3 Using the Cryptographic Framework
This chapter describes how to use the Cryptographic Framework, and covers the following topics:
Protecting Files With the Cryptographic Framework
This section describes how to generate symmetric keys, how to create checksums for file integrity, and how to protect files from eavesdropping. System users can run the commands described in this section, and developers can write scripts that use them.
To configure your system in FIPS 140-2 mode, you must use FIPS 140-2 validated algorithms, modes, and key lengths. See FIPS 140-2 Algorithms in the Cryptographic Framework in Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4.
The Cryptographic Framework can help you protect your files. The following task map points to procedures for listing the available algorithms, and for protecting your files cryptographically.
Table 3-1 Protecting Files With the Cryptographic Framework Task Map
Task | Description | For Instructions |
---|---|---|
Generate a symmetric key. |
Generates a key of user-specified length. Optionally, stores the key in a file or in a PKCS #11 keystore. For FIPS 140-2 approved mode, select a key type, mode, and key length that has been validated for FIPS 140-2. See FIPS 140-2 Algorithms in the Cryptographic Framework in Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4. |
|
Provide a checksum that ensures the integrity of a file. |
Verifies that the receiver's copy of a file is identical to the file that was sent. |
|
Protect a file with a message authentication code (MAC). |
Verifies to the receiver of your message that you were the sender. |
|
Encrypt a file, and then decrypt the encrypted file. |
Protects the content of files by encrypting the file. Provides the encryption parameters to decrypt the file. |
How to Generate a Symmetric Key by Using the pktool Command
Some applications require a symmetric key for encryption and decryption of communications. In this procedure, you create a symmetric key and store it.
If your site has a random number generator, you can use the generator to create a random number for the key. This procedure does not use your site's random number generator.
Example 3-1 Creating a Symmetric Key by Using the pktool
Command
In the following example, a user creates a PKCS #11 keystore for the first time and then generates a large symmetric key for an application. Finally, the user verifies that the key is in the keystore.
Note that the initial password for a PKCS #11 keystore
is changeme
.
$ pktool setpin Create new passphrase:xxxxxxxx Re-enter new passphrase:xxxxxxxx Passphrase changed. $ pktool genkey label=specialappkey keytype=generic keylen=1024 Enter PIN for Sun Software PKCS#11 softtoken :xxxxxxxx $ pktool list objtype=key Enter PIN for Sun Software PKCS#11 softtoken :Type password No. Key Type Key Len. Key Label ---------------------------------------------------- Symmetric keys: 1 Symmetric 1024 specialappkey
Example 3-2 Creating a FIPS 140-2 Approved AES Key by Using the pktool
Command
In the following example, a secret key for the AES algorithm is created
using a FIPS 140-2 approved algorithm and key length. The key is stored in a
local file for later decryption. The command protects the file with
400
permissions. When the key is created, the
print=y
option displays the generated key in the
terminal window.
The user who owns the keyfile retrieves the key by using the
od
command.
$ pktool genkey keystore=file outkey=256bit.file1 keytype=aes keylen=256 print=y Key Value ="aaa2df1d10f02eaee2595d48964847757a6a49cf86c4339cd5205c24ac8c8873" $ od -x 256bit.file1 0000000 aaa2 df1d 10f0 2eae e259 5d48 9648 4775 0000020 7a6a 49cf 86c4 339c d520 5c24 ac8c 8873 0000040
Example 3-3 Creating a Symmetric Key for IPsec Security Associations
In the following example, the administrator manually
creates the keying material for IPsec SAs and stores them in files.
Then, the administrator copies the keys to the
/etc/inet/secret/ipseckeys
file, destroys the
original files, and sends the ipseckeys
file to
the communicating system by a secure mechanism.
