1POLICY.CONF(5) openCryptoki POLICY.CONF(5)
2
6 policy.conf - Configuration file for openCryptoki policies.
7
10 openCryptoki uses a policy configuration file at /etc/opencryptoki/pol‐
11 icy.conf
12 This configuration file restricts the operations of openCryptoki to a
14 specific set of allowed operations. The policy allows users to re‐
15 strict keys to a minimal cryptographic strength, restrict supported el‐
16 liptic curves, mechanisms, MGFs, KDFs, or PRFs.
17
20 This file starts with a version specification of the form version pol‐
21 icy-0 followed by policy constraints.
22 A policy constraint assigns a value to a configuration key. The syntax
25 depends of the value of the key:
26 strength
29 This key defines the minimal required strength for keys, and di‐
31 gest and signature sizes. It corresponds to the definition in
32 /etc/opencryptoki/strength.conf. Valid values are 0, 112, 128,
33 192, and 256. The special value 0 allows every key and arbi‐
34 trary size of digests and signatures. The format is a simple
35 assignment:
36 strength = number
38 If other values are used, they are rounded up to the next sup‐
40 ported value. Values greater than 256 are rounded down to 256.
41 allowedmechs
44 This key specifies a list of mechanisms that are allowed by this
46 policy. The list should contain a comma-separated list of CKM_
47 constants supported by openCryptoki. The list is placed inside
48 brackets:
49 allowedmechs ( mech1, mech2 )
51 Note: This key is optional. If not present, all mechanisms are
53 allowed. If an empty list is provided, no mechanism would be
54 allowed.
55 allowedcurves
57 This key specifies a list of allowed elliptic curves. Keys that
59 do not belong to any of the allowed curves cannot be created or
60 used. The list has the same format as the allowedmechs key:
61 allowedcurves ( curve1, curve2 )
63 Valid curve names are:
65 • BRAINPOOL_P160R1
68 • BRAINPOOL_P160T1
70 • BRAINPOOL_P192R1
72 • BRAINPOOL_P192T1
74 • BRAINPOOL_P224R1
76 • BRAINPOOL_P224T1
78 • BRAINPOOL_P256R1
80 • BRAINPOOL_P256T1
82 • BRAINPOOL_P320R1
84 • BRAINPOOL_P320T1
86 • BRAINPOOL_P384R1
88 • BRAINPOOL_P384T1
90 • BRAINPOOL_P512R1
92 • BRAINPOOL_P512T1
94 • PRIME192V1
96 • SECP224R1
98 • PRIME256V1
100 • SECP384R1
102 • SECP521R1
104 • SECP256K1
106 • CURVE25519
108 • CURVE448
110 • ED25519
112 • ED448
114 Note: This key is optional. If not present, all curves are allowed.
116 An empty list allows no curve.
117 allowedmgfs
119 This key specifies the allowed Message Generation Functions
121 (MGFs) for use in RSA OAEP and RSA PSS. The value is a list of
122 CKG_ constants supported by openCryptoki. The list has the same
123 format as the allowedmechs key:
124 allowedmgfs ( mgf1, mgf2 )
126 Note: This key is optional. If not present, all MGFs are al‐
128 lowed. An empty list allows no MGF.
129 allowedkdfs
131 This key specifies the allowed Key Derivation Functions (KDFs)
133 for use in ECDH key derivation and Kyber KEM. The value is a
134 list of CKD_ constants supported by openCryptoki. This list has
135 the same format as the allowedmechs key:
136 allowedkdfs ( kdf1, kdf2 )
138 Note: This key is optional. If not present, all KDFs are al‐
140 lowed. An empty list allows no KDF.
141 allowedprfs
143 This key specifies the allowed Pseudo-Random Functions (PRFs)
145 for use in PKCS #5 PBKDF. The value is a list of PRFs. Cur‐
146 rently, the only supported value is CKP_PKCS5_PBKD2_HMAC_SHA256
147 CKP_PKCS5_PBKD2_HMAC_SHA512 which leads to the list
148 allowedprfs ( CKP_PKCS5_PBKD2_HMAC_SHA512,
150 CKP_PKCS5_PBKD2_HMAC_SHA256 )
151 Note: This key is optional. If not present, all PRFs are al‐
153 lowed. An empty list allows no PRF.
154
157 The policy configuration file has to be owned by root:pkcs11 and have
158 mode 0640. Otherwise, openCryptoki will return CKR_FUNCTION_FAILED on
159 C_Initialize and log the reason into syslog.
160 The pound sign ('#') is used to indicate a comment. Both the comment
163 character and any text after it, up to the end of the line, are ig‐
164 nored. The comment character can be used at the beginning of a line
165 (including before the file version specification), after the strength
166 value, after a comma, and before and after the bracket.
167 Since the policy indirectly refers to a strength configuration, a
170 strength configuration has to exist and be valid. If no strength con‐
171 figuration exists, no policy will be enforced. If an existing policy
172 configuration is invalid, openCryptoki cannot be used.
173 openCryptoki uses some cryptographic operations to store token objects.
176 These operations have to be allowed by the policy. Which operations
177 are needed depends on the token store format and the token (since the
178 ICSF Token as a remote token uses different crypto operations to store
179 its management data):
180 FIPS compliant format
183 Token stores in the FIPS compliant format need the mecha‐
184 nisms CKM_AES_KEY_GEN, CKM_AES_KEY_WRAP, CKM_AES_GCM,
185 CKM_PKCS5_PBKD2, the PRF CKP_PKCS5_PBKD2_HMAC_SHA512, and
186 must allow 256 bit AES keys.
187 legacy format
189 Token stores in legacy format need the mechanisms
190 CKM_DES3_KEY_GEN, CKM_DES3_CBC, CKM_AES_KEY_GEN,
191 CKM_AES_CBC, CKM_SHA1, CKM_MD5 and must allow 2-key TDES
192 keys (80 bit symmetric keys with 64 bit signatures).
193 ICSF Token store
195 CKM_AES_KEY_GEN, CKM_AES_CBC, CKM_SHA1, CKM_MD5
196 CKM_PKCS5_PBKD2, the PRF CKP_PKCS5_PBKD2_HMAC_SHA256, and
197 must allow 256 bit AES keys.
198 Tokens cannot be loaded if their token store format is not supported by
200 the policy. If a token cannot be loaded, a message is printed into
201 syslog detailing the policy violation. To fix this problem, make sure
202 the token format is allowed by your policy (either by satisfying above
203 constraints or by temporarily removing /etc/opencryptoki/policy.conf)
204 and migrate your token store, e.g., to the FIPS-compliant format.
205
208 strength.conf(5),
209 opencryptoki(7),
210 pkcstok_migrate(1),
211 /usr/share/doc/opencryptoki/policy-example.conf
2123.21.0 September 2021 POLICY.CONF(5)