Commit 2a4f7d7
committed
[restapi] Disable TLS session tickets to fix FIPS AES-128-CTR panic
When restapi is built with the FIPS-patched Go toolchain and the
SymCrypt OpenSSL provider is the active FIPS provider, the first
HTTPS request panics during the TLS 1.3 handshake:
http: panic serving X.X.X.X: crypto/cipher: unsupported cipher: AES-128
vendor/github.com/golang-fips/openssl/v2.newCipherCtx
vendor/github.com/golang-fips/openssl/v2.(*aesCipher).NewCTR
crypto/cipher.NewCTR
crypto/tls.(*serverHandshakeStateTLS13).sendSessionTickets
Go's TLS 1.3 server uses AES-128-CTR to encrypt NewSessionTicket
payloads. golang-fips/openssl/v2 routes the cipher allocation to
OpenSSL's EVP_CIPHER_fetch, and the SymCrypt FIPS provider does
not implement AES-128-CTR, so the fetch returns NULL and the
binding panics.
Set SessionTicketsDisabled: true on the HTTPS server's tls.Config.
Session resumption via tickets is not load-bearing for the
management REST API; TLS handshakes still complete normally and
just go through a full handshake every time rather than resuming.1 parent 5224ef4 commit 2a4f7d7
1 file changed
Lines changed: 4 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
50 | 50 | | |
51 | 51 | | |
52 | 52 | | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
53 | 57 | | |
54 | 58 | | |
55 | 59 | | |
| |||
0 commit comments