First, the administrator creates and displays the keys that the IPsec policy requires:
$ pktool genkey keystore=file outkey=ipencrin1 keytype=aes keylen=256 print=y Key Value ="294979e512cb8e79370dabeca...................dc3fcbb849e78d2d6bd2049" $ pktool genkey keystore=file outkey=ipencrout1 keytype=aes keylen=256 print=y Key Value ="9678f80e33406c86e3d1686e5...................0406bd0434819c20d09d204" $ pktool genkey keystore=file outkey=ipspi1 keytype=aes keylen=32 print=y Key Value ="acb...0" $ pktool genkey keystore=file outkey=ipspi2 keytype=aes keylen=32 print=y Key Value ="191...5" $ pktool genkey keystore=file outkey=ipsha21 keytype=aes keylen=256 print=y Key Value ="659c20f2d6c3f9570bcee93e9...................3369f72c5c786af4177fe9e" $ pktool genkey keystore=file outkey=ipsha22 keytype=aes keylen=256 print=y Key Value ="b041975a0e1fce0503665c396....................cf87b0a837b2da5d82c810"
Then, the administrator creates the following
/etc/inet/secret/ipseckeys
file:
## SPI values require a leading 0x. ## Backslashes indicate command continuation. ## ## for outbound packets on this system add esp spi 0xacb...20 \ src 192.0.2.1 dst 192.0.2.2 \ encr_alg aes auth_alg sha256 \ encrkey 294979e512cb8e79370dabeca...................dc3fcbb849e78d2d6bd2049 \ authkey 659c20f2d6c3f9570bcee93e9...................3369f72c5c786af4177fe9e ## ## for inbound packets add esp spi 0x191...5 \ src 192.0.2.2 dst 192.0.2.1 \ encr_alg aes auth_alg sha256 \ encrkey 9678f80e33406c86e3d1686e5...................0406bd0434819c20d09d204 \ authkey b041975a0e1fce0503665c396....................cf87b0a837b2da5d82c810
After verifying that the syntax of the ipseckeys
file
is valid, the administrator destroys the original key files.
$ ipseckey -c /etc/inet/secret/ipseckeys $ rm ipencrin1 ipencrout1 ipspi1 ipspi2 ipsha21 ipsha22
The administrator copies the ipseckeys
file to the
communicating system by using the ssh
command or another
secure mechanism. On the communicating system, the protections are
reversed. The first entry in the ipseckeys
file
protects inbound packets, and the second entry protects outbound packets.
No keys are generated on the communicating system.
To proceed with using the key to create a message authentication code (MAC) for a file, see How to Compute a MAC of a File.
How to Compute a Digest of a File
When you compute a digest of a file, you can check to see that the file has not been tampered with by comparing digest outputs. A digest does not alter the original file.
Example 3-4 Computing a Digest With a SHA2 Mechanism
In the following example, the
digest
command uses a SHA2 mechanism to provide a
directory listing. The results are placed in a file.
$ digest -v -a sha512 docs/* > $HOME/digest.docs.legal.05.07 $ more ~/digest.docs.legal.05.07 sha512 (docs/legal1) = a269d...c618e1bf19b3d5c9f835242708eb2b572d7b sha512 (docs/legal2) = 57be3...59a7168564296c142715cc9ed979dd838a7b sha512 (docs/legal3) = ed31d...0fb3b80d4cd58327bcc29b2e7b90a0af6770 sha512 (docs/legal4) = 67ce1...0ba0c55695614329110d0686bc2773630b5f
How to Compute a MAC of a File
A message authentication code, or MAC, computes a digest for the file and uses a secret key to further protect the digest. A MAC does not alter the original file.
Example 3-5 Computing a MAC With SHA256_HMAC and a Passphrase
In the following example, the email attachment is authenticated with the SHA256_HMAC mechanism and a key that is derived from a passphrase. The MAC listing is saved to a file. If the passphrase is stored in a file, the file should not be readable by anyone but the user.
$ mac -v -a sha256_hmac email.attach Enter passphrase: Type passphrase sha256_hmac (email.attach) = 9c1ee...d6eb74e5d693b7605c96a23df238e52 $ echo "sha256_hmac (email.attach) = 9c1ee...d6eb74e5d693b7605c96a23df238e52" \ >> ~/sha256hmac.daily.05.13
Example 3-6 Computing a MAC With SHA256_HMAC and a Key File
In the following example, the directory manifest is authenticated with the SHA256_HMAC mechanism and a secret key. The results are placed in a file.
$ mac -v -a sha256_hmac \ -k $HOME/keyf/05.07.mack64 docs/* > $HOME/mac.docs.legal.05.07 $ more ~/mac.docs.legal.05.07 sha256_hmac (docs/legal1) = e1eb...814a595fb6f0aa8c77f6ef35a7f24ae07d1b9a55 sha256_hmac (docs/legal2) = 0460...88a34b895687ecfd97d1647b90fe3618f5114ff9 sha256_hmac (docs/legal3) = 9c1e...eee8a9913d6eb74e5d693b7605c96a23df238e52 sha256_hmac (docs/legal4) = 389f...cb340d33cca5e4aaa18534c06426d32594bdedf6
Example 3-7 Computing a MAC With SHA256_HMAC and a Key Label
In the following example, the directory manifest is
authenticated with the SHA256_HMAC mechanism and a secret key. The
results are placed in the user's PKCS #11 keystore. The user initially
created the keystore and the password to the keystore by using the
pktool setpin
command.
$ mac -a sha256_hmac -K legaldocs0507 docs/*
Enter pin for Sun Software PKCS#11 softtoken:Type password
To retrieve the MAC from the keystore, the user uses the verbose option, and provides the key label and the name of the directory that was authenticated.
$ mac -v -a sha256_hmac -K legaldocs0507 docs/*
Enter pin for Sun Software PKCS#11 softtoken:Type password
sha256_hmac (docs/legal1) = e1eb...814a595fb6f0aa8c77f6ef35a7f24ae07d1b9a55
sha256_hmac (docs/legal2) = 0460...88a34b895687ecfd97d1647b90fe3618f5114ff9
sha256_hmac (docs/legal3) = 9c1e...eee8a9913d6eb74e5d693b7605c96a23df238e52
sha256_hmac (docs/legal4) = 389f...cb340d33cca5e4aaa18534c06426d32594bdedf6
How to Encrypt and Decrypt a File
When you encrypt a file, the original file is not removed or changed. The output file is encrypted.
For solutions to common errors related to the encrypt
command, see the section that follows the examples.
Note:
When encrypting and decrypting files, try to use FIPS 140-2 approved algorithms with approved key lengths whenever possible. See FIPS 140-2 Algorithms in the Cryptographic Framework in Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4. Run theencrypt -l
command to view available algorithms and their key lengths.
Example 3-8 Creating an AES Key for Encrypting Your Files
In the following example, a user creates and stores an AES key in an existing PKCS #11 keystore for use in encryption and decryption. The user can verify that the key exists and can use the key, but cannot view the key itself.
$ pktool genkey label=MyAESkeynumber1 keytype=aes keylen=256 Enter PIN for Sun Software PKCS#11 softtoken :xxxxxxxx $ pktool list objtype=key Enter PIN for Sun Software PKCS#11 softtoken :xxxxxxxx No. Key Type Key Len. Key Label ---------------------------------------------------- Symmetric keys: 1 AES 256 MyAESkeynumber1
To use the key to encrypt a file, the user retrieves the key by its label.
$ encrypt -a aes -K MyAESkeynumber1 -i encryptthisfile -o encryptedthisfile
To decrypt the encryptedthisfile
file, the user
retrieves the key by its label.
