virnettlscontext: Generate longer DH keys

[PATCH] virnettlscontext: Generate longer DH keys

Posted by Michal Privoznik 2 years, 3 months ago

Currently, we generate 2048 bits long DH keys. This may look
enough, but it's not very future proof. When system crypto policy
is tightened only 3072 or longer keys are valid. From
CRYPTO-POLICIES(7):

  FUTURE
    A conservative security policy that is believed to withstand
    any near-term future attacks. ...

      •   DH params size: >= 3072
      •   RSA keys size: >= 3072

This policy corresponds to GNUTLS_SEC_PARAM_HIGH parameters.
Therefore, pass that to gnutls_sec_param_to_pk_bits() to get
longer key.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---

Technically, this is a v2 of:

https://listman.redhat.com/archives/libvir-list/2021-December/msg00827.html

and was already reviewed. I'm sending it here because I've split the
original patch into two. The first one, which switches to
gnutls_sec_param_to_pk_bits() usage is merged. The second one (this one)
which lengthens the key is not.

 src/rpc/virnettlscontext.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
index 55da485f96..f0b1e8f9c1 100644
--- a/src/rpc/virnettlscontext.c
+++ b/src/rpc/virnettlscontext.c
@@ -718,7 +718,7 @@ static virNetTLSContext *virNetTLSContextNew(const char *cacert,
     if (isServer) {
         unsigned int bits = 0;
 
-        bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM);
+        bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_HIGH);
         if (bits == 0) {
             virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
                            _("Unable to get key length for diffie-hellman parameters"));
-- 
2.34.1

Re: [PATCH] virnettlscontext: Generate longer DH keys

Posted by Martin Kletzander 2 years, 3 months ago

On Mon, Jan 03, 2022 at 01:01:23PM +0100, Michal Privoznik wrote:
>Currently, we generate 2048 bits long DH keys. This may look
>enough, but it's not very future proof. When system crypto policy
>is tightened only 3072 or longer keys are valid. From
>CRYPTO-POLICIES(7):
>
>  FUTURE
>    A conservative security policy that is believed to withstand
>    any near-term future attacks. ...
>
>      •   DH params size: >= 3072
>      •   RSA keys size: >= 3072
>
>This policy corresponds to GNUTLS_SEC_PARAM_HIGH parameters.
>Therefore, pass that to gnutls_sec_param_to_pk_bits() to get
>longer key.
>
>Signed-off-by: Michal Privoznik <mprivozn@redhat.com>

Reviewed-by: Martin Kletzander <mkletzan@redhat.com>

>---
>
>Technically, this is a v2 of:
>
>https://listman.redhat.com/archives/libvir-list/2021-December/msg00827.html
>
>and was already reviewed. I'm sending it here because I've split the
>original patch into two. The first one, which switches to
>gnutls_sec_param_to_pk_bits() usage is merged. The second one (this one)
>which lengthens the key is not.
>
> src/rpc/virnettlscontext.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/src/rpc/virnettlscontext.c b/src/rpc/virnettlscontext.c
>index 55da485f96..f0b1e8f9c1 100644
>--- a/src/rpc/virnettlscontext.c
>+++ b/src/rpc/virnettlscontext.c
>@@ -718,7 +718,7 @@ static virNetTLSContext *virNetTLSContextNew(const char *cacert,
>     if (isServer) {
>         unsigned int bits = 0;
>
>-        bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_MEDIUM);
>+        bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_HIGH);
>         if (bits == 0) {
>             virReportError(VIR_ERR_SYSTEM_ERROR, "%s",
>                            _("Unable to get key length for diffie-hellman parameters"));
>-- 
>2.34.1
>