Using penetration testing of our services protected by the Broadcom Layer 7 API Gateway, a potential vulnerability is exposed.
The API Gateway seems to still support the use of RSA-SHA1 in the TLS1.2 handshake messages that has been deprecated by RFC-9155 (RFC 9155 - Deprecating MD5 and SHA-1 Signature Hashes in TLS 1.2 and DTLS 1.2 (ietf.org)).
We would like to disable the offered RSA-SHA1 Signature Algorithm on the API Gateway side, effectively complying to RFC-9155.
Can this be done and how?
Gateway 11.x
The java runtime is still offering the deprecated algorithm during the TLS 1.2 handshake for backward compatibility , API gateway does not accept the connection when trying to use it.
See openssl response below .
openssl s_client -connect xxx.xxx.xxx.xxx:8443 -sigalgs "RSA+SHA1" -tls1_2
CONNECTED(00000003)
406C76CC787F0000:error:0A0000B5:SSL routines:ssl_cipher_list_to_bytes:no ciphers available:../ssl/statem/statem_clnt.c:3746:No ciphers enabled for max supported SSL/TLS version
To prevent the JAVA runtime to offer the depreciated algorithm you can either :
Modifying "/opt/SecureSpan/Gateway/runtime/etc/profile.d/ssgruntimedefs.sh" and adding the following lines:
default_java_opts="$default_java_opts -Djdk.tls.server.SignatureSchemes=rsa_pkcs1_sha256,rsa_pkcs1_sha384,rsa_pss_rsae_sha256,rsa_pss_rsae_sha384"
default_java_opts="$default_java_opts -Djavax.net.ssl.SSLParameters.setSignatureSchemes=rsa_pkcs1_sha256,rsa_pkcs1_sha384,rsa_pss_rsae_sha256,rsa_pss_rsae_sha384"
Or
you can override java.security by adding the following line to /opt/SecureSpan/Gateway/runtime/etc/ssg.security.
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, RC4, DES, MD5withRSA, \
DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, SHA1, NULL
Restart the Gateway