$ decrypt -a aes -K MyAESkeynumber1 -i encryptedthisfile -o sameasencryptthisfile
Example 3-9 Encrypting and Decrypting With AES and a Passphrase
In this example, a file is encrypted with the AES algorithm. The key is generated from the passphrase. If the passphrase is stored in a file, the file should not be readable by anyone but the user.
$ encrypt -a aes -i ticket.to.ride -o ~/enc/e.ticket.to.ride Enter passphrase: xxxxxxxx Re-enter passphrase: xxxxxxxx
The input file, ticket.to.ride
, still exists in its original form.
To decrypt the output file, the user uses the same passphrase and encryption mechanism that encrypted the file.
$ decrypt -a aes -i ~/enc/e.ticket.to.ride -o ~/d.ticket.to.ride Enter passphrase: xxxxxxxx
Example 3-10 Encrypting and Decrypting With AES and a Key File
In this example, a file is encrypted with the AES algorithm. AES mechanisms use a key of 128 bits, or 16 bytes.
$ encrypt -a aes -k ~/keyf/05.07.aes128 \ -i ticket.to.ride -o ~/enc/e.ticket.to.ride
The input file, ticket.to.ride
, still exists in its
original form.
To decrypt the output file, the user uses the same key and encryption mechanism that encrypted the file.
$ decrypt -a aes -k ~/keyf/05.07.aes128 \ -i ~/enc/e.ticket.to.ride -o ~/d.ticket.to.ride
The following messages indicate that the key that you
provided to the encrypt
command is not permitted
by the algorithm that you are using.
-
encrypt: unable to create key for crypto operation: CKR_ATTRIBUTE_VALUE_INVALID
-
encrypt: failed to initialize crypto operation: CKR_KEY_SIZE_RANGE
If you pass a key that does not meet the requirements of the algorithm, you must supply a better key by using one of the following methods:
-
Use a passphrase. The framework then provides a key that meets the requirements.
-
Pass a key size that the algorithm accepts. For example, the DES algorithm requires a key of 64 bits. The 3DES algorithm requires a key of 192 bits.
Administering the Cryptographic Framework
This section describes how to administer the software providers and the hardware providers in the Cryptographic Framework. You can, for example, disable the implementation of an algorithm from one software provider. You can then force the system to use the algorithm from a different software provider.
Caution:
Do not disable the default providers that are included with the Oracle Solaris operating system. In particular, thepkcs11_softtoken
provider is a required part of Oracle Solaris and must not be disabled by using the cryptoadm
command. Some of the cryptographic algorithms may be hardware accelerated. Administrators can run the following command to view a list of cryptographic algorithms for their system and check the HW
column in the output: $ cryptoadm list -vm provider='/usr/lib/security/$ISA/pkcs11_softtoken.so'`
For more information, see the pkcs11_softtoken(7) man page.
Note:
An important component of administering the Cryptographic Framework is to plan and implement your policy regarding FIPS 140-2, the U.S. Government computer security standard for cryptography modules. If you have a strict requirement to use only FIPS 140-2 validated cryptography, you must be running the Oracle Solaris 11.3 SRU 5.6 release. Oracle completed a FIPS 140-2 validation against the Cryptographic Framework in this specific release. Oracle Solaris 11.4 builds on this validated foundation and includes software improvements that address performance, functionality, and reliability. Whenever possible, you should configure Oracle Solaris 11.4 in FIPS 140-2 mode to take advantage of these improvements.Review Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4 and plan an overall FIPS 140-2 policy for your systems.
The following task map points to procedures for administering software and hardware providers in the Cryptographic Framework.
