PKCS#11 Developer libraries

The nShield PKCS #11 libraries, and libcknfast.a (nShield tools only) on Linux, and cknfast.lib and cknfast.dll on Windows are provided so that you can integrate your PKCS #11 applications with the nShield hardware security modules.

The nShield PKCS #11 libraries:

  • Provide the PKCS #11 mechanisms listed in Mechanisms

  • Help you to identify potential security weaknesses, enabling you to create secure PKCS #11 applications more easily.

Checking the installation of the nShield PKCS #11 library

After you have created a Security World, ensure that the nShield PKCS #11 library has been successfully installed with ckcheckinst.

PKCS #11 security assurance mechanism

It is possible for an application to use the PKCS #11 API in ways that can introduce potential security weaknesses. For example, it is a requirement of the PKCS #11 standard that the nShield PKCS #11 libraries are able to generate keys that are explicitly exportable in plain text. An application could use this ability in error when a secure key would be more appropriate.

The nShield PKCS #11 libraries are provided with a configurable security assurance mechanism (SAM). SAM helps prevent PKCS #11 applications from performing operations through the PKCS #11 API that may compromise the security of cryptographic keys. Operations that reveal questionable behavior by the application fail by default with an explanation of the cause of failure.

If you decide that some operations that carry a higher security risk are acceptable to you, then you can reconfigure the nShield PKCS #11 library to permit these operations by means of the environment variable CKNFAST_OVERRIDE_SECURITY_ASSURANCES. You must think carefully, however, before permitting operations that could compromise the security of cryptographic keys. For more information about the environment variable and its parameters, see the User Guide for your HSM.

It is your responsibility as a security developer to familiarize yourself with the PKCS #11 standard and to ensure that all cryptographic operations used by your application are implemented in a secure manner.

If no parameters are supplied to the environment variable, the nShield PKCS #11 library fails and issues a warning, with an explanation, when the following operations are detected:

  • Short term session keys created as long term objects

  • Keys that can be exported as plain text are created

  • Keys are imported from external sources

  • Wrapping keys are created or imported

  • Unwrapping keys are created or imported

  • Keys with weak algorithms (for example, DES) are created

  • Keys with short key length are created.

Key security

Questionable operations largely relate to the concept of a key being secure. A private or secret key is considered insecure if there is some reason for believing that its value may be available outside the HSM. Public keys are never considered insecure; by definition they are intended to be public.

An explicitly insecure PKCS #11 key is one where CKA_SENSITIVE is set to false. If an application uses a key that is insecure but CKA_SENSITIVE is not set to false, it is possible that the application is using an inadequate concept of key security, and that the library disallows use of that key by default. Use of insecure keys should, by default, be restricted to short-term session keys, and applications should explicitly recognize the insecurity.