DAOSSDE-112 Security: Modifications to use of Cryptography #3923
Conversation
After peer review the following modifications were requested. * Remove cipher suite AES128-GCM-SHA256 and just offer AES256-GCM-SHA384 as default. * Reduce certificates to one year lifetime (currently three years) * Replace PKCS #1 v1.2 with PKCS #1 v2.1/2 if possible. The golang core library is being used and may not support it yet. Team to verify if it does and, if so, will try to update. * Add to documentation recommending to customer to use the latest version of OpenSSL >= 1.1.1h. For this project, the customer is responsible for generating keys/certs. * Reduce key sizes to 3072 based on expected lifetime of this product Signed-off-by: David Quigley <[email protected]>
dpquigl
force-pushed
the
dpquigl/DAOSDE-112
branch
from
7cc11d9 to
a1bba2d
Compare
|
Test stage Build DEB on Ubuntu 20.04 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/2/execution/node/273/log |
|
Test stage Build RPM on CentOS 7 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/2/execution/node/329/log |
|
Test stage Build RPM on Leap 15 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/2/execution/node/280/log |
|
Test stage Unit Test completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/2/execution/node/652/log |
| @@ -115,10 +115,10 @@ extendedKeyUsage = clientAuth | |||
| function generate_ca_cert () { | |||
| echo "Generating Private CA Root Certificate" | |||
| # Generate Private key and set permissions | |||
| openssl genrsa -out "${PRIVATE}/daosCA.key" 4096 | |||
| openssl genrsa -out "${PRIVATE}/daosCA.key" 3072 | |||
There was a problem hiding this comment.
To be honest I'm not entirely sure. This was the guidance from the crypto team. I'd imagine its due to the fact that 3072 bit keys are computationally difficult enough to break and since its software not hardware that we can update the number if that turns out not to be true in the future.
There was a problem hiding this comment.
I think probably a balance between performance and security.
This is what I got on boro-59, there is no option for rsa 3072 size, but it shows the CPU time for the key size:
[boro-59:/home/huakuang]$ openssl speed rsa2048 rsa4096
sign verify sign/s verify/s
rsa 2048 bits 0.000791s 0.000033s 1264.8 30152.7
rsa 4096 bits 0.007899s 0.000121s 126.6 8276.1
| chmod 0400 "${PRIVATE}/daosCA.key" | ||
| # Generate CA Certificate | ||
| openssl req -new -x509 -config "${CA_HOME}/ca.cnf" -days 1095 -sha512 \ | ||
| openssl req -new -x509 -config "${CA_HOME}/ca.cnf" -days 365 -sha512 \ |
There was a problem hiding this comment.
Why is the CA cert only valid for a year?
There was a problem hiding this comment.
I believe this is considered best practice for internally run and managed CAs.
…different. Signed-off-by: David Quigley <[email protected]>
|
Test stage Build DEB on Ubuntu 20.04 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/3/execution/node/342/log |
|
Test stage Build RPM on Leap 15 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/3/execution/node/287/log |
|
Test stage Unit Test completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/3/execution/node/647/log |
There was a problem hiding this comment.
grep found some TLS_RSA_WITH_AES_128_GCM_SHA256 usage in src/control/vendor, wonder if we need to change these possibly "vendor" files?
./control/vendor/golang.org/x/net/http2/ciphers.go: cipher_TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009C
./control/vendor/golang.org/x/net/http2/ciphers.go: cipher_TLS_RSA_WITH_AES_128_GCM_SHA256,
./control/vendor/google.golang.org/grpc/credentials/tls.go: tls.TLS_RSA_WITH_AES_128_GCM_SHA256: TLS_RSA_WITH_AES_128_GCM_SHA256",
…ning hashes. This uses a seeded PRNG to generate the same salt every time. Signed-off-by: David Quigley <[email protected]>
|
Test stage Build DEB on Ubuntu 20.04 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/5/execution/node/299/log |
|
Test stage Build RPM on CentOS 7 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/5/execution/node/270/log |
|
Test stage Build RPM on Leap 15 completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/5/execution/node/303/log |
|
@GitHuaKuang We dont have to be concerned with what is in vendor. Those are just supported by those libraries but in our code we say we're only advertising that we support that one cipher suite. |
Skip-func-test-leap15:true signed-off-by: David Quigley <[email protected]>
|
Test stage Functional_Hardware_Medium completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/6/execution/node/1062/log |
|
Test stage Functional_Hardware_Large completed with status FAILURE. https://build.hpdd.intel.com//job/daos-stack/job/daos/view/change-requests/job/PR-3923/6/execution/node/1137/log |
|
Failures are not related to crypto changes. |
After peer review the following modifications were requested.
Remove cipher suite AES128-GCM-SHA256 and just offer AES256-GCM-SHA384 as
default.
Reduce certificates to one year lifetime (currently three years)
Replace PKCS Adding a .travis.yml file to trigger CI builds. #1 v1.2 with PKCS Adding a .travis.yml file to trigger CI builds. #1 v2.1/2 if possible. The golang core library
is being used and may not support it yet. Team to verify if it does and, if so,
will try to update.
Add to documentation recommending to customer to use the latest version of
OpenSSL >= 1.1.1h. For this project, the customer is responsible for generating
keys/certs.
Reduce key sizes to 3072 based on expected lifetime of this product
Signed-off-by: David Quigley [email protected]