Table 3-2 Administering the Cryptographic Framework Task Map
Task | Description | For Instructions |
---|---|---|
Plan the FIPS 140-2 policy for your systems. |
Decide on your plan for enabling FIPS 140-2 approved providers and consumers and implement your plan. |
|
List the providers in the Cryptographic Framework. |
Lists the algorithms, libraries, and hardware devices that are available for use in the Cryptographic Framework. |
|
Enable FIPS 140-2 mode. |
Runs the Cryptographic Framework to a U.S. government standard for cryptography modules. |
|
Add a software provider. |
Adds a PKCS #11 library or a kernel module to the Cryptographic Framework. The provider must be signed. |
|
Prevent the use of a user-level mechanism. |
Removes a software mechanism from use. The mechanism can be enabled again. |
|
Temporarily disable mechanisms from a kernel module. |
Temporarily removes a mechanism from use. Usually used for testing. |
|
Uninstall a library. |
Removes a user-level software provider from use. |
|
Uninstall a kernel provider. |
Removes a kernel software provider from use. |
|
Disable mechanisms from a hardware provider. |
Ensures that selected mechanisms on a hardware accelerator are not used. |
|
Restart or refresh cryptographic services. |
Ensures that cryptographic services are available. |
Listing Available Providers
Hardware providers are automatically located and loaded. For more information, see the driver.conf(5) man page.
When you have hardware that expects to plug in to the Cryptographic Framework, the hardware registers with the SPI in the kernel. The framework checks that the hardware driver is signed. Specifically, the framework checks that the object file of the driver is signed with a certificate that Oracle issues.
For information about getting your provider signed, see the information about the elfsign
command in User-Level Commands in the Cryptographic Framework.
To list available providers, you use the cryptoadm list
commands with different options depending on the specific information you want to obtain.
-
Listing all the providers on the system.
The contents and format of the providers list varies for different Oracle Solaris releases and different hardware platforms. Run the
cryptoadm list
command on your system to see the providers that your system supports. Only those mechanisms at the user level are available for direct use by regular users.$ cryptoadm list User-level providers:/* for applications */ Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so Kernel providers:/* for IPsec, Kerberos */ des aes arcfour blowfish camellia ecc sha1 sha2 sha3 md5 rsa swrand n2rng/0 /* for hardware */
-
Listing the providers and their mechanisms in the Cryptographic Framework.
You can view the strength and modes, such as
ECB
andCBC
, of the available mechanisms. However, some of the listed mechanisms might be unavailable for use. See the next item for instructions about how to list which mechanisms can be used.The following output is truncated for display purposes.
$ cryptoadm list -m [provider=provider] User-level providers: ===================== Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so Mechanisms: CKM_CAMELLIA_CBC CKM_CAMELLIA_CBC_PAD CKM_CAMELLIA_CTR CKM_CAMELLIA_ECB CKM_CAMELLIA_KEY_GEN CKM_DES_CBC ... CKM_ECDSA_SHA1 CKM_ECDH1_DERIVE Kernel providers: ========================== des: CKM_DES_ECB,CKM_DES_CBC,CKM_DES3_ECB,CKM_DES3_CBC aes: CKM_AES_ECB,CKM_AES_CBC,CKM_AES_CTR,...CKM_AES_CFB8 arcfour: CKM_RC4 blowfish: CKM_BLOWFISH_ECB,CKM_BLOWFISH_CBC camellia: CKM_CAMELLIA_CBC,CKM_CAMELLIA_CTR,CKM_CAMELLIA_CTS,CKM_CAMELLIA_ECB ecc: CKM_EC_KEY_PAIR_GEN,CKM_ECDH1_DERIVE,CKM_ECDSA, \ CKM_ECDSA_SHA1 sha1: CKM_SHA_1,CKM_SHA_1_HMAC,CKM_SHA_1_HMAC_GENERAL sha2: CKM_SHA224,CKM_SHA224_HMAC,...CKM_SHA512_256_HMAC_GENERAL sha3: CKM_SHA3_224,CKM_SHA3_224_HMAC,CKM_SHA3_256,...CKM_SHA3_512_HMAC md5: CKM_MD5,CKM_MD5_HMAC,CKM_MD5_HMAC_GENERAL rsa: CKM_RSA_PKCS,CKM_RSA_X_509,...CKM_SHA512_RSA_PKCS swrand: No mechanisms presented. n2rng/0: No mechanisms presented.
