[Bug 2072974] Re: python3-paramiko is unusable on Jammy in FIPS mode

[Eric Berry]

** Description changed:

  [ Impact ]
  * When one enables FIPS mode on a Jammy system and then attempts to use paramiko in Python, the module crashes.
  
  * The cryptography package throws an InternalError when it finds that X25519 is
  unsupported. This error is not being caught and is crashing the import of the
  paramiko package. The fix is to catch the InternalError exception and return
  false that X25519 is not supported.
  
  [ Test Plan ]
  
  * Enable FIPS on a Jammy system.
    - sudo pro attach <token>
    - sudo pro enable fips-preview # Non-preview not supported yet?
    - sudo reboot
  (To test FIPS on a Noble system)
    - sudo add-apt-repository ppa:fips-cc-stig/fips-under-certification
-   - sudo apt install -y ubuntu-fips openssh-server=1:9.6p1-3ubuntu13+Fips1~rc0
-         openssh-client=1:9.6p1-3ubuntu13+Fips1~rc0
-         openssh-sftp-server=1:9.6p1-3ubuntu13+Fips1~rc0
+   - sudo apt install -y ubuntu-fips openssh-server=1:9.6p1-3ubuntu13+Fips1~rc0 \
+         openssh-client=1:9.6p1-3ubuntu13+Fips1~rc0 \
+         openssh-sftp-server=1:9.6p1-3ubuntu13+Fips1~rc0 \
          --allow-downgrades --yes
  * Run the Python3 interpreter.
  * Import paramiko and observe the crash.
  * Close the Python3 interpreter.
  * Upgrade to the new version of Paramiko.
  * Run the Python3 interpreter.
  * Import paramiko and observe no crash.
  * FIPS is not available on Oracular, however the bug should be fixed in Oracular and all future versions
  
  [ Where problems could occur ]
  
  * If any code relies on that InternalError occurring when checking if X25519 is available, this code will now not work properly because the function will return
  false instead of throwing the InternalError.
  
  [ Other Info ]
  
  Hello! When one enables FIPS mode on a Jammy system and then attempts to
  use paramiko in Python, the module crashes with the following output:
  
  ---
      root at jipster:~# cat /proc/sys/crypto/fips_enabled
      1
      root at jipster:~# python3
      Python 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] on linux
      Type "help", "copyright", "credits" or "license" for more information.
      >>> import paramiko
      Traceback (most recent call last):
        File "<stdin>", line 1, in <module>
        File "/usr/lib/python3/dist-packages/paramiko/__init__.py", line 22, in <module>
          from paramiko.transport import SecurityOptions, Transport
        File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 133, in <module>
          class Transport(threading.Thread, ClosingContextManager):
        File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 208, in Transport
          if KexCurve25519.is_available():
        File "/usr/lib/python3/dist-packages/paramiko/kex_curve25519.py", line 30, in is_available
          X25519PrivateKey.generate()
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/asymmetric/x25519.py", line 46, in generate
          return backend.x25519_generate_key()
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 2317, in x25519_generate_key
          evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_X25519)
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 2305, in _evp_pkey_keygen_gc
          self.openssl_assert(evp_pkey_ctx != self._ffi.NULL)
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 242, in openssl_assert
          return binding._openssl_assert(self._lib, ok, errors=errors)
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/bindings/openssl/binding.py", line 77, in _openssl_assert
          raise InternalError(
      cryptography.exceptions.InternalError: Unknown OpenSSL error. This error is commonly encountered when another library is not cleaning up the OpenSSL error stack. If you are using cryptography with another library that uses OpenSSL try disabling it before reporting a bug. Otherwise please file an issue at https://github.com/pyca/cryptography/issues with information on how to reproduce this. ([_OpenSSLErrorWithText(code=50856204, lib=6, reason=524556, reason_text=b'error:0308010C:digital envelope routines::unsupported')])
  ---
  
  In the above trace, it appears to be attempting to generate an x25519
  key, which isn't an acceptable alg's in FIPS 140-3 and thus fails to
  work.
  
  1. root at jipster:~# lsb_release -rd
  Description:	Ubuntu 22.04.4 LTS
  Release:	22.04
  
  2. root at jipster:~# apt-cache policy python3-paramiko
  python3-paramiko:
    Installed: 2.9.3-0ubuntu1.2
    Candidate: 2.9.3-0ubuntu1.2
  
  3. Expect that one can import the paramiko module successfully for use
  4. Module crashes when (presumably) it attempts to use disallowed alg

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2072974

Title:
  python3-paramiko is unusable on Jammy in FIPS mode

Status in paramiko package in Ubuntu:
  Confirmed

Bug description:
  [ Impact ]
  * When one enables FIPS mode on a Jammy system and then attempts to use paramiko in Python, the module crashes.

  * The cryptography package throws an InternalError when it finds that X25519 is
  unsupported. This error is not being caught and is crashing the import of the
  paramiko package. The fix is to catch the InternalError exception and return
  false that X25519 is not supported.

  [ Test Plan ]

  * Enable FIPS on a Jammy system.
    - sudo pro attach <token>
    - sudo pro enable fips-preview # Non-preview not supported yet?
    - sudo reboot
  (To test FIPS on a Noble system)
    - sudo add-apt-repository ppa:fips-cc-stig/fips-under-certification
    - sudo apt install -y ubuntu-fips openssh-server=1:9.6p1-3ubuntu13+Fips1~rc0 \
          openssh-client=1:9.6p1-3ubuntu13+Fips1~rc0 \
          openssh-sftp-server=1:9.6p1-3ubuntu13+Fips1~rc0 \
          --allow-downgrades --yes
  * Run the Python3 interpreter.
  * Import paramiko and observe the crash.
  * Close the Python3 interpreter.
  * Upgrade to the new version of Paramiko.
  * Run the Python3 interpreter.
  * Import paramiko and observe no crash.
  * FIPS is not available on Oracular, however the bug should be fixed in Oracular and all future versions

  [ Where problems could occur ]

  * If any code relies on that InternalError occurring when checking if X25519 is available, this code will now not work properly because the function will return
  false instead of throwing the InternalError.

  [ Other Info ]

  Hello! When one enables FIPS mode on a Jammy system and then attempts
  to use paramiko in Python, the module crashes with the following
  output:

  ---
      root at jipster:~# cat /proc/sys/crypto/fips_enabled
      1
      root at jipster:~# python3
      Python 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] on linux
      Type "help", "copyright", "credits" or "license" for more information.
      >>> import paramiko
      Traceback (most recent call last):
        File "<stdin>", line 1, in <module>
        File "/usr/lib/python3/dist-packages/paramiko/__init__.py", line 22, in <module>
          from paramiko.transport import SecurityOptions, Transport
        File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 133, in <module>
          class Transport(threading.Thread, ClosingContextManager):
        File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 208, in Transport
          if KexCurve25519.is_available():
        File "/usr/lib/python3/dist-packages/paramiko/kex_curve25519.py", line 30, in is_available
          X25519PrivateKey.generate()
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/asymmetric/x25519.py", line 46, in generate
          return backend.x25519_generate_key()
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 2317, in x25519_generate_key
          evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_X25519)
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 2305, in _evp_pkey_keygen_gc
          self.openssl_assert(evp_pkey_ctx != self._ffi.NULL)
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 242, in openssl_assert
          return binding._openssl_assert(self._lib, ok, errors=errors)
        File "/usr/lib/python3/dist-packages/cryptography/hazmat/bindings/openssl/binding.py", line 77, in _openssl_assert
          raise InternalError(
      cryptography.exceptions.InternalError: Unknown OpenSSL error. This error is commonly encountered when another library is not cleaning up the OpenSSL error stack. If you are using cryptography with another library that uses OpenSSL try disabling it before reporting a bug. Otherwise please file an issue at https://github.com/pyca/cryptography/issues with information on how to reproduce this. ([_OpenSSLErrorWithText(code=50856204, lib=6, reason=524556, reason_text=b'error:0308010C:digital envelope routines::unsupported')])
  ---

  In the above trace, it appears to be attempting to generate an x25519
  key, which isn't an acceptable alg's in FIPS 140-3 and thus fails to
  work.

  1. root at jipster:~# lsb_release -rd
  Description:	Ubuntu 22.04.4 LTS
  Release:	22.04

  2. root at jipster:~# apt-cache policy python3-paramiko
  python3-paramiko:
    Installed: 2.9.3-0ubuntu1.2
    Candidate: 2.9.3-0ubuntu1.2

  3. Expect that one can import the paramiko module successfully for use
  4. Module crashes when (presumably) it attempts to use disallowed alg

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/paramiko/+bug/2072974/+subscriptions