Hello,
I am sorry but I would like to make another question related to the mentioned cipherspecs ... in MQ subsystem running in version 9.1 I would like to change SSLCIPH value of one particular channel from TLS_RSA_*** to ECDHE_RSA_AES_256_GCM_SHA384.
The problem is that MQPING (and also START) command after the SSLCIPH change reports the following error:
CSQX620E .XXXX CSQXPING System SSL error,
channel FFFF.TTTT_SSL
connection cccc (xx.xxx.x.xx)
function 'gsk_secure_socket_init' RC=456
CSQ9023E .XXXX CSQXCRPS ' PING CHANNEL' ABNORMAL COMPLETION
So, I started the trace and received the following information:
XXXX MESSAGE 00000008 12:23:01.514947 SSL_INFO
Job FFFFCHIN Process 000400C0 Thread 00000000 crypto_ec_get_cached_private_key
Using EC private key cache entry 20C9C570
XXXX MESSAGE 00000001 12:23:01.514956 SSL_ENTRY
Job FFFFCHIN Process 000400C0 Thread 00000000 gsk_get_ec_parameters_info
keyInfo size 12
XXXX MESSAGE 00000002 12:23:01.514968 SSL_EXIT
Job FFFFCHIN Process 000400C0 Thread 00000000 gsk_get_ec_parameters_info
Exit status 00000000 (0)
EC curve type 30, key size 224
XXXX MESSAGE 00000004 12:23:01.515156 SSL_ERROR
Job FFFFCHIN Process 000400C0 Thread 00000000 crypto_ec_token_create_secret_key
ICSF service failure: CSFPDVK retCode = 0x8, rsnCode = 0x5a
XXXX MESSAGE 00000004 12:23:01.515167 SSL_ERROR
Job FFFFCHIN Process 000400C0 Thread 00000000 send_v3_client_messages
Unable to compute ECDH secret: Error 0x03353084
XXXX MESSAGE 00000004 12:23:01.515178 SSL_ERROR
Job FFFFCHIN Process 000400C0 Thread 00000000 send_v3_alert
Sent SSL V3 alert 80 to 00000000
So, I contacted the our z/OS system programmer team and they ensured me that ECC is allowed on z/OS system level and it is used by another applications. Additionally, they provided me the list of allowed access control points for ECC Diffie-Hellman curves set on TCPIP and SSL Service levels:
ECC Diffie-Hellman - Allow key wrap override
ECC Diffie-Hellman - Allow BP Curve 256
ECC Diffie-Hellman - Allow BP Curve 320
ECC Diffie-Hellman - Allow BP Curve 384
ECC Diffie-Hellman - Allow BP Curve 512
ECC Diffie-Hellman - Allow Prime Curve 256
ECC Diffie-Hellman - Allow Prime Curve 384
ECC Diffie-Hellman - Allow Prime Curve 521
ECC Diffie-Hellman - Allow PASSTHRU
Finally, above mentioned error is reported in case of mainframe to mainframe channel should be started.
We have on the same mainframe machine another channel mainframe to midrange and this channel works fine using exactly the same SSLCIPH value ECDHE_RSA_AES_256_GCM_SHA384. The trace confirmed that ECDHE is not evaluated during the SSL handshake during the initializing of this channel.
Now there are three points not clear to me:
a) why "Unable to compute ECDH secret: Error 0x03353084" in case of mainframe to mainframe channel when ECCDH is allowed?
b) why the second channel (mainframe to midrange) works fine?
Additionally, there is the question - is there any way how could be influenced the ECC key length (ECC 224, ECC 256, ECC 320 ...) from MQ subsystem perspective? We are facing the customer limitation to use at minimum ECC 256 but as it is visible from the trace, always ECC 224 is used during the handshake.
Thank you in advance for your opinion or help!
