IBM 64-bit SDK for Windows platforms, Java Technology Edition

Security User Guide

Version 5 Release 0

Copyright International Business Machines Corporation 2003, 2008.
US Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

Contents

Preface
General information about IBM security providers
iKeyman tool
Java Authentication and Authorization Service (JAAS) V2.0
History of changes
JAAS Active Login
Using JAAS Active Login
Java Certification Path (CertPath)
History of changes
Java Cryptography Extension (JCE)
History of changes
Java Generic Security Service (JGSS)
History of changes
IBMJSSE2 Provider
Differences between the IBMJSSE Provider and the IBMJSSE2 Provider
Differences between the IBMJSSE2 Provider and Sun's version of JSSE
History of changes
IBMJCEFIPS Provider
IBM SASL Provider
Key Certificate Management utilities
Notices
Trademarks

Preface

The security components described in this user guide are shipped with the SDK and are not extensions. They provide a wide range of security services through standard Java™ APIs (except iKeyman). The security components contain the IBM® implementation of various security algorithms and mechanisms. IBM does not provide support for any of the IBM Java security components when used with a non-IBM JVM or with non-IBM security providers when used with the IBM JVM.

The IBM SDK also provides a FIPS 140-2 certified cryptographic module, IBMJCEFIPS, implemented as a JCE provider. Applications can comply with the FIPS 140-2 requirements by using the IBMJCEFIPS module.

The CertPath component provides PKIX-compliant certification path building and validation.

The JGSS component provides a generic API that can be plugged in by different security mechanisms. IBM JGSS uses Kerberos V5 as the default mechanism for authentication and secure communication.

The JAAS component provides a means for principal-based authentication and authorization.

The JCE framework has two providers: IBMJCE is the pre-registered default provider; IBMJCEFIPS is optional.

JSSE is the Java implementation of the SSL and TLS protocols. The JSSE pre-registered default provider is IBMJSSE2.

IBM Java Simple Authentication and Security Layer, or SASL, is an Internet standard (RFC 2222) that specifies a protocol for authentication and optional establishment of a security layer between client and server applications.

The Java security configuration file does not refer to the Sun provider. The IBM JCE provider has replaced the Sun provider. The JCE supplies all the signature handling message digest algorithms that were previously supplied by the Sun provider. It also supplies the IBM secure random number generator, IBMSecureRandom, which is a real Random Number Generator. SHA1PRNG is a Pseudo Random Number Generator and is supplied for code compatibility. SHA1PRNG is not guaranteed to produce the same output as the SUN SHA1PRNG.

In the IBM SDK v1.4.1, the following options were added to the java.security.debug property to help you debug Java Cryptography Architecture (JCA)-related problems:

provider
Displays each provider request and load, provider add, and provider remove. It also displays the related exception when a provider load fails.
algorithm
Displays each algorithm request, which provider has supplied the algorithm, and the implementing class name.
:stack
You can append this option to either of algorithm - or provider. When you request an algorithm, a stack trace is displayed. Use this stack trace to determine the code that has requested the algorithm. This option also prints the stack trace for exceptions that are caught or converted.
:thread
Adds the thread id to all debug message lines. You can use this option together with all the other debug options.

An example of a valid option string is "provider, algorithm:stack".

In this guide, there is a 'What's new' section for each component. This information is provided to help you with migration.

General information about IBM security providers

Overview of the security providers tested with the IBM SDK.

The IBM SDK v5.0 has been tested with the following default security providers:

You can add other IBM security providers either statically or from within your Java application's code. To add a new provider statically, edit a Java security properties file (for example, java.security). To add a new provider from your application's code, use the methods of the java.security.Security class (for example, java.security.Security.addProvider()).

You can also add this IBM security provider, com.ibm.crypto.fips.provider.IBMJCEFIPS.

Note that code written for the IBMJSSE Provider might not compile or execute in exactly the same way for IBMJSSE2. For details, see IBMJSSE2 Provider.

iKeyman tool

The iKeyman utility is a tool for key databases containing digital certificates and keys.

With iKeyman, you can:

History of changes

Version 1.4.1
Added an iKeyman wrapper that invokes the correct tool class.

Documentation

For more information, including information about the iKeyman GUI, see the iKeyman User Guide at: http://www.ibm.com/developerworks/java/jdk/security/index.html.