-
Listing the available cryptographic mechanisms.
Policy determines which mechanisms are available for use. The administrator sets the policy. An administrator can choose to disable mechanisms from a particular provider. The ‐p option displays the list of mechanisms that are permitted by the policy that the administrator has set.
$ cryptoadm list -p [provider=provider] User-level providers: ===================== /usr/lib/security/$ISA/pkcs11_softtoken.so: \ all mechanisms are enabled, random is enabled.
Kernel providers: ========================== des: all mechanisms are enabled. aes: all mechanisms are enabled. arcfour: all mechanisms are enabled. blowfish: all mechanisms are enabled. camellia: all mechanisms are enabled. ecc: all mechanisms are enabled. sha1: all mechanisms are enabled. sha2: all mechanisms are enabled. sha3: all mechanisms are enabled. md5: all mechanisms are enabled. rsa: all mechanisms are enabled. swrand: random is enabled. n2rng/0: all mechanisms are enabled. random is enabled.
The following examples show additional specific uses of the cryptoadm list
command.
Example 3-11 Listing Cryptographic Information of a Specific Provider
Specifying the provider in the cryptoadm options
command limits the output only to information that is applicable to the provider.
$ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so
/usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_DES_CMC, CKM_DES_ECB,...random is disabled.
The following output shows that only the mechanisms have been enabled. The random generator continues to be disabled.
$ cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so mechanism=all $ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled. random is disabled.
The following output shows that every feature and mechanism on the board has been enabled.
$ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms ar enabled, except CKM_DES_ECB,CKM_DES3_ECB. random is disabled. $ cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so all $ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled. random is enabled.
Example 3-12 Finding User-Level Cryptographic Mechanisms Only
In the following example, all mechanisms that the user-level library, pkcs11_softtoken
, offers are listed.
$ cryptoadm list -m provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so
Mechanisms:
CKM_CAMELLIA_CBC
CKM_CAMELLIA_CBC_PAD
CKM_CAMELLIA_CTR
CKM_CAMELLIA_ECB
CKM_CAMELLIA_KEY_GEN
CKM_DES_CBC
…
CKM_ECDSA
CKM_ECDSA_SHA1
CKM_ECDH1_DERIVE
Example 3-13 Determining Which Cryptographic Mechanisms Perform Which Functions
Mechanisms perform specific cryptographic functions, such as signing or key generation. The ‐v ‐m options display every mechanism and its functions.
In this example, the administrator wants to determine the functions for which the CKM_ECDSA*
mechanisms can be used.
$ cryptoadm list -vm
...
Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so
Description: Sun Crypto Softtoken
Manufacturer: Oracle Corporation
PKCS#11 Version: 2.40
...
Mechanisms:
E D S V P E E
n e D i V e K a U D x C
c c i g e r e i n e t
r r g S + r + y r W w r e C
y y e i R i R G G r r i n a
H p p s g e f e e e a a v s p
Mechanism Name Minimum Maximum W t t t n c y c n n p p e n s
---------------------- ------- ---------- - - - - - - - - - - - - - - -
...
CKM_ECDSA_SHA1 112 571 . . . . X . X . . . . . . . .
CKM_ECDH1_DERIVE 112 571 . . . . . . . . . . . . X . .
...
Kernel providers:
=================
...
ecc: CKM_EC_KEY_PAIR_GEN,CKM_ECDH1_DERIVE,CKM_ECDSA,CKM_ECDSA_SHA1
...
Each item in an entry represents a piece of information about the mechanism. For these ECC mechanisms, the listing indicates the following:
-
Minimum length – 112 bytes
-
Maximum length – 571 bytes
-
Hardware – Is or is not available on hardware.
-
Encrypt – Is not used to encrypt data.
-
Decrypt – Is not used to decrypt data.
-
Digest – Is not used to create message digests.
-
Sign – Is used to sign data.
-
Sign + Recover – Is not used to sign data, where the data can be recovered from the signature.
-
Verify – Is used to verify signed data.
-
Verify + Recover – Is not used to verify data that can be recovered from the signature.
-
Key generation – Is not used to generate a private key.
-
Pair generation – Is not used to generate a key pair.
-
Wrap – Is not used to wrap. that is, encrypt, an existing key.
-
Unwrap – Is not used to unwrap a wrapped key.
-
Derive – Is not used to derive a new key from a base key.
-
EC Caps – Absent EC capabilities that are not covered by previous items
Adding a Software Provider
The following procedure explains how to add providers to the system. You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Enabling FIPS 140-2 Mode in Oracle Solaris
By default, FIPS 140-2 mode is disabled in Oracle Solaris. In this procedure, you create a boot environment (BE) for FIPS 140-2 mode, then activate and boot the new BE.
How to Create a Boot Environment With FIPS 140-2 Enabled
You must assume the root
role. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Preventing the Use of Mechanisms
If some of the cryptographic mechanisms from a library provider should not be used, you can remove selected mechanisms. You might consider preventing the use of mechanisms if, for example, the same mechanism in another library performs better, or if a security vulnerability is being investigated.
If the Cryptographic Framework provides multiple modes of a provider such as AES, you might remove a slow mechanism from use, or a corrupted mechanism. You might also use this procedure to remove an algorithm with proven security vulnerabilities.
You can selectively disable mechanisms and the random number feature from a hardware provider. To enable them again, see Selectively Enabling Mechanisms and Features on a Provider. The hardware in this example provides a random number generator.
How to Prevent the Use of a User-Level Mechanism
You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Example 3-14 Enabling a User-Level Software Provider Mechanism
In this example, a disabled AES mechanism is again made available for use.
$ cryptoadm list -m provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so Mechanisms: CKM_CAMELLIA_CBC CKM_CAMELLIA_CBC_PAD CKM_CAMELLIA_CTR ... CKM_ECDSA_SHA1 CKM_ECDH1_DERIVE $ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_AES_ECB,CKM_DES_CBC_PAD,CKM_DES_CBC. random is enabled. $ cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so \ > mechanism=CKM_AES_ECB $ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_DES_CBC_PAD,CKM_DES_CBC. random is enabled.
Example 3-15 Enabling All User-Level Software Provider Mechanisms
In the following example, all mechanisms from the user-level library are enabled.
$ cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so all $ cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled. random is enabled.
Example 3-16 Permanently Removing a User-Level Library
In this
example, a libpkcs11.so.1
library from the /opt
directory is removed.
$ cryptoadm uninstall provider=/opt/lib/\$ISA/libpkcs11.so.1 $ cryptoadm list User-level providers: Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so Kernel providers: ...
How to Prevent the Use of a Kernel Software Mechanism
You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Example 3-17 Enabling a Kernel Software Provider Mechanism
In this example, a disabled AES mechanism is again made available for use.
cryptoadm list -m provider=aes aes: CKM_AES_ECB,CKM_AES_CBC,CKM_AES_CTR,CKM_AES_CCM,CKM_AES_GCM,\ CKM_AES_GMAC,CKM_AES_CFB128,CKM_AES_XTS,CKM_AES_XCBC_MAC,\ CKM_AES_XCBC_MAC_96,CKM_AES_CMAC,CKM_AES_CTS,CKM_AES_CFB8 $ cryptoadm list -p provider=aes aes: all mechanisms are enabled, except CKM_AES_ECB. $ cryptoadm enable provider=aes mechanism=CKM_AES_ECB $ cryptoadm list -p provider=aes aes: all mechanisms are enabled.