Best regards,
Radek
------------------------------
Radek Vanek
IT Specialist for zSeries IBM MQ, DB2 & DBA
IBM Certified Specialist & Database Administrator
IBM Client Innovation Centre Brno Czech Republic
Email:
Radek_Vanek@cz.ibm.com------------------------------
Original Message:
Sent: Thu May 02, 2019 10:19 AM
From: Rob Goodwin
Subject: Support for MQ cipher ECDHE_RSA_AES_256_GCM_SHA384 under MQ 9.x for z/os
Yes agree.
Thanks.
------------------------------
Rob Goodwin
Original Message:
Sent: Thu May 02, 2019 09:35 AM
From: Morag Hughson
Subject: Support for MQ cipher ECDHE_RSA_AES_256_GCM_SHA384 under MQ 9.x for z/os
Ah - I understand where you're coming from. You've found the Knowledge Centre saying it's on multiplatform but not on z/OS. I missed that distinction in your question.
I think the piece missing from your research is the fact that there is also an APAR for V9.0 for the addition of these CipherSpecs, and then it's in Knowledge Center for V9.1 from GA.
The APAR is PI85046
Cheers,
Morag
------------------------------
Morag Hughson
MQ Technical Education Specialist
MQGem Software Limited
Original Message:
Sent: Thu May 02, 2019 09:02 AM
From: Rob Goodwin
Subject: Support for MQ cipher ECDHE_RSA_AES_256_GCM_SHA384 under MQ 9.x for z/os
Thanks for your interest but I think I have bottomed this out for 9.1 at least.
Another pass of the KC for MQ 9.1 has revealed this - so there should be no issue migrating to 9.1:
Two CipherSpecs also available on z/OS
The following CipherSpecs, previously available only on Multiplatforms, are now also available on z/OS®:
ECDHE_RSA_AES_128_GCM_SHA256
ECDHE_RSA_AES_256_GCM_SHA384
This is documented here:
https://www.ibm.com/support/knowledgecenter/SSFKSJ_9.1.0/com.ibm.mq.pro.doc/q132030_.htm
My point is that in 'Enabling Cipherspecs' in the 9.1 KC (the place I would normally check out cipherspecs)
https://www.ibm.com/support/knowledgecenter/SSFKSJ_9.1.0/com.ibm.mq.sec.doc/q014260_.htm
it says it is only supported for Multiplatform (That is, all supported platforms except z/OS®).
So I infer that this page hasn't been updated yet in the KC to say it is supported on z/os.
I have found nothing to say that it is supported under 9.0 for z/os implying that if you migrate from MQ v8.0 (with PTF) to MQ 9.0 that cipher will stop working on z/os. But you are ok if you migrate to MQ 9.1.
------------------------------
Rob Goodwin
Original Message:
Sent: Wed May 01, 2019 10:17 AM
From: Morag Hughson
Subject: Support for MQ cipher ECDHE_RSA_AES_256_GCM_SHA384 under MQ 9.x for z/os
I suspect Knowledge Centre only indicates the CipherSpec is available on V9+ BECAUSE it was only added on V8 by APAR. It should not suggest it is available on MQ V8 for everyone when it is in fact only available if you apply the APAR.
If you have the APAR applied on V8 and make use of CipherSpec and then migrate to V9 then I don't see a migration issue. If you don't have the APAR applied, you can't use the CiperSpec until you migrate.
Coukd you expand a little on the migration issue you see here?
Cheers,
Morag
------------------------------
Morag Hughson
MQ Technical Education Specialist
MQGem Software Limited
Original Message:
Sent: Sun April 21, 2019 03:23 AM
From: Rob Goodwin
Subject: Support for MQ cipher ECDHE_RSA_AES_256_GCM_SHA384 under MQ 9.x for z/os
I can see that this cipherspec is supported on IBM MQ for z/os V8.0 enabled by the following APAR/PTF
PI97499 UI56544 WMQ PROVIDE SUPPORT FOR TLS 1.2 CIPHERS ON Z/OS PLATFORM
ECDHE_RSA_AES_256_GCM_SHA384
However the Knowledge Centres imply this cipherspec is only supported explicitly on Multiplatforms at MQ 9.0 and 9.1
Is this correct.
Is there a migration issue here for z/os ?
Regards,
Rob Goodwin
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU