| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Solaris 11.1 Administration: Security Services Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Solaris 11.1 Administration: Security Services Oracle Solaris 11.1 Information Library |
1. Security Services (Overview)
Part II System, File, and Device Security
2. Managing Machine Security (Overview)
3. Controlling Access to Systems (Tasks)
4. Virus Scanning Service (Tasks)
5. Controlling Access to Devices (Tasks)
6. Verifying File Integrity by Using BART (Tasks)
7. Controlling Access to Files (Tasks)
Part III Roles, Rights Profiles, and Privileges
8. Using Roles and Privileges (Overview)
9. Using Role-Based Access Control (Tasks)
10. Security Attributes in Oracle Solaris (Reference)
Part IV Cryptographic Services
11. Cryptographic Framework (Overview)
12. Cryptographic Framework (Tasks)
Protecting Files With the Cryptographic Framework (Tasks)
Protecting Files With the Cryptographic Framework (Task Map)
How to Generate a Symmetric Key by Using the pktool Command
How to Compute a Digest of a File
Administering the Cryptographic Framework (Tasks)
Administering the Cryptographic Framework (Task Map)
How to List Available Providers
How to Add a Software Provider
How to Use the Cryptographic Framework in FIPS-140 Mode
How to Prevent the Use of a User-Level Mechanism
How to Prevent the Use of a Kernel Software Provider
How to List Hardware Providers
How to Disable Hardware Provider Mechanisms and Features
How to Refresh or Restart All Cryptographic Services
Part V Authentication Services and Secure Communication
14. Using Pluggable Authentication Modules
17. Using Simple Authentication and Security Layer
18. Network Services Authentication (Tasks)
19. Introduction to the Kerberos Service
20. Planning for the Kerberos Service
21. Configuring the Kerberos Service (Tasks)
22. Kerberos Error Messages and Troubleshooting
23. Administering Kerberos Principals and Policies (Tasks)
24. Using Kerberos Applications (Tasks)
25. The Kerberos Service (Reference)
This section describes how to generate symmetric keys, how to create checksums for file integrity, and how to protect files from eavesdropping. The commands in this section can be run by regular users. Developers can write scripts that use these commands.
The Cryptographic Framework can help you protect your files. The following task map points to procedures for listing the available algorithms, and for protecting your files cryptographically.
|
Some applications require a symmetric key for encryption and decryption of communications. In this procedure, you create a symmetric key and store it.
If your site has a random number generator, you can use the generator to create a random number for the key. This procedure does not use your site's random number generator.
Use one of the following methods.
The advantage of a file-stored key is that you can extract the key from this file for use in an application's key file, such as the /etc/inet/secret/ipseckeys file or IPsec. The usage statement shows the arguments.
% pktool genkey keystore=file
...genkey keystore=file
outkey=key-fn
[ keytype=aes|arcfour|des|3des|generic ]
[ keylen=key-size (AES, ARCFOUR or GENERIC only)]
[ print=y|n ]Is the filename where the key is stored.
For a symmetric key of any length, the value is generic. For a particular algorithm, specify aes, arcfour, des, or 3des.
Is the length of the key in bits. The number must be divisible by 8. Do not specify for des or 3des.
Prints the key to the terminal window. By default, the value of print is n.
The advantage of the PKCS #11 keystore is that you can retrieve the key by its label. This method is useful for keys that encrypt and decrypt files. You must complete Step 1 before using this method. The usage statement shows the arguments. The brackets around the keystore argument indicate that when the keystore argument is not specified, the key is stored in the PKCS #11 keystore.
$ pktool genkey
...genkey [ keystore=pkcs11 ]
label=key-label
[ keytype=aes|arcfour|des|3des|generic ]
[ keylen=key-size (AES, ARCFOUR or GENERIC only)]
[ token=token[:manuf[:serial]]]
[ sensitive=y|n ]
[ extractable=y|n ]
[ print=y|n ]Is a user-specified label for the key. The key can be retrieved from the keystore by its label.
For a symmetric key of any length, the value is generic. For a particular algorithm, specify aes, arcfour, des, or 3des.
Is the length of the key in bits. The number must be divisible by 8. Do not specify for des or 3des.