Java Authentication and Authorization Service (JAAS) V2.0

The Sun Microsystems Java platform provides a means to enforce access controls based on where code came from and who signed it. These access controls are needed because of the distributed nature of the Java platform where, for example, a remote applet can be downloaded over a public network and then run locally.

However, before SDK v1.4.0, the Java platform did not provide a way to enforce similar access controls based on who runs the code. To provide this type of access control, the Java security architecture requires the following:

The Java Authentication and Authorization Service (JAAS) framework provides these enhancements.

For a general overview of JAAS, see the Sun Web site: http://java.sun.com/products/jaas.

Differences between IBM and Sun versions of JAAS

IBM implementations are contained in the com.ibm.* package instead of the com.sun.* package. IBM has also added Active Login to JAAS.

See JAAS Active Login for more information about Active Login.

Further reading

For detailed information, including API documentation and samples, see the developerWorks® Web site at http://www.ibm.com/developerworks/java/jdk/security/index.html. This site contains the LoginModule Developer's Guide and sample code in "HelloWorld.tar".

History of changes

A history of the changes to the Java Authentication and Authorization Service (JAAS) since it was added to the SDK.

JAAS Active Login

The IBM version of JAAS for Windows® contains an additional function called Active Login. Because Windows has an extensive security infrastructure, it is important on servers to allow a Java program to log on as a particular Windows user and run with the underlying operating system knowing the security identity on a particular thread.

Without this extended support, JAAS would allow Java programs to know who the user is, strictly on a Java level. With this extended support, Java programs can log in as different users and have even non-Java programs (such as the Windows kernel) enforce security appropriately.

The following classes contain the additional support for Active Login:

com.ibm.security.auth.NTThreadSubject
This is the gateway to changing identities on an operating system thread level.
com.ibm.security.auth.module.Win64ActiveLoginModule
This is specified in the login configuration file. If you construct a LoginContext using a string name that calls this LoginModule, and you supply a CallbackHandler that can supply a valid user ID and password, you can log on.
com.ibm.security.auth.module.Win64ActiveSystem
This is an implementation class, largely hidden from users.

These classes are described in the JAAS APIs that are included with the Java SDK.

Using JAAS Active Login

To log on to Windows, an authorized program is required. The Runtime Environment contains a Windows service that can perform the login operation. This task will show you how to use the service.

  1. Log on as an administrator.
  2. Open a command prompt window. Select Start -> Programs -> Accessories -> Command Prompt. On Windows Vista, right-click on Command Prompt and select "Run as administrator".
  3. Change to the bin directory of the Runtime Environment. Type cd C:\Program Files\IBM\Java50\jre\bin. Your Runtime Environment may be installed in a different directory.
  4. Install or remove the service using the provided program.

What to do next

Remember: If you do not remove JAASLogon from the Service Manager Autostart list before removing the Runtime Environment, you will get a "Failed Service" error when logging on to Windows. To remove the error, remove jaaslogon.exe from the Service Manager Autostart list.

The following error messages are associated with starting and removing JAASLogon:

 jaaslogon Difficulty in starting JaasLogon, error code = 1063  Cause:  Incorrect syntax.  The correct syntax is jaaslogon -install
jaaslogon -install Difficulty in CreateService, error code = 1073  Cause:  The service has already been started.  
jaaslogon -remove In OpenService, error Code = 1060  Cause:  The service cannot be removed since it was not started.

Java Certification Path (CertPath)

The Java Certification Path API provides interfaces and abstract classes for creating, building, and validating certification paths (also known as "certificate chains").

Differences between IBM and Sun versions of CertPath

The IBM CertPath classes differ from the Sun version in the following ways:

Documentation

For detailed information, including API documentation and samples, see the developerWorks Web site, at http://www.ibm.com/developerworks/java/jdk/security/index.html.

History of changes

A history of the changes to CertPath since it was added to the SDK.

Changes for Version 5.0

Changes for Version 1.4.2

Changes for Version 1.4.1, Service Refresh 1

Changes for Version 1.4.0

Java Cryptography Extension (JCE)

The Java Cryptography Extension (JCE) provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects. JCE supplements the Java platform, which already includes interfaces and implementations of message digests and digital signatures.

