[an error occurred while processing this directive]

HP OpenVMS Systems Documentation

Content starts here

HP OpenVMS Version 8.3 New Features and Documentation Overview


Previous Contents Index

3.5.8 Deleting AES Keys

AES (and DES) keys are deleted or removed with the encrypt command-line qualifier /REMOVE_KEY or with the API ENCRYPT$DELETE_KEY( ):


$ ENCRYPT/REMOVE_KEY KEYNAME /AES 

The user's secret key is encrypted with a master key and stored in a logical name table (PROCESS, JOB, GROUP or SYSTEM---ENCRYP$SYSTEM table), the default is the PROCESS logical name table. To delete a key in a table other than the PROCESS logical name table, the appropriate qualifier (/JOB, /GROUP, or /SYSTEM) must also be specified in the ENCRYPT /REMOVE_KEY command.

Because the user's secret key name is unique, only one key with the same name can exist in the same logical name table, whether this is a DES key or an AES key. This means that the /AES qualifier is unnecessary, although it is implemented nevertheless.

3.5.9 ENCRYPT$DELETE_KEY( ) API

To remove the key from the logical name table with the Encrypt API, specify the name of the key to be deleted. The flags specify which logical name table.


ENCRYPT$DELETE_KEY (key-name , key-flags) 

AES Key Flag

The following AES mask can be used in addition to (OR with) other flags for the key-flags parameter (as a longword by reference). An associated AES key value can be used for testing the bit within the program. Use the KEY_AES key flag to specify an AES key with the ENCRYPT$DEFINE_KEY( ), ENCRYPT$DELETE_KEY( ), and ENCRYPT$GENERATE_KEY( ) APIs.

  • ENCRYPT$M_KEY_AES
  • ENCRYPT$V_KEY_AES

3.5.10 File Encryption and Decryption

Once a key has been created, a user can encrypt and decrypt files. This can be accomplished at the command line with the ENCRYPT and DECRYPT commands, or by using the ENCRYPT$ENCRYPT_FILE() API.

File encryption encrypts RMS files in fixed-length, 512-byte records. The file characteristics and attributes of the file are preserved, for example, the file creation and modify date, and whether the file was organized as sequential or indexed, and its record format (STREAM_LF, VAR, or other). A user specifies a key to be used for the encryption of a file and a data algorithm. But, the user's key is used to encrypt the random key, initialization vector (IV), and data algorithm in the random key record. Using the data algorithm specified by the user, it is the random key that encrypts the file's attributes and feature records and its data records, .

When decrypting the file, the key that the user specifies is used to decrypt the random-key record, which retrieves the random (data) key, IV, and data algorithm. Then the file attributes, feature records, and data records are decrypted with the random key, IV, and data algorithm from the fixed-length 512-byte records, and then restored to its original format and

3.5.10.1 File Encrypt and Decrypt Default Mode---DESCBC

By default, when encrypting a file from the command line, Encrypt uses the DESCBC algorithm to encrypt the file. That is, if a key or data algorithm is not specified on the command line, the DESCBC algorithm and mode is used.

An example that encrypts the file file-name using the key key-name to an output file with the file name of file-name using DESCBC is:


$ ENCRYPT file-name key-name 

The following command is used to decrypt the file with DESCBC:


$ DECRYPT file-name key-name 

3.5.10.2 Specifying the AES Data Algorithm and AES Key Algorithm

To select an algorithm other than the DESCBC default when encrypting files, Encrypt accepts the data and key algorithm qualifiers with the DCL ENCRYPT command and the key algorithm qualifier with the DECRYPT command.

When encrypting files with AES, specify both /DATA_ALGORITHM=AESmmmkkk and /KEY_ALGORITHM=AESmmmkkk:

  • mmm defines the AES mode: ECB, CBC, CFB, or OFB
  • kkk defines the key size: 128, 192, or 256 bits (for 16-, 24- or 32-byte keys)

Encrypt expects that the key matches the key algorithm. An AES key must be used with an AES key algorithm, and a DES key must be used with the DES key algorithm. Although the data algorithm will default to DES if the /DATA_ALGORITHM=AESmmmkkk is not specified for the ENCRYPT command. The same holds true when working with DES keys and KEY_ALGORITHM=DES, the data is protected with a strong algorithm, but the key is not.

