Security Flags
Policies are implemented in SafeNet ProtectToolkit-C by configuring security flags.
Setting a security flag activates its particular security settings. One or more of these flags can be set to create custom security policies or to implement the typical security policies described in the previous section.
Configuring Security Flags
Security flags are configured using the ctconf command line utility.
The command syntax is as follows:
ctconf –f<flags>
Multiple flags may be set simultaneously. For example, the command: ctconf –ftu would set both the t and the u flags.
When flags are set, any flags set previously are cleared.
Set flags = 0 to clear all the flags. This places the device in SafeNet Default Mode (Default <No flags set>). See the Typical Security Policies section SafeNet Default Mode, for more information about this security policy.
Use other flags values to set flags as follows:
To set flag: |
Use flags value: |
---|---|
u | |
d | |
Enable PCI Audit Logs | b |
e | |
a | |
F | |
N | |
U | |
i | |
l | |
n | |
c | |
Pure PKCS11 (PKCS#11 Compatibility Mode) |
p |
t | |
E | |
Weak PKCS#11 Mechanisms | w |
Each of these flags is fully described below.
For the complete ctconf command reference, see CTCONF.
Security Flag Descriptions
The security settings configured by each of the security flags are described below. A mapping of security flags to the typical security policies described in this manual is provided in Security Policy Options.
Auth Protection
The Auth Protection (Authentication/Session Protection) flag, when set, ensures secure messaging authentication between applications and the HSM is enforced for certain messages sent from applications to the HSM. Critical messages or messages that might otherwise contain sensitive information are affected. These messages must be digitally signed so they can be verified by the HSM.
With this setting applied, applications will operate more securely. HSM performance, however, may suffer due to the additional operations required to sign and verify each message request.
DES Keys Even Parity Allowed
The Des Keys Even Parity Allowed flag permits creation of DES, DES2 and DES3 keys and components with even parity.
Enable PCI Audit Logs
The Enable PCI Audit Logs flag permits the collection of logs accessible to the audit user.
Entrust Ready
The Entrust Ready (Entrust Compliant) flag, when set, establishes the following rules:
>When a nonexistent mechanism is queried, an empty mechanism structure is returned.
>When a token is initialized with the C_InitToken command, the SO PIN is not required.
>A user who is already logged in is permitted to log in again.
>When using the C_SignFinal command, the size of the message authentication code (MAC) returned can be controlled, even if the mechanism is not one of the general-length MAC mechanisms specified in the PKCS #11 standard.
>When using the C_WrapKey function, if the CKA_extractable attribute is not specified, it defaults to true so that wrapping is allowed.
FIPS Algorithms Only
The FIPS Algorithms Only (Only Allow FIPS-Approved Algorithms) flag, when set, disables non-FIPS approved algorithms.
The algorithms approved by FIPS are: AES, Triple-DES, DSA, RSA, ECDSA, HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, SHA-1, SHA-256, SHA-384, SHA-512, Triple-DES MAC.
Refer to the Typical Security Policies section FIPS Mode for more.
NOTE For FIPS-approved algorithms for individual products, please check the FIPS product certification.
FIPS Mode
The FIPS Mode (FIPS 140-1 Mode or FIPS 140-2 Mode) flag, when set, sets the following composite flags:
>FIPS Algorithms Only
>No Public Crypto
>Mode Locked
>No Clear PINs
>Tamper Before Upgrade
>Auth Protection
Instead of specifying each of these flags separately with ctconf, the FIPS Mode flag can be set as a shortcut.
Refer to the entries for the individual flags and the Typical Security Policies section FIPS Mode.
Full Secure Messaging Encryption
The Full Secure Messaging Encryption flag, when set, ensures that:
>User PINs or other sensitive information cannot be passed across the host interface unencrypted.
>Secure messaging encryption is enabled, so every message between the application and the HSM is encrypted in both directions.
>Certain functions that would otherwise result in the clear transmission of sensitive data are disabled
>The creation of any keys with the CKA_SENSITIVE attribute set to false is not permitted.
Note that the Full Secure Messaging Encryption flag is similar to the No Clear PINs Allowed flag, except every message between the application and the HSM is encrypted in both directions. The key used for the message encryption is generated using the PKCS #3 Diffie-Hellman Key Agreement Standard.
By enabling this setting, applications will operate more securely. however this will also have the effect of decreasing HSM performance. This is due to the increased operations required to encrypt and decrypt each request and response message.
