5-RC4-MD5 SSLv3
+</screen>
+ </para>
+ </section>
</section>
</chapter>