You can obtain unrestricted jurisdiction policy files from http://www.ibm.com/developerworks/java/jdk/security/index.html. |The policy files are replaced with restricted |policy files when you upgrade your SDK. Before upgrading your SDK, |make a backup of your policy files. After upgrading your SDK, install |your backup policy files if you need an unrestricted policy.

The v1.4.2 unrestricted (and restricted) jurisdiction policy files are suitable for use with v5.0 and later. The v1.4.1 files are not suitable.

Differences between IBM and Sun versions of JCE

The com.sun.* packages are reimplemented by IBM and renamed com.ibm.* packages.

The IBM version of JCE differs from the Sun version in the following ways:

Documentation

For detailed information, including API documentation and samples, see the developerWorks Web site at http://www.ibm.com/developerworks/java/jdk/security/index.html.

History of changes

A history of the changes to the Java Cryptography Extension (JCE) since it was added to the SDK.

Changes for Version 5.0, Service Refresh 4

Changes for Version 5.0

Changes for Version 1.4.2

Changes for Version 1.4.0

Java Generic Security Service (JGSS)

Java Generic Security Service (JGSS) API provides secure exchange of messages between communicating applications.

JGSS is an API framework that uses Kerberos V5 as the underlying default security mechanism. The API is a standardized abstract interface under which you can plug different security mechanisms that are based on private-key, public-key, and other security technologies.

JGSS shields secure applications from the complexities and peculiarities of the different underlying security mechanisms. JGSS provides identity and message origin authentication, message integrity, and message confidentiality. JGSS also features an optional Java Authentication and Authorization Service (JAAS) Kerberos login interface, and authorization checks. JAAS augments the access control features of Java, which is based on CodeSource with access controls based on authenticated principal identities.

Differences between IBM and Sun versions of JGSS

The IBM version of JGSS differs from the Sun version in the following ways:

Documentation

For detailed information about JGSS, including API documentation and samples, see the developerWorks Web site, at http://www.ibm.com/developerworks/java/jdk/security/index.html.

History of changes

A history of the changes to the Java Generic Security Service (JGSS) since it was added to the SDK.

Changes for Version 5.0, Service Refresh 1

Added AES as a supported algorithm type
These additional algorthims can be set in the krb5.conf file under [libdefault] as follows:
default_tkt_enctypes = aes128-cts-hmac-sha1-96
default_tkt_enctypes = aes256-cts-hmac-sha1-96
default_tgs_enctypes = aes128-cts-hmac-sha1-96
default_tgs_enctypes = aes256-cts-hmac-sha1-96

default_checksum = hmac-sha1-96-aes128
default_checksum = hmac-sha1-96-aes256

Changes for Version 5.0

TCP or UDP Preference Configuration
Added JSE support for the udp_preference_limit property in the Kerberos configuration file (krb5.ini). When sending a message to the KDC, the JSE Kerberos library will use TCP if the size of the message is above udp_preference_list. If the message is smaller than udp_preference_list, UDP will be tried up to three times. If the KDC indicates that the request is too big, the JSE Kerberos library will use TCP.
IPv6 support in Kerberos
Added JSE support for IPv6 addresses in Kerberos tickets. Before v5.0, only IPv4 addresses were supported in tickets.
TGT Renewals
Added support for Ticket Granting Ticket (TGT) renewal to the Java Authentication and Authorization Server (JAAS) Kerberos login module, Krb5LoginModule. This support allows long-running services to renew their TGTs automatically without user interaction or requiring the services to restart. With this feature, if Krb5LoginModule obtains an expired ticket from the ticket cache, the TGT will be automatically renewed and be added to the Subject of the caller who requested the ticket. If the ticket cannot be renewed for any reason, Krb5LoginModule will use its configured callback handler to retrieve a username and password to acquire a new TGT.

To use this feature, configure Krb5LoginModule to use the ticket cache and set the newly introduced renewTGT option to true. Here is an example of a JAAS login configuration file that requests TGT renewal:

server {
  com.ibm.security.auth.module.Krb5LoginModule required
        principal=principal@your_realm
		useDefaultCcache=TRUE
		 renewTGT=true;
};
Note that if renewTGT is set to true, useDefaultCcache must also be set to true; otherwise, it results in a configuration error.