Note

The capability of mixing AES with DES key and data algorithms has been disabled in OpenVMS Version 8.3, and any attempt to do so result in an ENCRYPT$_AESMIXDES error condition.

When decrypting files with AES, specify only the /KEY_ALGORITHM=AESmmmkkk qualifier. That is because the key algorithm is used to decrypt the random-key record that contains the random key that is then used to decrypt the data records of the file. Specifying the data algorithm is not necessary and, in fact, gives an unrecognized-qualifier error message.

Note

For an encrypt operation, if the /DATA_ALGORITHM=AES is specified without the /KEY_ALGORITHM, an error occurs. The default algorithm DESCBC is used to encrypt the random key record that contains the random key and file information. However, Encrypt expects that the user's key matches the KEY algorithm; if not, an error occurs. That is, if the key-name is an AES key name and value, when the key is fetched from the logical name table and then is decrypted with the DES master key, the key decrypts garbage, and the operation fails with:


%STR-F-FATINTERR, fatal internal error 

ENCRYPT /DATA_ALGORITHM=AES /KEY_ALGORITHM=AES

AES has a default encryption and decryption routine (AESCBC128) that is used when AES is specified without a mode and key size (that is, only /AES is specified). This could be used as a shortcut for AES file encryption. For example:


$ ENCRYPT file-name key-name /KEY=AES /DATA=AES 

3.5.10.3 Specifying Only the Key Algorithm

To select an algorithm other than the DESCBC default when decrypting files, Decrypt accepts only the key algorithm qualifier with the DCL DECRYPT command. When decrypting with AES, specify only the /KEY_ALGORITHM=AESmmmkkk qualifier, where mmm defines the AES mode

Only the key algorithm needs to be specified. The data algorithm is stored with other file information in the encrypted file within a key record. The key record was encrypted with the user-specified encryption key when the file was encrypted. During the decrypt operation, the user's key is used to decrypt the key record that contains the data key (a random key generated during the encrypt), along with its algorithm is then used to decrypt the remaining data records in the file.

3.5.11 ENCRYPT$ENCRYPT_FILE() API

AES File Flag

This is the command format for the ENCRYPT$ENCRYPT_FILE() API:


ENCRYPT$ENCRYPT_FILE(input-file, output-file,                        key-name, algorithm, file-flags,                        item-list ) 

There is an additional FILE_AES flag mask (and value) that is used with the ENCRYPT$ENCRYPT_FILE( ) API when encrypting files using an AES algorithm. The ENCRYPT$ENCRYPT_FILE_FLAGS are used to control file operations such as cipher direction, file compression and so on. The FILE_AES flag controls file AES initialization and encryption operations, and also to flag an AES key:

  • ENCRYPT$M_FILE_AES
  • ENCRYPT$V_FILE_AES

The optional item list is used to override the data algorithm parameter. The intent is to substitute one algorithm for another that is similar in function but different in name. You override the name of the algorithm in the random-key record with the name of the algorithm provided by the user in the override descriptor. This provides a way to open files that were encrypted with algorithm name that may be different than the algorithm name in the

3.5.12 Record Encryption/Decryption

File records can be encrypted and decrypted with the Encrypt API:


ENCRYPT$ENCRYPT_ONE_RECORD (input, output, key-name, algorithm) 
 
ENCRYPT$DECRYPT_ONE_RECORD (input, output, key-name, algorithm) 

To utilize AES for one record ciphers, an AES key must first be created, which is stored in the logical name table (encrypted). The key name of an AES key is specified and an address of a descriptor that contains the ASCII text for the selected AESmmmkkk (mode and key size) algorithm. Note that the input and output buffers (descriptor addresses) are also provided.

These one-record APIs assume that a key already exists in the logical name table key storage. These APIs are primarily used to encrypt and decrypt small amounts of data or only a few records. This is because there are overhead operations involved when calling the ENCRYPT$ENCRYPT_ONE_RECORD( ) API. Calling this API also calls the ENCRYPT$INIT(), ENCRYPT$ENCRYPT() or ENCRYPT$DECRYPT() function, and the ENCRYPT$FINI() function. An INIT, DECRYPT, and FINI function are also called recursively within the first INIT to decrypt the key in logical name storage, using the key name specified by the user in the key-name parameter.