Is the token name. By default, the token is Sun Software PKCS#11 softtoken.
Specifies the sensitivity of the key. When the value is y, the key cannot be printed by using the print=y argument. By default, the value of sensitive is n.
Specifies that the key can be extracted from the keystore. Specify n to prevent the key from being extracted.
Prints the key to the terminal window. By default, the value of print is n.
You must complete Step 1 before using this method. The usage statement shows the arguments.
$ pktool genkey keystore=nss
...genkey keystore=nss
label=key-label
[ keytype=aes|arcfour|des|3des|generic ]
[ keylen=key-size (AES, ARCFOUR or GENERIC only)]
[ token=token[:manuf[:serial]]]
[ dir=directory-path ]
[ prefix=DBprefix ]Is a user-specified label for the key. The key can be retrieved from the keystore by its label.
For a symmetric key of any length, the value is generic. For a particular algorithm, specify aes, arcfour, des, or 3des.
Is the length of the key in bits. The number must be divisible by 8. Do not specify for des or 3des.
Is the token name. By default, the token is the NSS internal token.
Is the directory path to the NSS database. By default, directory is the current directory.
Is the prefix to the NSS database. The default is no prefix.
Use one of the following commands, depending on where you stored the key.
% pktool list keystore=file objtype=key [infile=key-fn] Found n keys. Key #1 - keytype:location (keylen)
$ pktool list objtype=key Enter PIN for keystore: Found n keys. Key #1 - keytype:location (keylen)
Example 12-1 Creating a Symmetric Key by Using the pktool Command
In the following example, a user creates a PKCS #11 keystore for the first time, and then generates a large symmetric key for an application. Finally, the user verifies that the key is in the keystore.
# pktool setpin Create new passphrase:Type easily-remembered-hard-to-detect-password Re-enter new passphrase:Retype password Passphrase changed. % pktool genkey label=specialappkey keytype=generic keylen=1024 Enter PIN for Sun Software PKCS#11 softtoken :Type password % pktool list objtype=key Enter PIN for Sun Software PKCS#11 softtoken :Type password Found 1 keys. Key #1 - symmetric: specialappkey (1024 bits)
Example 12-2 Creating a DES Key by Using the pktool Command
In the following example, a secret key for the DES algorithm is created. The key is stored in a local file for later decryption. The command protects the file with 400 permissions. When the key is created, the print=y option displays the generated key in the terminal window.
DES mechanisms use a 64-bit key. The user who owns the keyfile retrieves the key by using the od command.
% pktool genkey keystore=file outkey=64bit.file1 keytype=des print=y
Key Value ="a3237b2c0a8ff9b3"
% od -x 64bit.file1
0000000 a323 7b2c 0a8f f9b3Example 12-3 Creating a Symmetric Key for IPsec Security Associations
In the following example, the administrator manually creates the keying material for IPsec SAs and stores them in files. Then, the administrator copies the keys to the /etc/inet/secret/ipseckeys file and destroys the original files.
First, the administrator creates and displays the keys that the IPsec policy requires:
# pktool genkey keystore=file outkey=ipencrin1 keytype=generic keylen=192 print=y Key Value ="294979e512cb8e79370dabecadc3fcbb849e78d2d6bd2049" # pktool genkey keystore=file outkey=ipencrout1 keytype=generic keylen=192 print=y Key Value ="9678f80e33406c86e3d1686e50406bd0434819c20d09d204" # pktool genkey keystore=file outkey=ipspi1 keytype=generic keylen=32 print=y Key Value ="acbeaa20" # pktool genkey keystore=file outkey=ipspi2 keytype=generic keylen=32 print=y Key Value ="19174215" # pktool genkey keystore=file outkey=ipsha21 keytype=generic keylen=256 print=y Key Value ="659c20f2d6c3f9570bcee93e96d95e2263aca4eeb3369f72c5c786af4177fe9e" # pktool genkey keystore=file outkey=ipsha22 keytype=generic keylen=256 print=y Key Value ="b041975a0e1fce0503665c3966684d731fa3dbb12fcf87b0a837b2da5d82c810"
Then, the administrator creates the following /etc/inet/secret/ipseckeys file:
## SPI values require a leading 0x. ## Backslashes indicate command continuation. ## ## for outbound packets on this system add esp spi 0xacbeaa20 \ src 192.168.1.1 dst 192.168.2.1 \ encr_alg aes auth_alg sha256 \ encrkey 294979e512cb8e79370dabecadc3fcbb849e78d2d6bd2049 \ authkey 659c20f2d6c3f9570bcee93e96d95e2263aca4eeb3369f72c5c786af4177fe9e ## ## for inbound packets add esp spi 0x19174215 \ src 192.168.2.1 dst 192.168.1.1 \ encr_alg aes auth_alg sha256 \ encrkey 9678f80e33406c86e3d1686e50406bd0434819c20d09d204 \ authkey b041975a0e1fce0503665c3966684d731fa3dbb12fcf87b0a837b2da5d82c810
After verifying that the syntax of the ipseckeys file is valid, the administrator destroys the original key files.
