[FIPS] Ensure that Agent cannot present a client-side TLS certificate created with a RSA keypair of less than 2048 bits length#7912
Conversation
ycombinator
added
enhancement
|
Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane) |
ycombinator
added
backport-8.19
ycombinator
force-pushed
the
fips-remote-client-tests-insecure-key
branch
from
5714883 to
506b629
Compare
|
This PR is failing CI in the @michel-laterman Aren't these tests supposed to run on a machine with the OpenSSL FIPS provider configured and with |
michel-laterman
left a comment
michel-laterman
left a comment
There was a problem hiding this comment.
nitpick: rename agent_secure to fips_valid and agent_insecure to fips_invalid so the purpose of the keys are clearer
|
@ycombinator yes, if we are relying on FIPS enforcement we would either need to run this test with a FIPS provider and the microsoft/go options, or only when 1GODEBUG=fips140=only |
ycombinator
force-pushed
the
fips-remote-client-tests-insecure-key
branch
from
ddb3fd1 to
84f5258
Compare
|
Okay, so it looks like the Specifically, the error message returned from the HTTPS server in the test during TLS handshake is different in each of these four combinations:
In the face of these disparities, I'm not really sure how to write this unit test. Any thoughts? @michel-laterman @kruskall @simitt. Ideally, I think our CI environment should run the microsoft/go toolchain, at least for the two steps where it's running FIPS tests, one with just |
|
Can we test the behaviour of using microsoft/go with |
Sure. It means this PR will fail CI until we have a Buildkite image with microsoft/go and OpenSSL + FIPS provider, which I understand is itself currently waiting on microsoft/go#1654 to be merged. With that, we'd eliminate the last two rows from the table in #7912 (comment), which is helpful. That leaves us with the difference in error from the TLS handshake due to the value of the |
Hi @ycombinator, Microsoft Go dev here. Can you fill an issue explaining this issue in https://github.com/microsoft/go? I'm sure we can improve this situation. |
ycombinator
force-pushed
the
fips-remote-client-tests-insecure-key
branch
from
68d7b5c to
3a9c2ae
Compare
|
… created with a RSA keypair of less than 2048 bits length (#7912) * Adding test for unsupported TLS versions sent by client * Add TODO for second test * Add test case for multiple versions * Removing unused code * Add test for config hosts validation * Remove hosts validation * Refactoring test cases to take in any TLS configuration, not just versions * Add test for RSA keypair with < 2048 key length * Updating comment * Add test case for using certificate with RSA keypair < 2048 bits * Adding test data files * Revert test scope * Update test to fail on handshake * Rename agent key and cert for clarity * Adding test case with secure Agent certificate * Adding README to testdata folder to explain manual generation of keys+certs * Reverting unintended changes from conflict resolution * Removing irrelevant integration test * Remove unused variables * Remove CA private key * Renaming root -> CA for clarity * Rename files and variable to make purpose clearer * Adding .gitignore for CA private key file * Introduce GoDebugFIPS140() function * Separate test cases based on GODEBUG=fips140= value * Rename test cases for clarity * Remove test cases for GODEBUG=fips140=on * Adjust test cases to assume upstream Go instead of Microsoft Go * Be explicit in all constant types * Fix data race (cherry picked from commit 0eb4f0f)
… created with a RSA keypair of less than 2048 bits length (#7912) (#8040) * Adding test for unsupported TLS versions sent by client * Add TODO for second test * Add test case for multiple versions * Removing unused code * Add test for config hosts validation * Remove hosts validation * Refactoring test cases to take in any TLS configuration, not just versions * Add test for RSA keypair with < 2048 key length * Updating comment * Add test case for using certificate with RSA keypair < 2048 bits * Adding test data files * Revert test scope * Update test to fail on handshake * Rename agent key and cert for clarity * Adding test case with secure Agent certificate * Adding README to testdata folder to explain manual generation of keys+certs * Reverting unintended changes from conflict resolution * Removing irrelevant integration test * Remove unused variables * Remove CA private key * Renaming root -> CA for clarity * Rename files and variable to make purpose clearer * Adding .gitignore for CA private key file * Introduce GoDebugFIPS140() function * Separate test cases based on GODEBUG=fips140= value * Rename test cases for clarity * Remove test cases for GODEBUG=fips140=on * Adjust test cases to assume upstream Go instead of Microsoft Go * Be explicit in all constant types * Fix data race (cherry picked from commit 0eb4f0f) Co-authored-by: Shaunak Kashyap <ycombinator@gmail.com>
5 participants
What does this PR do?
This PR ensures that
remote.Clients created with a configuration containing a client-side TLS certificate generated from an RSA keypair < 2048 bits in length cannot be created in FIPS mode.Why is it important?
FIPS-140 does not allow use of RSA with keylengths < 2048 bits.
Checklist
I have made corresponding changes to the documentationI have made corresponding change to the default configuration filesI have added an entry in./changelog/fragmentsusing the changelog toolI have added an integration test or an E2E testDisruptive User Impact
Users using FIPS-capable Elastic Agents with client-side TLS certificates that are generated with RSA, must generate the RSA keypairs with a minimum of 2048 bits key lengths.