Luna SA 4.1.1 - Secure Support - SafeNet

Luna SA VersionReason for Update3.0.1 Remote Administration allows a Remote Admin source Luna SA appliance to provide theauthentication data (PED Keys) for a distant (target) appliance, so that the Administrator doesnot need to be present, with PED Keys, at the remote location when performing administrationtasks that require HSM or Partition login.The hsm showPolicies display now shows the HSM Admin’s login status and the HSM’s M of Nstatus.Two new commands added: sysconf appliance reboot and sysconf appliance poweroff.Public Key Authentication featureJava support of JRE 1.3 and 1.4 (note that release 2.3, below, where this feature is alsomentioned, is a separate product branch)3.0 SIM enhanced to work with token objects, as well as session objects; additional authenticationmethods supported (PED, M of N)Crypto Officer / Crypto User roles addedOAM&P introduced, with SNMPsupport for 64-bit SolarisECC, ECDSA and KCDSA algorithms supportedSSL 0.97c adopted to address security vulnerability in previous version2.3 This release brought some 3.x functionality back to the 2.x series, for customers who require FIPSvalidation“Keep Alive” function added, to cope with inactivity timeouts imposed by intervening firewallsFix for Luna SP with Windows 2003 “Key Archival”Constraints on characters that can be used in Client names and PartitionsJava support of JRE 1.3 and 1.4OpenSSL version 0.96m2.2.3 added verify command to lunash command set, to perform a file check operation on the Luna SAto provide assurance that the system files are consistent with the original factory2.2.2 root account no longer availablesysconf cleanup subcommand added2.2.1 Apache integrationIBM WebSphere integrationntp supportselective logging functionalityclient authentication with IIS and CAPI now worksJava now supported on HP-UXJava Multiple Keystores (API) supportedLuna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 6

Software Version Compatibility by Luna SA ReleaseLuna SA Release Client software version[CD#]4.1.0 4.1.0 (32-bit)[900506-037 Rev B]4.1.0 (64-bit)[006901-002]4.1.0 4.1.0 (32-bit)[900506-037 Rev B]4.1.0 (64-bit)[006901-002]4.0.0 4.0.0 (32-bit)[900506-036]4.0.0 (64-bit)[006901-001]Software Development Kit version[CD#]4.1.0 (32-bit)[900536-037]4.1.0 (64-bit)[006903-002]4.1.0 (32-bit)[900536-037]4.1.0 (64-bit)[006903-002]4.0.0 (32-bit)[900536-036]4.0.0 (64-bit)[006903-001]Luna SA Appliance s\w version[file#]4.1.1[007-011317-002]4.1.0[900552-038]4.0.0[900552-037]Known issuesThis is a list of the issues known at time of release: Items that are mentioned without an assigned priority are forinformation only and do not need to be tracked in future Release Notes. All other Open Issues are prioritized and areaddressed in future releases when possible. Known issues that were listed in the previous Release Notes document in theKnown Issues section are covered in the Addressed Issues section of the current Release Notes.Priority Classification DefinitionC Critical No reasonable workaround existsH High Reasonable workaround existsM Medium Medium level priority problemsL Low Lowest level priority problemsIssue Priority Synopsis(28084) SA help docs- need instructions toperform hsmbackup/restore addedto HA setupLProblem: The current instruction page for HA setup in the help docs doesn't includethe instruction to perform an HSM backup on the primary and restore it onto theadditional members of the group. This is necessary for SIM boxes including the newKE configuration boxes. The information in the hsm backup command summary pageand the page “using_sim_in_a_multi-hsm_environment.htm” should be moreaccessible in the Help.Workaround: To use HA with SIM (including Key Export configuration) you mustensure that the identical masking key is on all members of the HA Group. There is noautomatic method.Perform an HSM backup on the primary, and use the resulting token to restore ontothe other HA members individually (sneakernet). Once that is done, all members havethe same masking key and can wrap/unwrap any material that uses the commonwrapping key – in other words, HA load-balancing/redundancy and the SIM featureswork properly together.If any member of the HA group does not have the matching SIM masking key, thenthat member cannot participate in HA SIM – the operations would return errormessages for that member and the member would not show the relevant partitionobjects (because they could not be unwrapped).See the Description and notes in the “hsm backup Command” page and the“using_sim_in_a_multi-hsm_environment.htm” page of the Luna SA Help.Luna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 10

Issue Priority Synopsis( 27281 ) hsm debugmode commandoutputs a bit ofextraneous info( 27220 ) Error in"Updating to Luna SA4.1.0" guide( 26394 ) JSPmakepersistant callwith null object returns"partition full"( 24230 ) “Package 7fails” when installingsoftware packages( 24223 ) Luna SA4:harmless pcmciastartup errors on 1UapplianceLLLLLProblem: Notice the line about cobra20 in the output below as a result of the "hsmdebug mode" command, it should be removed:[viper26] lunash:>hsm debug modeSyntax Error: Not a valid command.Command Result : 22 (Invalid argument)Syntax: hsm debug modeDescription: > HSM Debug Mode[root@cobra20 Cmode]# cat HThese commands are for HSM debug mode objects. The following subcommands areavailable:Name (short) Description---------------------------------------------------------set s Set HSM Debug Mode.Workaround: None. Ignore the extraneous text.Problem: In all cases, the command to update firmware should read “hsm updatefirmware” but the last two words are transposed in the document and the fix did notmake it into the released documentation.Workaround: Ignore the wording in “Updating to Luna SA 4.1.0” and write thecommand as hsm update firmware.Problem: Attempting to write an object that doesn't exist into the lunaJSP keystorereturns "('com.chrysalisits.crypto.LunaPartitionFullException: LunaTokenObject:Partition object storage limit has been reached. (130)')" A better error should bereturned, ie "Object handle invalid" equivalentWorkaround: Avoid attempting to write non-existent objects into the keystore.Problem: When running a package update, you might see a message during theinstall phase, indicating that package 7 has failed. This is the result of a too-specificdependency check by the install script (the installed version of a required package isalready newer, and works fine). The message is cosmetic and the installation issuccessful.Workaround: None. Ignore the message.Problem: In the absence of the pci card reader on the 1U appliance (which uses adifferent internal interface, and not the PCMCIA interface that is used in the 2U LunaSA), some errors are reported in the bootup logs of the 1U appliance. Example:Oct 25 10:00:55 viper21 pcmcia: Starting PCMCIA services: Oct 25 10:00:55viper21 pcmcia: modulesHint: insmod errors can be caused by incorrect moduleparameters, including invalid IO or IRQ parameters Oct 25 10:00:55 viper21pcmcia: /lib/modules/2.4.18/pcmcia/yenta_socket.o: init_module: No such deviceOct 25 10:00:55 viper21 pcmcia: Hint: insmod errors can be caused by incorrectmodule parameters, including invalid IO or IRQ parameters Oct 25 10:00:55viper21 pcmcia: /lib/modules/2.4.18/pcmcia/ds.o: init_module: Operation notpermitted Oct 25 10:00:55 viper21 pcmcia: cardmgr. Oct 25 10:00:55 viper21cardmgr[702]: no pcmcia driver in /proc/devices Oct 25 10:00:55 viper21 rc:Starting pcmcia: succeeded Oct 25 14:02:55 viper21 pcmcia: Starting PCMCIAservices: Oct 25 14:02:55 viper21 pcmcia: modulesHint: insmod errors can becaused by incorrect module parameters, including invalid IO or IRQ parametersOct 25 14:02:55 viper21 pcmcia: /lib/modules/2.4.18/pcmcia/yenta_socket.o:init_module: No such device Oct 25 14:02:55 viper21 pcmcia: Hint: insmod errorscan be caused by incorrect module parameters, including invalid IO or IRQparameters Oct 25 14:02:55 viper21 pcmcia: /lib/modules/2.4.18/pcmcia/ds.o:init_module: Operation not permitted Oct 25 14:02:55 viper21 pcmcia: cardmgr.Oct 25 14:02:55 viper21 cardmgr[696]: no pcmcia driver in /proc/devices Oct 2514:02:55 viper21 rc: Starting pcmcia: succeededWorkaround: None. Ignore the message. These errors are normal and do notrepresent a faultLuna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 12

