Cannot create 1024-bit RSA keys on the HSM after installing a fix pack

Answer

DataPower Type 2426, 7198, 7199, or 8436 appliances with the HSM automatically have their HSM firmware upgraded from version 1.2 to version 2.2 after an upgrade to 7.0.0.14, 7.1.0.11, 7.2.0.8, 7.5.0.2 or 7.5.1.2 (or later). This HSM firmware upgrade is required to maintain the NIST FIPS-140-2 certificate. After the HSM firmware upgrade, you can no longer create 1024-bit keys on the HSM but existing 1024-bit keys continue to function.

NIST made obsolete the ANSI X9.31 RNG (Random Number Generator) algorithm and will no longer certify products that use this algorithm as compliant with FIPS-140-2. The DataPower HSM version 1.2 firmware has this algorithm, so the HSM firmware must be updated to retain compliance with FIPS-140-2. The new HSM version 2.2 firmware provides only the CTR_DRBG RNG (Counter mode Deterministic Random Byte Generator) algorithm. Although the HSM version 1.2 firmware has no associated vulnerability, the certificate will be removed from the NIST validation list.

Beginning 2011, NIST recommended the use of RSA keys of at least 2048 bits. The HSM version 2.2 firmware enforces this recommendation and does not allow you to create new 1024-bit RSA keys on the HSM. Although existing 1024-bit keys continue to function, you should replace 1024-bit keys with new 2048-bit or 4096-bit keys. To replace keys that are stored on the HSM, back them up to another HSM with the Export Crypto Object utility or the crypto-export command,

The HSM firmware is updated only when the HSM was initialized with the hsm-reinit command. If you install the fix pack but the HSM is not initialized, the HSM firmware update is delayed until the first restart after you initialize the HSM.

Note: If you want to downgrade to the previous HSM version after you installed the DataPower fix pack, you can obtain the following tools from IBM Fix Central. Search for text string HSM.

• Use the idg-hsm_downgrade tool to downgrade the HSM to version 1.2 and keep it at version 1.2 across fix pack installations until you enable the HSM upgrade with the idg-hsm_enable_update tool.
• Use the idg-hsm_enable_update tool to allow the installation of a fix pack to upgrade the HSM component firmware to the latest version. After you run this tool, you must install a firmware version.

To determine whether your appliances has the HSM, use the show crypto-engine command. When the accelerator type is hsm2, the appliance has the HSM. This status provider also provides the status, which informs you whether the HSM is initialized.

To determine the HSM firmware version, use the service show component-firmware command.

• Before the upgrade, the version is CN16XX-NFBE-FW-1.2-101022.
• After the upgrade, the version is CN16XX-NFBE-FW-2.2-130013.

1. Switch back to the previously installed, secondary image (boot switch) or install a fix pack with the upgraded HSM component firmware.
2. Downgrade the HSM component firmware by using the tool from IBM Fix Central. Make sure the downgrade process succeeds and the HSM version is back to CN16XX-NFBE-FW-1.2-101022 with the service show component-firmware command.
3. Switch back to the primary image (boot switch) or install the wanted fix pack without the upgraded HSM component firmware.