Changes for Version 1.4.2

Configurable Kerberos Settings
You can provide the name and realm settings for the Kerberos Key Distribution Center (KDC) either from the Kerberos configuration file or by using the system properties files java.security.krb5.kdc and java.security.krb5.realm. You can also specify the boolean option refreshKrb5Config in the entry for Krb5LoginModule in the JAAS configuration file. If you set this option to true, the configuration values will be refreshed before the login method of the Krb5LoginModule is called.
Added support for Slave Kerberos Key Distribution Center
Kerberos uses slave KDCs so that, if the master KDC is unavailable, the slave KDCs will respond to your requests. In previous releases, Kerberos tried the master KDC only and would give up if there was no response within the default KDC timeout.
Added support for TCP for Kerberos Key Distribution Center Transport
Kerberos uses UDP transport for ticket requests. In cases where Kerberos tickets exceed the UDP packet size limit, Kerberos supports automatic fallback to TCP. If a Kerberos ticket request using UDP fails and the KDC returns the error code KRB_ERR_RESPONSE_TOO_BIG, TCP becomes the transport protocol.
Kerberos Service Ticket in the Subject's Private Credentials
The Kerberos service ticket is stored in the Subject's private credentials. This gives you access to the service ticket so that you can use it outside the JGSS (for example, in native applications or for proprietary uses). In addition, you can reuse the service ticket if the application tries to establish a security context to the same service again. The service ticket should be valid for it to be reusable.

Changes for Version 1.4.1

IBMJSSE2 Provider

The Java Secure Socket Extension (JSSE) is a Java package that enables secure internet communications. It implements a Java version of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols and includes functions for data encryption, server authentication, message integrity, and optional client authentication.

By abstracting the complex underlying security algorithms and "handshaking" mechanisms, JSSE minimizes the risk of creating subtle but dangerous security vulnerabilities. Also, it simplifies application development by serving as a building block that you can integrate directly into your applications. Using JSSE, you can provide for the secure passage of data between a client and a server running any application protocol (such as HTTP, Telnet, NNTP, and FTP) over TCP/IP.

The FIPS provider included with the SDK is undergoing certification with the US Government. The certification progress is available on the CSRC Web site: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf.

Documentation

For detailed information, including API documentation and samples, see http://www.ibm.com/developerworks/java/jdk/security/index.html.

Differences between the IBMJSSE Provider and the IBMJSSE2 Provider

The IBMJSSE2 Provider, which was introduced in the v1.4.2 SDK, has replaced the IBMJSSE Provider. Although they are nearly equivalent, there are differences between the two providers.

The now-discontinued IBMJSSE Provider and the IBMJSSE2 Provider differ in the following ways:

Differences between the IBMJSSE2 Provider and Sun's version of JSSE

Although they are nearly equivalent, there are differences between the IBMJSSE2 Provider and the Sun JSSE Provider.

The IBMJSSE2 Provider differs from the Sun JSSE in the following ways:

History of changes

A history of the changes to the IBMJSSE2 Provider since it was added to the SDK.

Changes for Version 5.0, Service Refresh 5

Changes for Version 5.0

Changes for Version 1.4.2.

The IBMJSSE2 Provider is new for Version 1.4.2.

IBMJCEFIPS Provider

The IBM Java JCE (Java Cryptographic Extension) FIPS Provider (IBMJCEFIPS) for multi-platforms is a scalable, multi-purpose cryptographic module that supports FIPS-approved cryptographic operations through Java APIs.

The IBMJCEFIPS includes the following Federal Information Processing Standards (FIPS) 140-2 [Level 1] compliant components:

To meet the requirements specified in the FIPS publication 140-2, the encryption algorithms used by the IBMJCEFIPS Provider are isolated into the IBMJCEFIPS Provider cryptographic module, which you can access using the product code from the Java JCE framework APIs. Because the IBMJCEFIPS Provider uses the cryptographic module in an approved manner, the product complies with the FIPS 140-2 requirements.