Addressed issuesIssue Priority Synopsis(26772) SA 3.3 mustupdate to 4.1(25620) Support clienton a 64bit WindowsOS.(25492) Approvedhash functions mustnot be allowed untilafter user has loggedin(25443) DES is nolonger FIPS approvedLHHHProblem: A potential problem when updating a 3.3 SA to 4.0, when leaving thefirmware at 4.1.0, creates a situation where the box can't be updated at all. To getaround this, we must allow 3.3 to update to 4.1Fixed. Update of Luna SA 3.3 directly to 4.1 added.Problem: Port the client our Luna client to support the 64bit Windows platform.Fixed: Updated:1) Compiled and added new static openssl libraries and header files required forWin64 bit support.2) Modified all relevant .dsp files for 64 bit compiler (still using VC++ 6)3) Modified any source files for updated compiler changes (ie: iostream.h no longerexists...)4) Rebuilt putty ctp).Problem: NIST and CSE have issued an interpretation of FIPS 140-2 that says thatusers must be authenticated before they are allowed to use approved hash functions -i.e., SHA-1, SHA-224, SHA-256, SHA-384, SHA-256. If a user attempts to perform ahash operation before logging in we should return LUNA_USER_NOT_LOGGED_INand CKR_USER_NOT_LOGGED_IN thru the library.Fixed: The authentication state required for Digest commands has been changedfrom "PublicSession" to "LimitedUserAuthenticated".Problem: DES algorithms are no longer approved by FIPS.Fixed: Firmware is modified to restrict accordingly.(25441) FIPS nolonger recognizesRSA keys smaller than1024-bit.HProblem: FIPS no longer supports RSA keys smaller than 1024. While the system isin FIPS mode, attempts to use keys smaller than 1024-bit should return an error.Fixed: Firmware is modified to restrict accordingly.(25220) JSP will notread in cert withoutBasic Contstraint isCAsetHProblem: Our JSP should assume that if the boolean value for" isCA" is not set in thebasic constraints section of a cert, then it's False (i.e., an end-entity cert). Anotherinstance that should also be accounted for, is that in some end-entity certs, there is nobasic constraints section at all. This cert should also be imported without an error (Itshould also be assumed to be an end-entity cert).Fixed: Suppressed the error that was thrown when a malformed certificate is retrievedthrough our JSP. The fix suppresses an error that was thrown when the certificatedoes not conform to the RFC3280 specification on BasicConstraints. By NOT throwingthe exception the certificate is loaded into the LunaCertificateX509 structure and theBasicConstraints remains as the default value of -1 (which implies that 'isCA' == false).(25174) FIPS nolonger recognizesDSA keys smaller than1024-bit.HProblem: FIPS no longer supports DSA keys smaller than 1024. When in FIPSApproved mode, our HSM cannot allow DSA keys smaller than 1024 to be created,generated, unwrapped, unmasked, cloned on our HSM. The mechanism informationreported by the HSM must also report the correct minimum key size. 512 vs 1024,depending on the setting of "Allow non fips" policy.Fixed: Firmware is modified to restrict accordingly.(25173) Failed pairwisetest for all Keypair generationattempts must bereported.HProblem: Failed pair-wise test for all Key pair generation attempts must be reportedto the host/user. Currently, we loop (max of 3 tries) until a valid key pair is found.Fixed: If a pair-wise test fails, system logs an error to the debug area of the dualport.Luna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 13