# ipseckey -c /etc/inet/secret/ipseckeys # rm ipencrin1 ipencrout1 ipspi1 ipspi2 ipsha21 ipsha22
The administrator copies the ipseckeys file to the communicating system by using the ssh command or another secure mechanism. On the communicating system, the protections are reversed. The first entry in the ipseckeys file protects inbound packets, and the second entry protects outbound packets. No keys are generated on the communicating system.
When you compute a digest of a file, you can check to see that the file has not been tampered with by comparing digest outputs. A digest does not alter the original file.
% digest -l md5 sha1 sha224 sha256 sha384 sha512
Provide an algorithm with the digest command.
% digest -v -a algorithm input-file > digest-listing
Displays the output in the following format:
algorithm (input-file) = digest
Is the algorithm to use to compute a digest of the file. Type the algorithm as the algorithm appears in the output of Step 1.
Is the input file for the digest command.
Is the output file for the digest command.
Example 12-4 Computing a Digest With the MD5 Mechanism
In the following example, the digest command uses the MD5 mechanism to compute a digest for an email attachment.
% digest -v -a md5 email.attach >> $HOME/digest.emails.05.07 % cat ~/digest.emails.05.07 md5 (email.attach) = 85c0a53d1a5cc71ea34d9ee7b1b28b01
When the -v option is not used, the digest is saved with no accompanying information:
% digest -a md5 email.attach >> $HOME/digest.emails.05.07 % cat ~/digest.emails.05.07 85c0a53d1a5cc71ea34d9ee7b1b28b01
Example 12-5 Computing a Digest With the SHA1 Mechanism
In the following example, the digest command uses the SHA1 mechanism to provide a directory listing. The results are placed in a file.
% digest -v -a sha1 docs/* > $HOME/digest.docs.legal.05.07 % more ~/digest.docs.legal.05.07 sha1 (docs/legal1) = 1df50e8ad219e34f0b911e097b7b588e31f9b435 sha1 (docs/legal2) = 68efa5a636291bde8f33e046eb33508c94842c38 sha1 (docs/legal3) = 085d991238d61bd0cfa2946c183be8e32cccf6c9 sha1 (docs/legal4) = f3085eae7e2c8d008816564fdf28027d10e1d983
A message authentication code, or MAC, computes a digest for the file and uses a secret key to further protect the digest. A MAC does not alter the original file.
% mac -l Algorithm Keysize: Min Max ----------------------------------- des_mac 64 64 sha1_hmac 8 512 md5_hmac 8 512 sha224_hmac 8 512 sha256_hmac 8 512 sha384_hmac 8 1024 sha512_hmac 8 1024
You have two options. You can provide a passphrase from which a key will be generated. Or you can provide a key.
If you provide a passphrase, you must store or remember the passphrase. If you store the passphrase online, the passphrase file should be readable only by you.
If you provide a key, it must be the correct size for the mechanism. You can use the pktool command. For the procedure and some examples, see How to Generate a Symmetric Key by Using the pktool Command.
Provide a key and use a symmetric key algorithm with the mac command.
% mac [-v] -a algorithm [-k keyfile | -K key-label [-T token]] input-file
Displays the output in the following format:
algorithm (input-file) = mac
Is the algorithm to use to compute the MAC. Type the algorithm as the algorithm appears in the output of the mac -l command.
Is the file that contains a key of algorithm-specified length.
