nShield Security World Release Notes

Remote Administration

v12.00

v12.40

Pool Mode

v12.30

v12.50 (new)

SafeSign Cryptographic Module mechanisms

v12.40

v12.40

Deterministic DSA

v12.40

v12.50 (new)

Derive key support for Hyperledger

v12.40

v12.50 (new)

DeriveKey ACLs

v12.40

v12.50 (new)

nShield Solo,

nShield Solo+

Monitor: /firmware/2-60-1/ldb_ncx3p-26.nff

Firmware: /firmware/12-50-2/ncx3p-29.nff

29      

nShield Edge

Monitor: /firmware/2-50-16/ldb_ncx1z-24.nff

Firmware: /firmware/12-50-2/ncx1z-29.nff

29

nShield Solo XC

firmware/12-50-2/ncx5e-37.nff

37

nShield Connect,

nShield Connect+

nethsm-firmware/12.50.4cam4/nCx3N.nff

12.50.2

(VSN = 29)

31      

nShield Connect XC

nethsm-firmware/12.50.4cam4/nCx3N.nff

12.50.2

(VSN = 37)

31

nShield Solo,

nShield Solo+

Monitor: /firmware/2-60-1/ldb_ncx3p-26.nff

Firmware: /firmware/2.61.2/ncx3p-26.nff

29      

nShield Edge

Monitor: /firmware/2-50-16/ldb_ncx1z-24.nff

Firmware: /firmware/2.61.1/ncx1z-26.nff

29

nShield Solo XC

firmware/3.4.2/ncx5e-37.nff

37

nShield Connect,

nShield Connect+

nethsm-firmware/12.50.4cam4-fips/nCx3N.nff

2.61.2

(VSN = 29)

31      

nShield Connect XC

nethsm-firmware/12.50.4cam4-fips/nCx3N.nff

3.4.2

(VSN = 37)

31

Microsoft Windows Server 2016 Core x64

Y

Y

Y

N

Microsoft Windows Server 2016 x64

Y

Y

Y

Y

Microsoft Windows Server 2012 R2 x64

Y

Y

Y

Y

Microsoft Windows Server 2008 R2 x64

Y

Y

Y

Y

Microsoft Windows 7 x64

Y

Y

Y

Y

Microsoft Windows 10 x64

Y

Y

Y

Y

Red Hat Enterprise Linux AS/ES 6 x86

Y

N

Y

Y

Red Hat Enterprise Linux AS/ES 6 x64

Y

Y

Y

Y

Red Hat Enterprise Linux AS/ES 7 x64

Y

Y

Y

Y

SUSE Enterprise Linux 11 x64 SP2

Y

Y

Y

Y

SUSE Enterprise Linux 12 x64

Y

Y

Y

Y

Oracle Enterprise Linux 6.8 x64

Y

Y

Y

Y

Oracle Enterprise Linux 7.1 x64

Y

Y

Y

Y

Microsoft Hyper-V Server 2012

N

N

Y

N

Microsoft Hyper-V Server 2016

N

Y

Y

N

VMWare ESXi 6.5

N

Y

Y

N

Citrix XenServer 6.5

N

Y

Y

N

NSE-15165

When unplugging a nShield Edge from its host a script error may be logged in the edgeHandler.log file. This has now been resolved.

NSE-15108

Fixed an issue on Windows platforms that caused the raserv process with the "-c" or "-L" options to crash.

NSE-14427

generatekey failed to generate PKCS#11 keys if an ACS card was in the slot. This is no longer the case

NSE-14012

Fixed an issue that could cause the hardserver to abort when running CodeSafe applications.

NSE-14190

A successful call to C_GetOperationState failed to set the length pulOperationStateLen, leaving it as the value passed in. This has been corrected.

NSE-13995

Fixed an issue in the GnuPG patch for integrating with nShield hwcrhk which could cause an assertion failure.

NSE-13590

When a badly-formatted ECDSA signature was presented to the nShield JCE provider, an Exception with an incorrect error message was thrown. The 'expected' and 'got' values were reversed. This has now been corrected.

NSE-13332

A number of race conditions were identified in multi-threaded use of nCipherKM. The relevant code is now protected by mutexes.

NSE-13477

Fixed an issue where the Remote Administration Client GUI or raccmd tool could fail due to incorrect processing of network messages.

NSE-13102

Fixed an issue in the nFast Server service that caused Windows machines to wake from sleep mode.

NSE-13370

Fixed an issue in the nShield JCE provider that prevented MGF1 algorithms being usable with Java’s {{keytool}} due to failure to declare the OID for those algorithms.

NSE-12799

Previously, the online help for Cmd_SetNSOPerms did not include NSOPerms_ops_OriginateKey in the list of public permissions that should not be set to fully comply with FIPS 140-2 level 3. This has now been corrected.

NSE-12747

Malformed commands or commands with invalid data could remain on the list of commands awaiting reply indefinitely, impacting performance of programs using nfjava or the nCIpherKM JCE provider. Such commands are now removed from the list when detected. The list has also been reimplemented to reduce the impact of large numbers of waiting commands.

NSE-12509

JCE CSP certificates have been upgraded to RSA 3072-bit with SHA-256. Note that this requires the following patch levels for Java: 9/8u111/7u121/6u131 (October 2016) and later.

NSE-12556

Our PKCS#11 library advertised a limit of 4096 bits for RSA keys despite being capable of handling longer keys. The advertised limit has been raised to 8192 bits.

NSE-12493

Previously, by default the nFast Server service on Windows accepted privileged local connections from any user, unless explicitly restricted with the nt_privpipe_users field in the config file. Now the default has been changed so that only processes with local administrative privilege are allowed to issue privileged connections to nFast Server on Windows by default. The nt_privpipe_users field continues to be available in config to enable a user-specified user or group to be permitted to make privileged connections. See also notes below for outstanding issue NSE-11885.

NSE-11821

Losing communication with a single HSM could cause C_GetSlotList to fail. C_GetSlotList has been made more robust.

NSE-11669

"The incorrect product name was reported for SoloXC and ConnectXC HSMs by enquiry. enquiry now reports: product name nC3025E/nC4035E/nC4335N"

NSE-11569

Strict FIPS mode on SoloXC does not permit the generation of 1024-bit RSA keys. ckcheckinst has been updated to use 2048 bit RSA and DSA keys.

NSE-11535

Fixed an issue in the nShield CNG Key Storage Provider where the NCryptEnumAlgorithms function did not list any algorithms unless an algorithm class was specified.

NSE-10681

NShield JCE CSP signatures now include a timestamp.

NSE-10632

Server permission mismatches were always reported, even when a matching permission was found. Now they are only reported when permission is not granted.

NSE-10586

Fixed an issue that could cause the hardserver service to get stuck in an infinite loop on Windows.

NSE-10584

Fixed an issue that could cause the hardserver to allocate large amounts of memory or abort.

NSE-10495

Fixed an issue where SoloXC devices would not be detected in machines with fast boot-up.

NSE-10335

The implementation of select() in BSDlib library for SEE mishandled errors on non-blocking streams, always returning EWOULDBLOCK in that case. This has been corrected.

NSE-10184

Java 8 made changes to the Sun PKCS11 provider, so that the key generation would fail in our PKCS#11 library, even with JCE Compatibility mode enabled. JCE compatibility mode has been changed to meet the new requirements.

NSE-9744

The generatekey utility now defaults to SHA-256 rather than SHA-1 for certification requests.

NSE-9745

The CodeSafe SEE machine signing tool incorrectly used SHA-1 to identify SEE machines being signed when signing with a stronger hash. It has been fixed to consistently use the same hash for signing and SEE machine identification.

NSE-9674

Fixed an issue that prevented enquiry from reporting connection information for failed nShield Connects.

NSE-12118

Fixed an issue that prevented miniHSM-based nTokens from being recognized automatically on Windows.

NSE-11943

Nethsmadmin now returns a non-zero exit status if an image upgrade operation fails.

NSE-11909

"The deprecated CodeSafe SSL library has been removed. OpenSSL is available to CodeSafe applications using the supplied nShield patch for CodeSafe and is the recommended replacement for CodeSafe SSL."

NSE-11460

Fixed an issue in the CodeSafe developer tools that caused SEE machines to fail on SoloXC and ConnectXC.

NSE-11242

The nCipher MIB has been updated to allow 'softcard' as a valid option for key protection.

NSE-11053

Malformed FTSessionOpen commands were mishandled, potentially causing the hardserver to abort. This mishandling has been corrected.

NSE-11018

Fixed an issue that could cause the hardserver to abort in response to some port scanning tools.

NSE-10890

Corrected symlink configuration for nTokens on Linux to prevent an error being logged.

NSE-8202

Creating a DLf3072s256mRijndael ciphersuite Security World with remote administration sometimes failed with OperationTimeout. The default timeout for card_remove_detect_time_limit has now been increased to address this.

NSE-8508

The OpenSSL patch supplied with the CodeSafe developer kit has been updated to support version 1.0.2o.

NSE-9393

The OpenSSL binaries bundled with nShield have been updated to 1.0.2o.

NSE-6745

Previously, the CNG Key Storage Provider logged failure to find a key with a given name as an error-level message in logs. It is now possible to configure whether such events are considered errors. See the User Guide for more information.

NSE-5938

ckcheckinst attempted to use RSA encryption with PKCS#1 V1.5 padding. This will fail in Security Worlds created with the --disablepkcs1pad option. ckcheckinst has been updated to use OAEP padding instead.

NSE-3621

The Remote Administration Client now attempts to establish an exclusive connection to the nShield Remote Administration Card. If an exclusive connection cannot be established, a shared connection to the card is made and a warning is displayed to the user regarding potential interference with Remote Administration operations from other processes.

NSE-12830

Fixed an issue that could cause the hardserver service to leak small amounts of memory.

NSE-6804

It is now enforced that the file {{/etc/nfast.conf}} is only writable by root if it exists.

NSE-2485

The Impath kx group DHPrime1024 is no longer supported. All Impath communication will now use DHPrime3072 or DHPrime3072Ex.

NSE-15287

Improved the CodeSafe Developer examples.

NSE-1613

Improved the workflow in the CNG wizard workflow as part of the Softcards in CNG feature.

NSE-6010

Corrected an issue with perfcheck reporting results for Mid/High speed Solo XCs.

NSE-11686

The client application can loop infinitely because it fails to clean its command queue when the connection is broken. The fix removes these outstanding commands and marks them as failed.

NSE-15234

Previously nfkmverify incorrectly assumed that a key with a timeout cannot be protected with a non-persistent token or softcard. This has now been corrected.

NSE-4568

The hardserver on Windows was previously binding to all interfaces instead of just loopback for ports 9000/9001 used for local TCP client connections in some cases. TCP connections from external addresses were, however, rejected by the hardserver internally in spite of this. Now the hardserver binds to local loopback only for local TCP client connections.

NSE-4160

If CNG providers were manually uninstalled and then installed using the cnginstall utility whilst the provider DLLs were in use by a process, then the provider DLLs were installed incorrectly on next reboot. This has now been fixed, and the provider DLLs are now copied correctly on reboot. Installation and uninstallation with the cnginstall utility when the provider DLLs were not in use took immediate effect and was not affected by this issue.

NSE-3827

Previously, executables with non-ASCII characters in their path or name failed to connect to the hardserver with the error Status_Malformed. Now, non-ASCII characters in hardserver client paths and executable names are tolerated, but statistics information (e.g. as reported by stattree) will still show only ASCII characters for the process name in hardserver client connections.

NSE-1934

Fixed an issue in the nShield CAPI CSPs that could cause CryptDestroyHash to fail with error 0x57 "The parameter is incorrect".

NSE-11289

Solo XC now correctly returns the stattree MemAllocUser parameter when a SEE app is running (previously would always return 0)

NSE-10230

The Cmd_NVMemAlloc command only used the supplied file name up to the first zero byte, not respecting the length parameter. This has been corrected.

NSE-14148

When changing the MOI settings on a nShield Edge the hardserver sometimes generated an assert and exited. This has now been handled as an error.

NSE-14882

With a CodeSafe application running, HSMs were reporting a very high idle command count (shown via stattree). This has been corrected.

NSE-15528

When using HSP Pool mode, multiple "Notice: Calling transform_reply" messages could appear in the hardserver log. This has been corrected.

NSE-9064

Windows Authenticode timestamps use the SHA-256 digest algorithm in place of SHA-1.

NSE-12626

The deprecated function SEElib_StopTransactListener is no longer supported nShield HSMs.

NSE-15289

Fixed an issue that prevented the module’s monitor firmware from being updated when expected in nShield Connects.

NSE-10779

NShield Connect firmware upgrades were allowed to start which eventually failed due to VSN downgrade protections on internal components of the Connect. This aborted upgrade left the nShield Connect in an inconsistent but usable state. There is now a "pre-flight-check" to avoid starting nShield Connect firmware upgrades that cannot complete.

NSE-8920

Fixed an issue that prevented remote loading of SEE machines to an nShield Connect XC.

NSE-3684

Changed the way system time and date are set from the nShield Connect front panel so that a reboot is no longer required, avoiding time discrepancies that have been seen occasionally.

NSE-12006

Fixed an issue where an nShield Connect may fail to reboot after 50 upgrades.