CAUTION! The No Clear PINs flag must be set to enable Full Secure Messaging Encryption to encrypt data.
Full Secure Messaging Signing
The Full Secure Messaging Signing flag, when set, indicates that secure messaging authentication between applications and the HSM is being enforced for every message, in both directions, between the application and the HSM. All messages must be digitally signed so that they can be verified by the HSM.
Note that the Full Secure Messaging Signing flag is similar to the Auth Protection flag except that every message, in both directions, between the application and the HSM is digitally signed and verified. The key used for the message signing is generated using the PKCS #3 Diffie-Hellman Key Agreement Standard.
With this setting applied, applications will operate more securely. HSM performance, however, may suffer due to the additional operations required to sign and verify each message request.
CAUTION! The No Clear PINs flag must be set to enable Full Secure Messaging Signing to encrypt data.
Increased Security Level
The Increased Security Level flag, when set, ensures that:
>The mechanism CKM_EXTRACT_KEY_FROM_KEY is disabled.
>Changing the CKA_MODIFIABLE attribute from false to true while using the C_CopyObject command is not permitted.
Mode Locked
The Mode Locked (Lock Security Mode) flag, when set, prevents any further security flag modification. A new security policy can only be implemented after performing a tamper operation.
No Clear PINs
The No Clear PINs (No Clear PINs Allowed) flag, when set, ensures that:
>User PINs or other sensitive information cannot be passed across the host interface unencrypted.
>Secure messaging encryption is enabled for critical requests to the HSM, or for those requests that might otherwise contain sensitive information.
>Certain functions that would otherwise result in the clear transmission of sensitive data are disabled.
>The creation of any keys with the CKA_SENSITIVE attribute set to false is not permitted.
CAUTION! The No Clear PINs flag must be set to enable Full Secure Messaging Encryption and Full Secure Messaging Signing.
No Public Crypto
The No Public Crypto flag, when set, ensures that no user can perform a cryptographic operation without having first authenticated themselves.
When this flag is set, each token in the system will have the PKCS #11 CKF_LOGIN_REQUIRED flag set so that applications must authenticate before operations are allowed. Note that this security flag does not affect the Admin token, which always requires authentication for access.
NOTE The name of this flag does not imply that public key cryptography is not allowed. Setting this flag will not prevent RSA processing.
Pure PKCS11 (PKCS#11 Compatibility Mode)
CAUTION! Setting this flag compromises security. A skilled attacker may be able to exploit vulnerabilities in certain mechanisms when this flag is set.
The Pure PKCS11 flag, when set, allows that the following mechanisms to function as the PKCS #11 v2.20 standard requires.
>CKM_CONCATENATE_BASE_AND_KEY
>CKM_CONCATENATE_BASE_AND_DATA
>CKM_CONCATENATE_DATA_AND_BASE
>CKM_EXTRACT_KEY_FROM_KEY
Tamper Before Upgrade
The Tamper Before Upgrade flag, when set, ensures that a soft tamper (erasure of all HSM internal secure memory) will occur when any of the following operations are undertaken.
>Firmware upgrade
>FM download
>FM disable operation
User Specified ECC DomainParameters Allowed
The User Specified ECC DomainParameters Allowed flag, when set, allows ECC Public and Private keys with Domain Parameters other then the set of named curves built into the HSM to be generated and stored on the HSM.
Weak PKCS#11 Mechanisms
CAUTION! Setting this flag compromises security. A skilled attacker may be able to exploit vulnerabilities in certain mechanisms when this flag is set.
Newly-discovered key extraction techniques have revealed vulnerabilities in some mechanisms. These mechanisms are now restricted by default in the factory settings of all new HSMs, or when flags are set to "0" (all flags cleared). Also, these mechanisms cannot be enabled when flags are set to "F" (FIPS 140-2 Mode) or "a" (Only Allow FIPS-Approved Algorithms). The Weak PKCS#11 Mechanisms flag, when set, allows the use of these less-secure mechanisms. It can be used with any combination of flags except "F" and "a".
The following mechanisms are affected:
>CKM_CONCATENATE_BASE_AND_DATA
>CKM_CONCATENATE_BASE_AND_KEY
>CKM_CONCATENATE_DATA_AND_BASE
>CKM_XOR_BASE_AND_DATA
>CKM_XOR_BASE_AND_KEY
>CKM_EXTRACT_KEY_FROM_KEY