Standard compliance modes

Enterprise PKCS #11 coprocessors are designed to always operate in a FIPS compliant fashion. There are four optional compliances modes that a given domain can be in. The FIPS modes correspond to the FIPS 140-2 requirements as of 2009 and 2011. The BSI modes correspond to the BSI HSM protection profile, and German Bundesnetzagentur algorithms as of 2009 and 2011.

These compliance modes are not mutually exclusive and are set ON by disabling certain access control points:
  1. FIPS 2009 – Card adheres to FIPS restrictions that went into effect in 2009 – equivalent to ICSF’s FIPS140 mode. This is the default mode. A domain cannot be set to be less restrictive than this mode. This mode has the following policy/restrictions:
    1. Algorithms and keys below 80-bit of strength are not permitted.
    2. RSA private-keys may not be use without padding.
    3. Newly generated asymmetric keys always undergo selftests.
    4. The minimum keysize on HMAC is 1/2 the algorithm's output size.
    5. Only FIPS-approved algorithms (as of 2009) are present.
  2. FIPS 2011 – Card adheres to FIPS restrictions that went into effect in 2011. (More restrictive than FIPS 2009.) The following access control points would need to be disabled:
    1. Allow 80 to 111-bit algorithms.
    2. Allow non-FIPS-approved algorithms (as of 2011).
    3. Allow RSA public exponents below 0x10001.
  3. BSI 2009 – Card adheres to BSI restrictions that went into effect in 2009. The following access control point would need to be disabled:
    1. Allow keywrap without attribute-binding.
    2. Allow non-BSI-approved algorithms (as of 2009).
  4. BSI 2011 – Card adheres to BSI restrictions that went into effect in 2011. (More restrictive than BSI 2009.) The following access control points would need to be disabled:
    1. Allow keywrap without attribute-binding.
    2. Allow 80 to 111-bit algorithms.
    3. Allow non-BSI-approved algorithms (as of 2011).

Whenever a secure key is created, the current compliance mode of the Enterprise PKCS #11 coprocessor is recorded inside the secure key. If the compliance mode of the coprocessor is subsequently changed, all previously created secure keys become unusable until their compliance modes are updated. See Steps for running the pre-compiled version of testpkcs11 for information on how to modify the compliance mode of a secure key using a sample program distributed by IBM. The compliance mode of a key may also be updated by using the PKCS #11 Token Browser ISPF panels. See the z/OS Security Server RACF Security Administrator's Guide for more information on these panels.

Parent topic: Enterprise PKCS #11 coprocessors