Issue Priority Synopsis(24986) 32-bit appsupport on 64-bitWin2003 for Luna SA(24749) Customerrequest for more MIBsto monitor the healthof our appliances(24232) Apply Luna ISntls memory leak fixesto Luna SAMHHProblem: Need support for 32-bit apps on 64-bit Windows.Fixed: This was a testing-only issue to discover the support parameters. Results asfollows:Our 32 bit applications (CMU, CKDEMO, MULTITOKEN, etc..) and client librariesWILL work on a 64 bit Windows machine. Therefore, if a client has a customJava/C/C++ application which is compiled as a 32 bit application then everything willwork as expected. (The registry maintains separate directory for 32 bit applications andwill redirect and calls to entries without any changes required by the user.) However,the 32 bit CSP/cryptoki.dll will NOT work for the Certificate Services Microsoftapplication. This is because the CertSrv app is a 64 bit process running in 64 bit IISand will not load a 32 bit .dll.Problem: Needed additional capabilities to monitor and assess the health andperformance of the appliance via industry-standard monitoring protocols.Fixed: Included 2 new MIB agents to the snmp and added the lm_sensorscomponents to support the hardware stats MIB.Problem: Several memory leak fixes to the Luna IS 5.x product greatly improvedstability and memory usage. These should be applied to Luna SA.Fixed: The fixes were ported to Luna SA and tested.(24196) Luna SA DoSAttack with ssh via ntlsportHProblem: A potential denial of service attack was demonstrated when a networkvulnerability scanner repeatedly probed the ntls 1792 port. Ntls stopped accepting newconnection requests, but did continue to serve existing connected clients.Fixed: The probing is now handled gracefully.(24036) Need a way toconfigure dual portmode for K5 in SA4.xvia lunash(24007)Edit of Hosts file onLuna SALLProblem: The K5 in Luna IS 4.0 runs in DMA mode. A dual port dump from a cardrunning in this mode yields very little info in terms of debugging problems. The cardcan be configured to run in dual port mode at driver startup, but there is no way toconfigure this in the field. That means debug info provided by a customer for aproblem they are having may not give us the info we need. We ran into this problemon [another Luna product], and added lunash commands to set the driver to run in dualport mode. Something similiar for Luna SA is probably a good idea.Fixed: The hsm debug command was added.Problem: Customer would like the ability to edit the hosts file entries on the Luna SA.Reason: they have client systems with 3 unique IP NIC's....having one hostname certfor all NTLS connections from these NICS is needed, but on the Luna SA end there isa need to associate the hostname with one of the specific NIC IP's.Fixed: Added new sub command "hostip" under client command to allow hostname toip mapping.Revised list of OAM&P events for Luna SALogged as InfoCL_LogInfo("Parallel command supported");CL_LogInfo("DUALPORT communication mode");CL_LogInfo("DMA communication mode");CL_LogInfo("Timestamp update rate is low: last timestamp = %d min, new timestamp = %d min(%04d:%02d:%02d:%02d:%02d)",timestamp_g[0],currTime,RTC_GetYear(&rts),RTC_GetMonth(&rts),RTC_GetDay(&rts),RTC_GetHour(&rts),RTC_GetMinute(&rts));CL_LogInfo("DePadRSA: invalid block type (0x%x).", in[1]);CL_LogInfo("Warm boot Initialization");CL_LogInfo("Power-up Initialization");CL_LogInfo( "Firmware revision %d.%d.",Luna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 14