HP recommends that you do not use the ENCRYPT$xxCRYPT_ONE_RECORD() calls if many records need to be enciphered or deciphered. Instead, HP recommends that the ENCRYPT$ENCRYPT() and ENCRYPT$DECRYPT() API functions be used for normal operations. This implies that the ENCRYPT$INIT() function is also used to initialize the context prior to encryption or decryption, and that the ENCRYPT$FINI() API is used to free memory structures prior to application exit.

3.5.13 Data Encryption/Decryption

The ENCRYPT$ENCRYPT() and ENCRYPT$DECRYPT() routines are used by applications to cryptographically process up to 64K bytes of data.


ENCRYPT$ENCRYPT (context, input, output [,output-length] [,initialization-vector]
ENCRYPT$DECRYPT (context, input, output [,output-length] [,initialization-vector]

These routines require initializing an encryption context with ENCRYPT$INIT() routine, prior to calling ENCRYPT$ENCRYPT() or ENCRYPT$DECRYPT() to encipher or decipher the data blocks. The ENCRYPT$FINI() routine is called at the end to free the context data structures.

The output buffer must be able to accommodate a padded block to an increment of the block length. For AES, this is 16 bytes (8 bytes for DES). The output-length value and initialization-vector (IV) parameter are optional. The output-length is the number of bytes written (encrypted or decrypted).

The AES IV is a reference pointer to a 16-byte value. Internal structures have been expanded to accommodate AES. The DES IV is a quadword reference to an 8-byte value.

3.5.14 Lengths and Block Mode Padding

The AES block-mode algorithms (AESCBCxxx and AESECBxxx pad the data to even 16-byte block boundaries. For AES, 1 byte encrypts and decrypts to 16 bytes, 72 bytes to 80, and so forth. The AES padding character is a hexadecimal number of bytes indicating the number of bytes padded. For example, the 1-byte encrypt pad would be 15 characters of 0F following the 1 encrypted byte of data (08 08 ... 08) of 8 bytes following the 72 bytes of data. DESECB and DESCBC modes always pad with characters of zeros. The character stream modes (AESCFBxxx, AESOFBxxx, DESCFB) do not pad the data and the output-length parameter matches the actual number of bytes.

3.5.15 New AES Encryption Key, Flag Mask, and Value

There are no new AES encryption API routines. However, to accommodate the AES algorithm and the various key-length values, an additional AES key and AES file flag mask and value are added to OpenVMS Version 8.3.

  • AES key flag
    The KEY_AES mask value specified an AES key (as a longword by reference) to the ENCRYPT$DEFINE_KEY( ), ENCRYPT$DELETE_KEY( ), and ENCRYPT$GENERATE_KEY( ) APIs:
    • ENCRYPT$M_KEY_AES
    • ENCRYPT$V_KEY_AES
  • AES file flag
    An additional FILE_AES flag mask (and value) is used with the ENCRYPT$ENCRYPT_FILE( ) API when encrypting files that use an AES algorithm.
    The ENCRYPT$ENCRYPT_FILE_FLAGS flags are used to control file operations such as cipher direction, file compression, and so on. The FILE_AES flag controls file AES initialization and encryption operations and also flags the following AES keys:

    • ENCRYPT$M_FILE_AES
    • ENCRYPT$V_FILE_AES

The AES algorithm, mode, and a key length (128, 192, or 256 bits) are specified in the algorithm parameter for the ENCRYPT$ENCRYPT_FILE( ), and ENCRYPT$INIT( ) APIs, or the are specified in the algorithm-name parameter for the ENCRYPT$GENERATE_KEY( ) API. This parameter is in the form of a character string descriptor reference (pointer), as follows:

  • Block mode ciphers
    • AESCBC128 ! Cipher Block Chaining
    • AESCBC192 ! Cipher Block Chaining
    • AESCBC256 ! Cipher Block Chaining
    • AESECB128 ! Electronic Code Book
    • AESECB192 ! Electronic Code Book
    • AESECB256 ! Electronic Code Book
  • Stream mode ciphers
    • AESCFB128 ! Cipher Feedback
    • AESCFB192 ! Cipher Feedback
    • AESCFB256 ! Cipher Feedback
    • AESOFB128 ! Output Feedback
    • AESOFB192 ! Output Feedback
    • AESOFB256 ! Output Feedback

Note

AESCBC128 is the default cipher and is also used for encryption and decryption of the user's key for storage of logical names. These ciphers are searched in the order in which they are stored in their algorithm table (as listed) within the new image file SYS$SHARE:ENCRYPT$ALG$AES.EXE file.

3.5.16 Unsupported AES Encryption Operations

The following AES encryption operations are not supported and, therefore, are not recommended:

  • Message Authentication Code (MAC)
    The Message Authentication Code (MAC) detects any modifications made to a file's data or to its security settings. Currently, only DES is supported for MAC operations. AES is not supported.
    The MAC is used with the /AUTHENTICATE command qualifier. The MAC encrypts the file's data (and security attributes), storing then in two separate databases (Db). To detect file modifications, the MAC is recalculated and compared with the Db MAC.
    The authentication codes are generated with the /UPDATE qualifier, and are logged or displayed with the /OUTPUT=file-name qualifier. For example:


    $ encrypt /AUTHENTICATE /UPDATE *.exe KeyName /out=tt: 
    

    The MAC also uses an IV, but DESCBC is the underlying algorithm and mode for the keyed file MAC. The MAC is the final DESCBC encrypted block of the file's data, the file's security attributes.
  • ENCRYPT/COMPRESS
    Using ENCRYPT/COMPRESS with BACKUP file save sets is not recommended, because of errors encountered during their decryption. This usually happens with larger save sets created with a /GROUP_SIZE not equal to zero.
    ENCRYPT/COMPRESS works properly but decryption might fail. This can be catastrophic if the /DELETE qualifier is used, deleting the original BACKUP save-set file during the encrypt operation.
  • Encrypting files with AES
    Specify both the /DATA=AESmmmkkk and the /KEY=AESmmmkkk algorithm when encrypting AES files, where mmm is the mode (CBC,ECB,CFB, or OFB) and kkk is the key size (128, 192, or 256 bits).
  • Mixing AES and DES keys and algorithms
    Encrypt expects that the key matches the key algorithm. An AES key must be used with an AES key algorithm, and a DES key must be used with the DES key algorithm. The data algorithm can default to DES if you specify an AES /KEY_ALGORITHM qualifier together with an AES key without specifying AES for the /DATA_ALGORITHM qualifier. For security reasons, we disallow this by signaling an ENCRYPT$_AESMIXDES error at the command line. The same holds true when working with DES keys and KEY_ALGORITHM=DES; the data is protected with a strong algorithm but the key is not. This command-line capability of mixing key and data algorithms between DES and AES has been disabled in OpenVMS 8.3. Note that other errors can result when mixing AES and DES keys and algorithms.

3.6 Monitor Utility Enhancements

The following sections describe enhancements to the Monitor utility.

3.6.1 Align Command (I64 Only)

The Monitor utility has been enhanced to display information about alignment faults. This new MONITOR ALIGN command is valid only on OpenVMS for Integrity servers and helps troubleshoot performance problems on Integrity server systems.

The MONITOR ALIGN class displays a rate of alignment faults for each mode (kernel, executive, supervisor and user) along with the total alignment faults per second. If the alignment fault rate per second is very high, use the Alignment Fault utility (FLT), which is run through SDA, to analyze the cause of the alignment faults.

On Integrity server systems, all alignment faults are handled by the operating system, hence counters can be incremented to track the alignment fault rate. On Alpha, alignment faults are fixed in PALcode in the console so counters cannot be ticked without much overhead. For this reason, the MONITOR ALIGN command is only available on Integrity servers.

The header include file $MONDEF has also been enhanced to include the record definitions for the new ALIGN class. Previously, the constants for each class type record have not been provided, but in Version 8.3 $MONDEF also includes the symbolic constant definitions for the class numbers as MNR_CLS$K_xxx.