Example 3-18 Temporarily Removing Kernel Software Provider Availability
In the following example, the AES provider is
temporarily removed from use. The unload
subcommand is useful to
prevent a provider from being loaded automatically while the
provider is being uninstalled. For example, the
unload
subcommand might be used when modifying a
mechanism of this provider.
$ cryptoadm unload provider=aes
$ cryptoadm list ... Kernel software providers: des aes (inactive) arcfour blowfish ecc sha1 sha2 sha3 md5 rsa swrand n2rng/0
The AES provider is unavailable until the Cryptographic Framework is refreshed.
$ svcadm refresh system/cryptosvc
$ cryptoadm list ... Kernel software providers: des aes arcfour blowfish camellia ecc sha1 sha2 sha3 md5 rsa swrand n2rng/0
If a kernel consumer is using the kernel software provider, the software is not unloaded. An error message is displayed and the provider continues to be available for use.
Example 3-19 Permanently Removing Software Provider Availability
In the following example, the AES provider is removed from use. Once removed, the AES provider does not appear in the policy listing of kernel software providers.
$ cryptoadm uninstall provider=aes
$ cryptoadm list
...
Kernel software providers:
des
arcfour
blowfish
camellia
ecc
sha1
sha2
sha3
md5
rsa
swrand
n2rng/0
Example 3-20 Reinstalling a Removed Kernel Software Provider
In the following example, the AES kernel software provider is reinstalled. To reinstall a removed kernel provider, you must enumerate the mechanisms to be installed.
$ cryptoadm install provider=aes \ mechanism=CKM_AES_ECB,CKM_AES_CBC,CKM_AES_CTR,CKM_AES_CCM,CKM_AES_GCM, CKM_AES_GMAC,CKM_AES_CFB128,CKM_AES_XTS,CKM_AES_XCBC_MAC, CKM_AES_XCBC_MAC_96,CKM_AES_CMAC,CKM_AES_CTS,CKM_AES_CFB8
$ cryptoadm list
...;
Kernel software providers:
des
aes
arcfour
blowfish
camellia
ecc
sha1
sha2md5
rsa
swrand
n2rng/0
How to Disable Hardware Provider Mechanisms and Features
You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Example 3-21 Selectively Enabling Mechanisms and Features on a Provider
In these examples, disabled mechanisms on a provider are selectively enabled or disabled.
# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so
/usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled except CKM_RSA_PKCS,CKM_DES_ECB,CKM_DES3_ECB. random is enabled.
# cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so mechanism=CKM_RSA_PKCS # cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled except CKM_DES_ECB,CKM_DES3_ECB. random is enabled.
In this example, only the random generator is enabled.
# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_MD5,CKM_MD5_HMAC,…. random is disabled. # cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so random # cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_MD5,CKM_MD5_HMAC,…. random is enabled.
In this example, only the mechanisms are enabled. The random generator continues to be disabled.
# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_RSA_PKCS,CKM_RSA_X_509,…. random is disabled. # cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so mechanism=all # cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled. random is disabled.
In this example, every feature and mechanism on the board is enabled.
# cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled, except CKM_RSA_PKCS,CKM_RSA_X_509. random is disabled. # cryptoadm enable provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so all # cryptoadm list -p provider=/usr/lib/security/\$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_softtoken.so: all mechanisms are enabled. random is enabled.
Refreshing or Restarting All Cryptographic Services
By default, the Cryptographic Framework is enabled. When the kcfd
daemon fails for any reason, the Service Management Facility (SMF) can be used to restart cryptographic services. For more information, see the smf(7) and svcadm(8) man pages. For the effect on zones of restarting cryptographic services, see Cryptographic Framework and Zones.
How to Refresh or Restart All Cryptographic Services
Before you begin, you must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
Example 3-22 Refreshing Cryptographic Services
In the following example, cryptographic services are refreshed in the global zone. Therefore, kernel-level cryptographic policy in every non-global zone is also refreshed.
$ svcadm refresh system/cryptosvc