CL_LogSevere("SOConfig PARAM invalid!");CL_LogSevere("Default HSM Configuration PARAM missing!");CL_LogSevere("Failed to define initial HSM capability/policy!");CL_LogSevere("Default SOV Configuration PARAM missing!");Logged as Critical Error (can also be subject to SNMP trap – see your SNMP client)CL_LogCritical("Command IO module called before it's initialization");CL_LogCritical("DispatchParallel: Unknown command (%x)", commandCode);CL_LogCritical("CC_RunParallelCommands: Unknown command (%x)", pContext->commandCode);CL_LogCritical("3DES CBC decryption on the NITROX failed");CL_LogCritical("AES CBC decryption on the NITROX failed");CL_LogCritical("RC4 decryption on the NITROX failed");CL_LogCritical("3DES CBC encryption on the NITROX failed");CL_LogCritical("AES CBC encryption on the NITROX failed");CL_LogCritical("RC4 encryption on the NITROX failed");CL_LogCritical( "CA_AlgorithmSelfTest failed, rc=0x%x (1)", wResponse );CL_LogCritical( "CA_InitializeKeyCache failed, rc=0x%x", wResponse );CL_LogCritical( "CA_InitializeBlindingCache failed, rc=0x%x", wResponse );CL_LogCritical( "CA_VerifyTVK failed, rc=0x%x", wResponse );CL_LogCritical("DES_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("DES_GenRandomSelfTest failed, rc=0x%x", wResponse);CL_LogCritical("RC2_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("RC4_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("RC5_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("CAST_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("CAST3_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("CAST5_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("SEED_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("AES_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("MD2_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("MD5_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("HAS160_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("SHA_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("SHA2_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("RSA_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("DSA_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("KCDSA_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("OAEP_SelfTest failed, rc=0x%x", wResponse);CL_LogCritical("BNTest Failed!");CL_LogCritical("ECTest Failed!");CL_LogCritical("ECDSATest failed, rc=0x%x", wResponse);CL_LogCritical("ECDHTest failed, rc=0x%x", wResponse);CL_LogCritical("CA_Sha1RsaSelfTest failed, rc=0x%x", wResponse);CL_LogCritical("%s case #%02d failed!", testTitle, i);CL_LogCritical("3DES CBC encryption on the NITROX failed");CL_LogCritical("AES CBC encryption on the NITROX failed");CL_LogCritical("Fatal Error (rc 0x%x) called from %s line %d", resultCode, fileName, lineNumber);CL_LogCritical("Fatal Error (rc 0x%x) called from %s line %d", resultCode, fileName, lineNumber);CL_LogCritical("Fatal Error (rc 0x%x) called from %s line %d", resultCode, fileName, lineNumber);Luna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 16

CL_LogCritical("MCU IRQ: Multiple ECC errors");CL_LogCritical( "BCU IRQ: Multiple ECC errors" );CL_LogCritical( "MCU IRQ: Multiple ECC errors" );CL_LogCritical(" Code digest check failed! ");CL_LogCritical("MM_Initialize failed!");CL_LogCritical("PM_Initialize failed!");CL_LogCritical("NVRAM_Initialize failed!");CL_LogCritical("RN_Initialize failed!");CL_LogCritical("OH_Initialize failed!");CL_LogCritical("NTX_Initialize failed!");CL_LogCritical("CAV_Initialize failed!");CL_LogCritical("UM_Initialize failed!");CL_LogCritical("SM_Initialize failed!");CL_LogCritical("CA_Initialize failed!");CL_LogCritical("CCM_Initialize failed!");CL_LogCritical("External tamper detected!");CL_LogCritical("Failed to get buffer for converting personality PARAMs");CL_LogCritical("Manufacturing SOV failed length check!");CL_LogCritical("Transition Error (0x%x) ", structure.wErrorCode );CL_LogCritical("Transition Error (0x%x), Message: %s ", structure.wErrorCode, structure.baErrorMessage);endDisclaimerAlthough we have attempted to make this document as complete, accurate, and useful as possible, we cannotguarantee it contents. Errors or omissions will be corrected, as they are identified, in succeeding releases ofthe product.Information is subject to change without notice. Copyright 2007-2012. All rights reserved.Luna and the SafeNet logos are registered trademarks of Safenet Inc.Luna SA 4.1.1 Customer Release Notes 007-010109-001 Revision G Copyright 2007-2012 SafeNet Inc. 17