Security

Check: rpm -qa | grep -i libica
Install for RHEL: yum install libica
Install for SLES: zypper install libica

2. Load the device driver for the CryptoExpress adapters if such an adapter is available: # modprobe z90crypt

3. Install openCryptoki with yum or zypper, respectively. Once openCryptoki has been installed, it must be initialized:

# pkcs11_startup
# pkcsslotd

Note that pkcsslotd must be started after every boot. Therefore, it may be useful to have an init script that starts that daemon.

 

To check which tokens are available, we call pkcsconf with the -t option (see Figure 7). The ICA token has the Model value IBM ICA. Thus, in our example, the ICA token is in slot 0 (Token #0). First, we set the label (option -I) of the ICA token to a value of our choice (here icatoken):

# pkcsconf -I -c0.
Enter the SO PIN: ********
Enter a unique token label: icatoken

Now we can change the SO PIN (option -P) of the token in slot 0 (option -c0):

# pkcsconf -P -c0
Enter the SO PIN: ********
Enter the new SO PIN: ********
Re-enter the new SO PIN: ********

Let the SO set PKCS#11 User PIN (option -u) of ICA token:

# pkcsconf -u -c0
Enter the SO PIN: ********
Enter the new user PIN: ********
Re-enter the new user PIN: ********

And eventually let the PKCS#11 User change its PIN (option -p) of ICA token:

# pkcsconf -p -c0
Enter the user PIN: ********
Enter the new user PIN: ********
Re-enter the new user PIN: ********

The command in Figure 8 is used to verify the configuration of the ICA token. If the Flags attribute shows USER_PIN_INITIALIZED and TOKEN_INITIALIZED, then the token is ready for use.

 

The ICA Token
The ICA token provides access to clear key cryptographic algorithms implemented by the CPACF feature of the CPU and the CryptoExpress accelerator or CCA coprocessor. To use the ICA token, the CPACF feature (feature code LIC 3863) must be installed on the system and the libica library must be installed in Linux. If functions from the CryptoExpress adapters are to be used, the z90crypt device driver must be loaded into the Linux kernel.

In the list of tokens displayed by pkcsconf –t, the ICA token is the one with the attribute Model IBM ICA. The token directory for the ICA token is /var/lib/opencryptoki/lite; hence, the ICA token objects are stored in /var/lib/opencryptoki/lite/TOK_OBJ.

The ICA token exploits System z cryptographic hardware as follows:

SHA-1, SHA-256/386/512 via CPACF
DES, 3DES, AES128/192/256 using ECB, CBC, and CTR modes of operation via CPACF starting with version 3.0: 3DES, AES128/192/256 using OFB, CFB, CBCMAC modes of operation via CPACF
RSA with 1024-4096 bit keys using CryptoExpress adapters or a software fall back (openssl)
(Pseudo) random numbers using CPACF and CryptoExpress CCA coprocessor if available.
Figure 9 shows the full list of mechanisms supported by the ICA token. This information can also be retrieved using the -m option of pkcsconf.

 

The CCA Token
The CCA token provides secure key cryptography using the CryptoExpress CCA coprocessor. It requires the libcsulcca library to be installed and the z90crypt device driver to be loaded into the kernel. The CCA RPM containing the CCA library libcsulcca can be downloaded for free from http://www-03.ibm.com/security/ cryptocards/pciecc/ordersoftware.shtml.

In the list of tokens displayed by pkcsconf –t, the CCA token is the one with the value “Model: IBM CCA TOKEN.” The token directory for the CCA token is /var/lib/opencryptoki/ccatok; therefore, the CCA token objects are stored in /var/lib/ opencryptoki/ccatok/TOK_OBJ.

The CCA token exploits System z cryptographic hardware as follows:

DES, 3DES, AES128/192/256 using ECB and CBC via a CryptoExpress CCA coprocessor
RSA with 1024-4096 bit keys via a CryptoExpress CCA coprocessor
ECDSA via a CryptoExpress 3 (or later) CCA coprocessor.
The full list of mechanisms supported by the CCA token is shown in Figure 4. This information can also be retrieved using the -m option of pkcsconf.

All keys generated by the CCA token are CCA secure keys. To work with keys not generated by the CCA token, such keys must be imported. RSA key pairs can be imported with calls to C_CreateObject() for each key component. The imported private RSA key will then be wrapped with the CCA master key. Note, only private RSA keys in CRT format can be imported.

PKCS#11 and Other Software
PKCS#11 and thus openCryptoki can be exploited with the Java Cryptography Architecture (JCA) using a PKCS#11 provider such as the IBMPKCS11Impl for IBM Java. Using openCryptoki via Java was described in detail in the article “Using Crypto Hardware With Java in Linux on System z,” which is available at http://esmpubs.com/nsnre. For IBM Java and the IBMPKCS11Impl, the set of supported cryptographic methods is described as a table mapping each Java method to PKCS#11 mechanisms (e.g., on the IBM infocenter under Security Reference for IBM SDK, Java Technology Edition, Version 7 > Security Reference for IBM SDK, Java Technology Edition, Version 7 > IBMPKCS11Impl Provider > IBM PKCS 11 Implementation Provider for Java available at http://ibm.biz/ BdRexT). To find out which Java method is supported by cryptographic hardware in a specific configuration, this table must be related to the mechanism list supported by the openCryptoki token to be used (e.g., Figure 9 for the ICA token).

Some standard software supports being configured to call a PKCS#11 library. Examples of such software are WAS, the IBM HTTP Server or Apache with the mod_nss security module. These configurations typically ask for a library path, a slot or token id and sometimes a user PIN. The paper “IBM WebSphere Application Server Version 8 for Linux on IBM System z SSL Setup and Performance Study” (available at http://pic.dhe.ibm.com/ infocenter/lnxinfo/v3r0m0/topic/liaag/ l0wascry00_2013.htm) describes the configuration needed to configure WAS to use System z cryptographic hardware via openCryptoki and shows that considerable performance improvements can be observed due to the usage of cryptographic hardware.

Note, to ensure cryptographic hardware is used in applications using SSL/TLS, cipher suites that contain components supported by cryptographic hardware should be selected and given priority.

Conclusion
PKCS#11 is a widely used standard that allows access to functions from cryptographic hardware devices. OpenCryptoki is an open source implementation of PKCS#11 available with SLES and RHEL distributions. Many System z hardware crypto functions from CryptoExpress adapters and CPACF can be accessed via openCryptoki: The openCryptoki ICA token provides access to clear key cryptography and the openCryptoki CCA token provides access to secure key cryptography. Java and many software products provide plug-in options for a PKCS#11 library.

References

“Using Crypto Hardware With Java in Linux on System z,” Reinhard Buendgen and Peter Spera, Enterprise Tech Journal, March/April 2013: http://esmpubs.com/nsnre
“IBM WebSphere Application Server Version 8 for Linux on IBM System z SSL Setup and Performance”: http://pic.dhe.ibm. com/infocenter/lnxinfo/v3r0m0/topic/liaag/ l0wascry00_2013.htm.

6 Pages