UPGRADE SYSTEM SSL TO SUPPORT FIPS STANDARD
APAR Identifier ...... PM08418 Last Changed ........ 11/07/22 UPGRADE SYSTEM SSL TO SUPPORT FIPS STANDARD Symptom ...... NF NEWFUNCTION Status ........... CLOSED UR1 Severity ................... 4 Date Closed ......... 10/10/14 Component .......... 5735FAL00 Duplicate of ........ Reported Release ......... 610 Fixed Release ............ 999 Component Name TCP/IP V2 FOR V Special Notice ATTENTION Current Target Date .. Flags SCP ................... NEW FUNCTION Platform ............ Status Detail: SHIPMENT - Packaged solution is available for shipment. PE PTF List: PTF List: Release 610 : UK61137 available 10/11/02 (1101 ) Parent APAR: Child APAR list: ERROR DESCRIPTION: Upgrade System SSL to support FIPS standard. LOCAL FIX: PROBLEM SUMMARY: **************************************************************** * USERS AFFECTED: All users of SSL. * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: APPLY PTF * **************************************************************** This APAR adds FIPS functionality to System SSL and brings it up to a level equivalent to z/OS 1.11. PROBLEM CONCLUSION: TEMPORARY FIX: COMMENTS: The revised information that follows will be included in any future updates to the following publication(s): =============================================================== SC24-6240-00 z/VM: TCP/IP Level 610 User's Guide Chapter 8. "SSL Certificate/Key Management and SSL Tracing Information" Section: "Key Database Files" Page(s): 216 The description of the key database files should have the following paragraph appended: A key database that is created as a FIPS mode database, can only be updated by gskkyman or by using the CMS APIs executing in FIPS mode. Such a database, however, may be opened as read-only when executing in non-FIPS mode. Key databases created while in non-FIPS mode cannot be opened when executing in FIPS mode. ---------------------------------------------------------------- Section: "gskkyman Interactive Mode Descriptions" Page(s): 217 The first paragraph detailing creation of a new database mentions the new option to choose FIPS mode: This option will create a new key database and the associated request database. You will be prompted to enter the key database name, the database password, the password expiration interval, and the database record length and choose either a FIPS or non-FIPS database (see 'Key Database Files' on page 220 for a discussion of FIPS mode databases). ---------------------------------------------------------------- Section: "gskkyman Interactive Mode Descriptions" Page(s): 220 The description for copying certificate and key to a another database should read as follows: Copy certificate and key to another database This option copies the certificate and key to another database. An error will be returned if the certificate is already in the database or if the label is not unique. A certificate and key may only be copied from a FIPS mode database to another FIPS mode database. A certificate and key may not be copied from a non-FIPS mode database to a FIPS mode database. ---------------------------------------------------------------- Section: "gskkyman Interactive Mode Descriptions" Page(s): 220 The description for exporting certificate and key to a file should read as follows: Export certificate and key to a file This option exports the X.509 certificate and its private key to a file. The private key is encrypted when it is written to the file. The password you select will be needed when you import the file. The supported export formats are PKCS #12 Version 1 and PKCS #12 Version 3. The PKCS #12 Version 1 format is obsolete but is the only format supported by some SSL implementations. For FIPS mode databases, the export format supported is PKCS #12 Version 3. The strong encryption option uses Triple DES to encrypt the private key while the export encryption option uses 40-bit RC2. Strong encryption is the only supported option when exporting from a FIPS database. The export file will contain the requested certificate and its certification chain. ---------------------------------------------------------------- Section: "gskkyman Interactive Mode Descriptions" Page(s): 222 The description for copying certificates to another database should read as follows: Copy certificate to another database This option copies the certificate to another database. An error will be returned if the certificate is already in the database or if the label is not unique. A certificate and key may only be copied from a FIPS mode database to another FIPS database. A certificate and key may not be copied from a non-FIPS mode database to a FIPS mode database. ---------------------------------------------------------------- Section: "gskkyman Interactive Mode Descriptions" Page(s): 224 The first two paragraphs of the description for importing certificates into a database should read as follows: Import a Certificate This option imports a certificate and adds it to the key database. The import file contains a certificate without a private key. The certificate will be marked as trusted when it is added to the database. When importing a certificate, the expiration date cannot exceed February 6, 2106. When adding certificates from the import file to a FIPS key database file only certificates signed with FIPS signature algorithms using FIPS-approved key sizes may be imported. When processing a chain of certificates, processing of the chain will terminate if a non-FIPS certificate is encountered. Certificates processed prior to the failing certificates will be added to the key database file. It is the responsibility of the importer to ensure that the file came from a FIPS source in order to maintain