Is the token name. By default, the token is Sun Software PKCS#11 softtoken. Is used only when the -K key-label option is used.
Is the input file for the MAC.
Example 12-6 Computing a MAC With DES_MAC and a Passphrase
In the following example, the email attachment is authenticated with the DES_MAC mechanism and a key that is derived from a passphrase. The MAC listing is saved to a file. If the passphrase is stored in a file, the file should not be readable by anyone but the user.
% mac -v -a des_mac email.attach Enter passphrase: <Type passphrase> des_mac (email.attach) = dd27870a % echo "des_mac (email.attach) = dd27870a" >> ~/desmac.daily.05.07
Example 12-7 Computing a MAC With MD5_HMAC and a Key File
In the following example, the email attachment is authenticated with the MD5_HMAC mechanism and a secret key. The MAC listing is saved to a file.
% mac -v -a md5_hmac -k $HOME/keyf/05.07.mack64 email.attach md5_hmac (email.attach) = 02df6eb6c123ff25d78877eb1d55710c % echo "md5_hmac (email.attach) = 02df6eb6c123ff25d78877eb1d55710c" \ >> ~/mac.daily.05.07
Example 12-8 Computing a MAC With SHA1_HMAC and a Key File
In the following example, the directory manifest is authenticated with the SHA1_HMAC mechanism and a secret key. The results are placed in a file.
% mac -v -a sha1_hmac \ -k $HOME/keyf/05.07.mack64 docs/* > $HOME/mac.docs.legal.05.07 % more ~/mac.docs.legal.05.07 sha1_hmac (docs/legal1) = 9b31536d3b3c0c6b25d653418db8e765e17fe07a sha1_hmac (docs/legal2) = 865af61a3002f8a457462a428cdb1a88c1b51ff5 sha1_hmac (docs/legal3) = 076c944cb2528536c9aebd3b9fbe367e07b61dc7 sha1_hmac (docs/legal4) = 7aede27602ef6e4454748cbd3821e0152e45beb4
Example 12-9 Computing a MAC With SHA1_HMAC and a Key Label
In the following example, the directory manifest is authenticated with the SHA1_HMAC mechanism and a secret key. The results are placed in the user's PKCS #11 keystore. The user initially created the keystore and the password to the keystore by using the pktool setpin command.
% mac -a sha1_hmac -K legaldocs0507 docs/* Enter pin for Sun Software PKCS#11 softtoken:Type password
To retrieve the MAC from the keystore, the user uses the verbose option, and provides the key label and the name of the directory that was authenticated.
% mac -v -a sha1_hmac -K legaldocs0507 docs/* Enter pin for Sun Software PKCS#11 softtoken:Type password sha1_hmac (docs/legal1) = 9b31536d3b3c0c6b25d653418db8e765e17fe07a sha1_hmac (docs/legal2) = 865af61a3002f8a457462a428cdb1a88c1b51ff5 sha1_hmac (docs/legal3) = 076c944cb2528536c9aebd3b9fbe367e07b61dc7 sha1_hmac (docs/legal4) = 7aede27602ef6e4454748cbd3821e0152e45beb4
When you encrypt a file, the original file is not removed or changed. The output file is encrypted.
For solutions to common errors from the encrypt command, see the section that follows the examples.
You have two options. You can provide a passphrase from which a key will be generated. Or you can provide a key.
If you provide a passphrase, you must store or remember the passphrase. If you store the passphrase online, the passphrase file should be readable only by you.
If you provide a key, it must be the correct size for the mechanism. You can use the pktool command. For the procedure and some examples, see How to Generate a Symmetric Key by Using the pktool Command.
Provide a key and use a symmetric key algorithm with the encrypt command.
% encrypt -a algorithm [-v] \ [-k keyfile | -K key-label [-T token]] [-i input-file] [-o output-file]
Is the algorithm to use to encrypt the file. Type the algorithm as the algorithm appears in the output of the encrypt -l command.
Is the file that contains a key of algorithm-specified length. The key length for each algorithm is listed, in bits, in the output of the encrypt -l command.
Is the token name. By default, the token is Sun Software PKCS#11 softtoken. Is used only when the -K key-label option is used.