NSE-16075

Fixed an issue where enabling audit logging, either explicitly or by creating a Common Criteria CMTS mode Security World, on an nShield Connect HSM could lead to the HSM becoming unresponsive

NSE-11839

The generation of RSA keys has been updated to ensure strict compliance to FIPS 186-4. Prior to this it was theoretically possible to generate a non-compliant key although the probability was so low that it is unlikely that such a key has ever been generated.

NSE-10522

DSA signature generation now performs the check and regeneration of the signature if r or s are equal to zero for compliance with FIPS186-4.

NSE-9964

KLF is no longer allowed in new Security Worlds created in 12.50 and has been replaced by KLF2

NSE-9848

Diffie-Hellman (DH) keys produced prior to 12.50 were not strictly compliant to SP800-56Arev2. In 12.50 they have been replaced by a new key type, DHEX, that is compliant to SP800-56Arev2.

NSE-9598

A pairwise consistency check has been implemented in the OP_CRYPT operation for generated keys to ensure that the plaintext and ciphertext are different.

NSE-12031

Initiating loading a token from shares (Cmd_LoadLogicalToken) now sets the insertion time of the token to the current time.

NSE-11158

When using many different large RSA or DSA keys on Solo+ under heavy load the HSM may eventually fail. This issue was found with 8kbit keys but may also cause failures with other large key sizes.

NSE-10576

Fixed an issue with generating key pairs in CodeSafe in cases where the command takes more than 100 seconds to complete.

NSE-11409

Limited the memory statistics gathering to once every 30 minutes

NSE-1457

For nShield Solo and Solo+ added a memory-protection scheme to mitigate vector-rewrite attacks.

NSE-1339

Operations using the RIPEMD160 algorithm are now restricted from use when operating in a Security World created to be compliant to FIPS 140-2 level 3.

NSE-13268

Solo XC now records and reports the Max and Min temperature of the HSM (StatID_MaxTempC and StatID_MinTempC in stattree). This matches the behaviour of the Solo+ HSM.

NSE-13678

The Solo XC will no longer process any messages following a tamper event. This matches the behaviour of the Solo+ HSM.

NSE-13612

RSA Key generation performance has been improved on the Solo XC Base.

NSE-9761

KML signatures could use SHA-1 with 3072-bit keys. KML signatures can no longer use SHA-1 with 3072-bit keys

NSE-10245

In environments where an OCS card is left in a smartcard reader to authorise an ongoing operation, the continuous presence of the card may be mistakenly interrupted resulting in the removal of authorisation. This does not affect remote administration slots, or Remote Administration Ready smartcards (whether they are in remote administration slots or not). This does not affect persistent OCS. This defect was introduced in v12 firmware.

NSE-11849

Hardware error reporting and MOI changes do not work in HPUX

MEI-3390

When using Ubuntu 12.04 and later then the jpeg compatibility library package libjpeg62 must be installed for the Remote Administration Client.

NSE-2861

Multiple Remote Administration GUI clients on a PC can use the same card reader to connect to multiple dynamic slots, causing one or both to work incorrectly, e.g. reporting UnknownCard. Avoid doing this.

MEI-2801

MEI-2805

You are recommended to not use more than four TVDs or standard card readers on a single Remote Administration Client system as it can run out of resources if an excessive number of card readers are used.

MEI-2481

RSA token card services prevent the Remote Administration Client from working on Microsoft Windows OS (e.g. RAC hangs displaying "reading…"); these need to be disabled in the Windows Task Manager services table to allow Remote Administration smart cards to work with both the TVD and other smart card readers.

MEI-4480

On rare occasions, leaving a Remote Administration smart card in a dynamic slot for a prolonged period can result in SecureChannelFailed.

NSE-2860

Switching to Maintenance mode while an Association with a dynamic slot exists causes an UnknownCommand error

MEI-3940

Remote Administration Support Client Tools Setup can pause for up to 2 minutes with no feedback to user (Windows)

MEI-4029

Running racgui on SUSE 12 shows GTK assertions from wxpy

MEI-4401

MEI-3383

Any previous nShield Security World Software must be uninstalled before installing the Remote Administration Client software. If you want the Remote Administration Client software installed alongside your Security World Software it is available (and installed by default) via the Security World Software installer.

NSE-6939

On OS-X the Tab key does not navigate between controls on the wizard pages and the Return key does not perform the default action. All operations can be accomplished with either a mouse or touchpad.

NSE-7088

Installing the RAC on OS X for the current user will not recognize the TVD. This is due to the TVD driver not being installed in this scenario. It is necessary to install separately the TVD driver for all users to allow the TVD to be recognized.