Type Algorithm Specification
Symmetric Cipher AES (ECB, CBC, OFB, CFB and PCBC) FIPS 197
Symmetric Cipher Triple DES (ECB, CBC, OFB, CFB and PCBC) FIPS 46-3
Message Digest
SHA1
SHA-256
SHA-384
SHA-512
HMAC-SHA1
FIPS 180-2



FIPS 198a
Random Number Generator FIPS 186-2 Appendix 3.1 FIPS 186-2
Digital Signature DSA (512 - 1024) FIPS 186-2
Digital Signature RSA (512 - 2048) FIPS 186-2

In addition, the IBMJCEFIPS supports the following unapproved algorithms:

Type Algorithm Specification
Asymmetric Cipher RSA PKCS#1
Key Agreement Diffie-Hellman PKCS #3 (Allowed in Approved mode)
Digital Signature DSAforSSL Allowed for use within the TLS protocol
Digital Signature RSAforSSL Allowed for use within the TLS protocol
Message Digest MD5 FIPS 180-2
Random Number Generation Universal Software Based Random Number Generator Available upon request from IBM. Patented by IBM, EC Pat. No. EP1081591A2, U.S. pat. Pend.
Important: The com.ibm.crypto.fips.provider.IBMJCEFIPS class does not include a keystore (such as JKS or JCEKS) because of FIPS requirements and algorithms. Therefore, if you are using com.ibm.crypto.fips.provider.IBMJCEFIPS and require JKS, you must specify the com.ibm.crypto.provider.IBMJCE in the provider list.

For more detailed information on the FIPS certified provider IBMJCEFIPS, see the IBM Java JCE FIPS 140-2 Cryptographic Module Security Policy. For usage information and details of the API, see the IBM Java JCE FIPS (IBMJCEFIPS) Cryptographic Module API document. These documents are available at http://www.ibm.com/developerworks/java/jdk/security/index.html.

Differences between IBM and Sun versions of IBMJCEFIPS

Sun does not provide IBMJCEFIPS.

History of changes

Version 1.4.2
IBMJCEFIPS is new for Version 1.4.2.

Documentation

For detailed information, including API documentation and Security Policy, see the developerWorks Web site, at http://www.ibm.com/developerworks/java/jdk/security/index.html.

IBM SASL Provider

Simple Authentication and Security Layer, or SASL, is an Internet standard (RFC 2222) that specifies a protocol for authentication and optional establishment of a security layer between client and server applications. SASL defines how authentication data is to be exchanged but does not itself specify the contents of that data. It is a framework into which specific authentication mechanisms that specify the contents and semantics of the authentication data can fit.

The Java SASL API defines classes and interfaces for applications that use SASL mechanisms. It is defined to be mechanism-neutral: the application that uses the API need not be hardwired into using any particular SASL mechanism. The API supports both client and server applications. It allows applications to select the mechanism to use based on desired security features, such as whether they are susceptible to passive dictionary attacks or whether they accept anonymous authentication. The Java SASL API also allows developers to use their own, custom SASL mechanisms. SASL mechanisms are installed by using the Java Cryptography Architecture (JCA).

The IBMSASL provider supports the following client and server mechanisms.

Client mechanisms
Server mechanisms

Differences between Sun and IBM SASL Provider

Only the package names, for example com.ibm.security.sasl, and the provider name are different from the Sun Implementation: com.ibm.security.sasl.IBMSASL.

History of changes

Version 5.0
The IBM SASL Provider is new for v5.0.

Documentation

Detailed information, including API documentation and samples, is on the developerWorks Web site, at http://www.ibm.com/developerworks/java/jdk/security/index.html.

Key Certificate Management utilities

Uses of the Key Certificate Management utilities.

The Key Certificate Management utilities make up a set of packages used to:

The Key Certificate Management utilities can:

The Subject Key Identifier is specified in RFC 3820, Section 4.2.1.2, http://www.faqs.org/rfcs/rfc3820.html.

History of changes

Version 5.0, Service Refresh 1
The Key Certificate Management utilities is new for Version 5.0, Service Refresh 1.

Documentation

The Key Certificate Management How-to Guide and Javadoc are on the developerWorks Web site, at http://www.ibm.com/developerworks/java/jdk/security/index.html.

Notices

This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area.

Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to:

For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:

The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law:

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the information. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this information at any time without notice.

Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk.

IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the purpose of enabling (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact:

Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee.

The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us.

Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurement may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment.

Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products.

All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only.

Trademarks

IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at http://www.ibm.com/legal/copytrade.shtml.

Intel is a trademark of Intel Corporation in the United States, other countries, or both.

Linux is a trademark of Linus Torvalds in the United States, other countries, or both.

Microsoft, Windows and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both.

Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.

Other company, product and service names may be trademarks or service marks of others.