Is the input file that you want to encrypt. This file is left unchanged by the command.
Is the output file that is the encrypted form of the input file.
Example 12-10 Creating an AES Key for Encrypting Your Files
In the following example, a user creates and stores an AES key in an existing PKCS #11 keystore for use in encryption and decryption. The user can verify that the key exists and can use the key, but cannot view the key itself.
% pktool genkey label=MyAESkeynumber1 keytype=aes keylen=256 Enter PIN for Sun Software PKCS#11 softtoken :Type password % pktool list objtype=key Enter PIN for Sun Software PKCS#11 softtoken :<Type password> Found 1 key Key #1 - Sun Software PKCS#11 softtoken: MyAESkeynumber1 (256)
To use the key to encrypt a file, the user retrieves the key by its label.
% encrypt -a aes -K MyAESkeynumber1 -i encryptthisfile -o encryptedthisfile
To decrypt the encryptedthisfile file, the user retrieves the key by its label.
% decrypt -a aes -K MyAESkeynumber1 -i encryptedthisfile -o sameasencryptthisfile
Example 12-11 Encrypting and Decrypting With AES and a Passphrase
In the following example, a file is encrypted with the AES algorithm. The key is generated from the passphrase. If the passphrase is stored in a file, the file should not be readable by anyone but the user.
% encrypt -a aes -i ticket.to.ride -o ~/enc/e.ticket.to.ride Enter passphrase: <Type passphrase> Re-enter passphrase: Type passphrase again
The input file, ticket.to.ride, still exists in its original form.
To decrypt the output file, the user uses the same passphrase and encryption mechanism that encrypted the file.
% decrypt -a aes -i ~/enc/e.ticket.to.ride -o ~/d.ticket.to.ride Enter passphrase: <Type passphrase>
Example 12-12 Encrypting and Decrypting With AES and a Key File
In the following example, a file is encrypted with the AES algorithm. AES mechanisms use a key of 128 bits, or 16 bytes.
% encrypt -a aes -k ~/keyf/05.07.aes16 \ -i ticket.to.ride -o ~/enc/e.ticket.to.ride
The input file, ticket.to.ride, still exists in its original form.
To decrypt the output file, the user uses the same key and encryption mechanism that encrypted the file.
% decrypt -a aes -k ~/keyf/05.07.aes16 \ -i ~/enc/e.ticket.to.ride -o ~/d.ticket.to.ride
Example 12-13 Encrypting and Decrypting With ARCFOUR and a Key File
In the following example, a file is encrypted with the ARCFOUR algorithm. The ARCFOUR algorithm accepts a key of 8 bits (1 byte), 64 bits (8 bytes), or 128 bits (16 bytes).
% encrypt -a arcfour -i personal.txt \ -k ~/keyf/05.07.rc4.8 -o ~/enc/e.personal.txt
To decrypt the output file, the user uses the same key and encryption mechanism that encrypted the file.
% decrypt -a arcfour -i ~/enc/e.personal.txt \ -k ~/keyf/05.07.rc4.8 -o ~/personal.txt
Example 12-14 Encrypting and Decrypting With 3DES and a Key File
In the following example, a file is encrypted with the 3DES algorithm. The 3DES algorithm requires a key of 192 bits, or 24 bytes.
% encrypt -a 3des -k ~/keyf/05.07.des24 \ -i ~/personal2.txt -o ~/enc/e.personal2.txt
To decrypt the output file, the user uses the same key and encryption mechanism that encrypted the file.
% decrypt -a 3des -k ~/keyf/05.07.des24 \ -i ~/enc/e.personal2.txt -o ~/personal2.txt
Troubleshooting
The following messages indicate that the key that you provided to the encrypt command is not permitted by the algorithm that you are using.
encrypt: unable to create key for crypto operation: CKR_ATTRIBUTE_VALUE_INVALID
encrypt: failed to initialize crypto operation: CKR_KEY_SIZE_RANGE
If you pass a key that does not meet the requirements of the algorithm, you must supply a better key.
One option is to use a passphrase. The framework then provides a key that meets the requirements.
The second option is to pass a key size that the algorithm accepts. For example, the DES algorithm requires a key of 64 bits. The 3DES algorithm requires a key of 192 bits.
|