meeting FIPS 140-2 criteria. ---------------------------------------------------------------- Section: "gskkyman Interactive Mode Descriptions" Page(s): 230 The description for importing a certificate and private key should have the following addition: Only certificates and keys encoded according to PKCS #12 Version 3 and protected with strong encryption can be imported into a FIPS database. Furthermore, only certificates and keys comprising FIPS signature algorithms and using FIPS-approved key sizes may be imported into a FIPS database. ---------------------------------------------------------------- Section: "Creating, Opening and Deleting a Key Database File" Page(s): 230 The example for creating, opening and deleting a key database file should list the option to create a database in FIPS mode: ... Enter database record length (press ENTER to use 5000): <enter> Enter 1 for FIPS mode database or 0 to continue: 1 <enter> Key database /home/RACFU01/mykey.kdb created. ... ---------------------------------------------------------------- Section: "Creating a Certificate Request" Page(s): 238 The description for creating a certificate to be used with a fixed Diffie-Hellman key exchange should read as follows: Creating a certificate to be used with a fixed Diffie-Hellman key exchange Create a server certificate to be used during an SSL handshake using a fixed Diffie-Hellman key exchange. Fixed Diffie-Hellman requires both sides of the exchange to be based off of the same generation parameters. In order for each side to use the same generation parameters, a key parameter file must be created to be used as input to the certificate being signed. To create a key parameter file, from the Database Menu, enter 6. First you will be asked to select the key type. Only the key types of 1024 bit DSA key or 2048 bit fixed Diffie-Hellman key are valid for use in a FIPS database. Once the key type is determined, you will be prompted to enter a key parameter file name. The file name is interpreted relative to the current directory when gskkyman is invoked. You may also specify a fully qualified file name. ---------------------------------------------------------------- Section: "Managing Keys and Certificates" Page(s): 246 The description for copying a certificate (and Private Key) to a Different Key Database should have the following note added: Note: A key database file and the target key database file must exist before the certificate can be copied to the target key database file. If the target is a FIPS database, then only a FIPS database can be the source. ---------------------------------------------------------------- Section: "Managing Keys and Certificates" Page(s): 248 The description for copying a certificate (and Private Key) to a Different Key Database should have the following clarification on the file format after table 51 extended to clarify FIPS support: You will then be prompted for what file format you would like for the exported certificate information. The file format is determined by the support on the receiving system. In most cases the format to be used is Binary PKCS #12 Version 3. Export from a FIPS database must be PKCS #12 Version 3 using strong encryption. ---------------------------------------------------------------- Section: "Managing Keys and Certificates" Page(s): 248 The description for copying a certificate with its Private Key to a Key Database on the same system should have its first paragraph changed to clarify behavior with FIPS support: Copying a Certificate with its Private Key to a Key Database on the Same System: To copy a certificate and its private key from one key database to another key database on the same system, you will need to know the target key database file name and password. If the source database is a FIPS database, then the target database must also be a FIPS database. If the source database is a non-FIPS database, then the target database must also be a non-FIPS database. From the KEY MANAGEMENT MENU, select 1 - Manage keys and certificates to display the KEY AND CERTIFICATE MENU. Find the label of the certificate to be copied and enter the number associated with the label. From the Key and Certificate Menu, enter 5 to copy a certificate and key to another database: ---------------------------------------------------------------- Section: "Importing a Certificate from a File with its Private Key" Page(s): 258 The description for importing a certificate from a file with its Private Key should have the following paragraph added at the end to clarify behavior with FIPS support: A certificate and key can be imported into a FIPS key database providing it is a PKCS #12 Version 3 with strong encryption format. When adding certificates from the import file to a FIPS key database file only certificates signed with FIPS signature algorithms using FIPS-approved key sizes may be imported. When processing a chain of certificates, processing of the chain will terminate if a non-FIPS certificate is encountered. Certificates processed prior to the failing certificate will be added to the key database file. It is the responsibility of the importer to ensure that the file came from a source meeting FIPS 140-2 criteria in order to maintain adherence to the FIPS criteria. **** PE11/06/23 FIX IN ERROR. SEE APAR PM42107 FOR DESCRIPTION MODULES/MACROS: ASN1SSL CHARDSSL CMSBASE CRYPSHA CRYPSHA3 CRYPTO GSKCMS GSKCMS3M GSKCMS3X GSKCMS31 GSKC31 GSKC31F GSKC31FM GSKC31M GSKHASH GSKHASHX GSKKYMAM GSKKYMAN GSKMSGA GSKMSGS GSKSSL GSKSUS31 GSKS31 GSKS31F GSKTRACE GSKTRACM LDPCC31F LDPCZVMD LDPC2603 LDPIVPRF SSL_EXC SSL_MEMC SSL_SVC SSLBASE SSLMSGS SSLSERV TCPBLEDL TCPBLP92 TCPBL492 SRLS: SC24623800 SC24624000 RTN CODES: CIRCUMVENTION: MESSAGE TO SUBMITTER: