1
0

Accepting request 1098705 from home:msmeissn:branches:security:tls

- BSI.pol: Added a new BSI policy for BSI TR 02102* (jsc#PED-4933)
  derived from NEXT.pol

OBS-URL: https://build.opensuse.org/request/show/1098705
OBS-URL: https://build.opensuse.org/package/show/security:tls/crypto-policies?expand=0&rev=18
This commit is contained in:
Pedro Monreal Gonzalez 2023-07-17 09:56:19 +00:00 committed by Git OBS Bridge
parent 743dc266bd
commit aaa823e0a2
3 changed files with 99 additions and 0 deletions

87
BSI.pol Normal file
View File

@ -0,0 +1,87 @@
# This policy follows the BSI TR-02102-2 "Kryptographische Verfahren: Verwendung von Transport Layer Security (TLS)"
# Generic:https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.html
# TLS: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-2.html
# IPSEC: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-3.html
# Note that currently crypto-policies do not adjust ipsec configs, but only openssl or nss.
# SSH: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102-4.html
# Note that the SUSE openssh is not yet reading crypto policies.
# Author: Marcus Meissner <meissner@suse.de> 2023
#
# Based on NEXT.pol
# BSI TR 02102 / revision 2023.1, Table 5.1 "Empfohlene Hashfunktionen."
# HMAC-SHA1 is not valid anymore
# UMAC is for SSH... check TODO
mac = AEAD HMAC-SHA2-256 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512
# BSI TR 02102-2 / revision 2023.1, Table 4 "Empfohlene Diffie-Hellman-Gruppen für TLS 1.2"
# not listed in BSI TR, but could be included: FFDHE-6144 FFDHE-8192
group = SECP256R1 SECP384R1 SECP521R1 FFDHE-2048 FFDHE-3072 FFDHE-4096 BRAINPOOL-P512R1 BRAINPOOL-P384R1 BRAINPOOL-P256R1
# BSI TR 02102 / revision 2023.1, Table 5.1 "Empfohlene Hashfunktionen."
hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512
hash@DNSSec = SHA1+ # SHA1 is still prevalent in DNSSec
# BSI TR 02102-2 / revision 2023.1, Table 5 "Empfohlene Signaturverfahren für TLS 1.2" and
# Table 6 "Empfohlene Hashfunktionen für Signaturverfahren in TLS 1.2"
# BSI TR 02102 / revision 2023.1 Section 5 "Hashfunktionen"
# 224 bit SHA parts not recommended by BSI: ECDSA-SHA2-224 RSA-PSS-SHA2-224 RSA-SHA2-224 ECDSA-SHA3-224 RSA-PSS-SHA3-224 RSA-SHA3-224
sign = ECDSA-SHA3-256 ECDSA-SHA2-256 ECDSA-SHA2-256-FIDO \
ECDSA-SHA3-384 ECDSA-SHA2-384 \
ECDSA-SHA3-512 ECDSA-SHA2-512 \
EDDSA-ED25519 EDDSA-ED25519-FIDO EDDSA-ED448 \
RSA-PSS-SHA3-256 RSA-PSS-SHA2-256 \
RSA-PSS-SHA3-384 RSA-PSS-SHA2-384 \
RSA-PSS-SHA3-512 RSA-PSS-SHA2-512 \
RSA-PSS-RSAE-SHA3-256 RSA-PSS-RSAE-SHA2-256 \
RSA-PSS-RSAE-SHA3-384 RSA-PSS-RSAE-SHA2-384 \
RSA-PSS-RSAE-SHA3-512 RSA-PSS-RSAE-SHA2-512 \
RSA-SHA3-256 RSA-SHA2-256 \
RSA-SHA3-384 RSA-SHA2-384 \
RSA-SHA3-512 RSA-SHA2-512
sign@DNSSec = RSA-SHA1+ ECDSA-SHA1+ # SHA1 is still prevalent in DNSSec
# BSI TR 02102 / revision 2023.1
# Not listed in BSI TR: CHACHA20-POLY1305 CAMELLIA-256-GCM CAMELLIA-128-CBC CAMELLIA-256-CBC CAMELLIA-128-GCM
cipher = AES-256-GCM AES-256-CCM AES-256-CTR AES-256-CBC AES-128-GCM AES-128-CCM AES-128-CTR AES-128-CBC
# BSI TR 02102-2 / revision 2023.1, Table 1 and Table 2
# CHACHA20-POLY1305 not listed in TR
cipher@TLS = AES-256-GCM AES-256-CCM AES-256-CBC AES-128-GCM AES-128-CCM AES-128-CBC
cipher@sequoia = AES-256-CFB AES-128-CFB CAMELLIA-256-CFB CAMELLIA-128-CFB
cipher@RPM = AES-256-CFB AES-128-CFB CAMELLIA-256-CFB CAMELLIA-128-CFB
# CBC ciphers in SSH are considered vulnerable to plaintext recovery attacks
# and disabled in client OpenSSH 7.6 (2017) and server OpenSSH 6.7 (2014).
cipher@SSH = -*-CBC
# BSI TR 02102-2 / revision 2023.1, Table 1 and Table 2
# Note this goes to all ciphers. DHE-GSS is not valid for TLS, but used in SSH.
# TLS: ECDHE DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK are ok, GSS is not used in TLS, will not be used for TLS
key_exchange = ECDHE DHE DHE-RSA PSK DHE-PSK ECDHE-PSK RSA-PSK ECDHE-GSS DHE-GSS
# BSI TR 02102-2 / revision 2023.1, Section 3.2 "SSL/TLS Versionen"
protocol@TLS = TLS1.3 TLS1.2 DTLS1.2
protocol@IKE = IKEv2
# Parameter sizes
min_dh_size = 3072
min_dsa_size = 3072
# BSI TR 02102-2 / revision 2023.1: 2k still allowed until end of 2023.
min_rsa_size = 2048
# GnuTLS only for now
sha1_in_certs = 0
arbitrary_dh_groups = 1
ssh_certs = 1
ssh_etm = 1
# https://pagure.io/fesco/issue/2960
# "RPM must accept SHA-1 hashes and DSA keys for Fedora 38"
sign@RPM = DSA-SHA1+
hash@RPM = SHA1+
min_dsa_size@RPM = 1024

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Jul 14 14:59:06 UTC 2023 - Marcus Meissner <meissner@suse.com>
- BSI.pol: Added a new BSI policy for BSI TR 02102* (jsc#PED-4933)
derived from NEXT.pol
------------------------------------------------------------------- -------------------------------------------------------------------
Thu May 25 11:28:12 UTC 2023 - Pedro Monreal <pmonreal@suse.com> Thu May 25 11:28:12 UTC 2023 - Pedro Monreal <pmonreal@suse.com>

View File

@ -35,6 +35,8 @@ Source3: update-crypto-policies.8.gz
Source4: fips-mode-setup.8.gz Source4: fips-mode-setup.8.gz
Source5: fips-finish-install.8.gz Source5: fips-finish-install.8.gz
Source6: crypto-policies-rpmlintrc Source6: crypto-policies-rpmlintrc
# BSI TR-02102 encoded for jsc#PED-4933 (customer request to have BSI TR-02102 policies)
Source7: BSI.pol
%if %{without manbuild} %if %{without manbuild}
#PATCH-FIX-OPENSUSE Manpages build cycles and dependencies #PATCH-FIX-OPENSUSE Manpages build cycles and dependencies
# To reduce the build dependencies in Ring0, we have to compile the # To reduce the build dependencies in Ring0, we have to compile the
@ -124,6 +126,10 @@ mkdir -p -m 755 %{buildroot}%{_sysconfdir}/crypto-policies/policies/modules/
mkdir -p -m 755 %{buildroot}%{_bindir} mkdir -p -m 755 %{buildroot}%{_bindir}
make DESTDIR=%{buildroot} DIR=%{_datarootdir}/crypto-policies MANDIR=%{_mandir} %{?_smp_mflags} install make DESTDIR=%{buildroot} DIR=%{_datarootdir}/crypto-policies MANDIR=%{_mandir} %{?_smp_mflags} install
# BSI.pol
install -c -m 644 %{SOURCE7} %{buildroot}/%{_datarootdir}/crypto-policies/policies/
install -p -m 644 default-config %{buildroot}%{_sysconfdir}/crypto-policies/config install -p -m 644 default-config %{buildroot}%{_sysconfdir}/crypto-policies/config
touch %{buildroot}%{_sysconfdir}/crypto-policies/state/current touch %{buildroot}%{_sysconfdir}/crypto-policies/state/current
touch %{buildroot}%{_sysconfdir}/crypto-policies/state/CURRENT.pol touch %{buildroot}%{_sysconfdir}/crypto-policies/state/CURRENT.pol