Note the following example:


$ monitor align 
                         ALIGNMENT FAULT STATISTICS 
                               on node MTDIB9 
                          11-JAN-2006 16:58:07.25 
 
                                     CUR        AVE        MIN        MAX 
 
    Kernel Alignment Faults       19529.00   19529.00   19529.00   19529.00 
    Exec Alignment Faults          7581.00    7581.00    7581.00    7581.00 
    Super Alignment Faults            0.00       0.00       0.00       0.00 
    User Alignment Faults        164972.00  164972.00  164972.00  164972.00 
 
 Total Alignment Faults       192082.00  192082.00  192082.00  192082.00 

3.6.2 New Classname Qualifiers for the PROCESSES Class

The four new classname qualifiers for the MONITOR utility PROCESSES class can be used to monitor per-process-based modes usage. They are useful in helping to identify the top consumers of the various CPU modes. If, for example, the MONITOR MODES command shows that an excessive amount of supervisor mode is being used, the new MONITOR PROCESSES/TOPSUPERVISOR display will reveal which process---and hence, which user---is responsible.

The new qualifiers are described in the following table:

Table 3-2 MONITOR utility Classname Qualifiers for the PROCESSES Class
Command and Qualifier Description
MONITOR PROCESSES /TOPKERNEL Top kernel mode usage per process
MONITOR PROCESSES /TOPEXECUTIVE Top executive mode usage per process
MONITOR PROCESSES /TOPSUPERVISOR Top supervisor mode usage per process
MONITOR PROCESSES /TOPUSER Top user mode usage per process

See the HP OpenVMS System Management Utilities Reference Manual, in the MONITOR chapter, for more detailed information.

3.6.3 MONITOR PROCESSES/TOPSUPERVISOR Example

The new MONITOR PROCESSES/TOPSUPERVISOR qualifier allows you to see which processes are top consumers of CPU in supervisor mode. For more information about these qualifiers, see the HP OpenVMS System Management Utilities Reference Manual.

The following example will appear in the section "Using Live Display Monitoring" in the chapter "Getting Information About the System" in the next version of the HP OpenVMS System Manager's Manual.

Example:


$ MONITOR PROCESSES/TOPSUPERVISOR 

This command displays a bar graph showing the 16 processes that are the top consumers of CPU time in supervisor mode. Values are expressed in units of clock ticks (10ms) per second.

The command produces a display similar to the following:


 
                      OpenVMS Monitor Utility 
                  TOP SUPERVISOR MODE PROCESSES 
                        on node QUEBIT 
                    7-DEC-2005 14:04:24.19 
 
                        0         25        50        75       100 
                        + - - - - + - - - - + - - - - + - - - - + 
 74E000AD  BATCH_3   5  ** 
 74E000AC  BATCH_2   4  * 
 74E000AA  BATCH_1   3  * 
 74E000AB  _RTA3:    3  * 

3.7 Multipath Enhancement for Active-Active Feature of EVA and MSA Controllers

The controllers of the Enterprise Virtual Array (EVA) 4000/6000/8000 storage systems and of the MSA1500 storage system provide "active optimized" (AO) and "active non-optimized" (ANO) paths. This feature will also be offered in the EVA 3000/5000 storage systems. There is a read I/O performance penalty for using the ANO paths.

The OpenVMS multipath capability has been enhanced to distinguish between the AO and the ANO paths to improve I/O performance. Users should notice a performance improvement, which will vary depending on I/O size and queue depth. The longer the queue depth, the greater the improvement users will notice.

For more information about the OpenVMS multipath capability, refer to Guidelines for OpenVMS Cluster Configurations. For more information about the controllers on these storage systems, visit:


http://www.hp.com/country/us/en/prodserv/storage.html 

For more information about the EVA 4000/6000/8000 controllers, select Browse by capacity, Enterprise, and select the storage system of interest.

Similarly, for more information about the EVA 3000 and 4000 controllers, select Browse by capacity, Mid-range, and select the storage system of interest. For more information about the MSA 1500 controller, select Browse by capacity, Entry-level, MSA 1500.


Previous Next Contents Index