Preparing AES Key Wrap Encryption

AM encrypts and decrypts system passwords and the keys used in the configuration, and by components such as agents. The default encryption algorithm is Java Cryptography Extension (JCE) PBEWithMD5AndDES.

If you need a more secure encryption algorithm, use the Advanced Encryption Standard (AES) Key Wrap algorithm (RFC3394). AM's implementation of AES Key Wrap uses the Password-Based Key Derivation Function 2 (PBKDF2) (RFC2898) with HMAC-SHA1. This lets you choose key size hash algorithms, such as SHA256, SHA384, or SHA512.

Important

The AES Key Wrap Encryption algorithm is only enabled when installing AM. There is no current upgrade path for existing installations.

The Security Token Service (STS) feature does not support the AES Key Wrap Encryption algorithm. Make sure that you do not deploy this feature in an AM instance configured to use the AES Key Wrap Encryption algorithm.

You must also update the ssoadm command to work with AES key wrap encryption. See "To Configure ssoadm for AES Key Wrap Encryption".

To Configure AES Key Wrap Encryption for Tomcat
  • Edit your container startup scripts, for example setenv.sh, to set the following JVM system properties in Tomcat:

    JAVA_OPTS="$JAVA_OPTS -Dcom.iplanet.security.encryptor=org.forgerock.openam.shared.security.crypto.AESWrapEncryption" (1)
    JAVA_OPTS="$JAVA_OPTS -Dorg.forgerock.openam.encryption.key.iterations=10000" (2)
    JAVA_OPTS="$JAVA_OPTS -Dorg.forgerock.openam.encryption.useextractandexpand=true" (3)
    JAVA_OPTS="$JAVA_OPTS -Dorg.forgerock.openam.encryption.key.size=256" (4)
    JAVA_OPTS="$JAVA_OPTS -Dorg.forgerock.openam.encryption.key.digest=SHA512" (5)
    JAVA_OPTS="$JAVA_OPTS -Dorg.forgerock.openam.encryption.padshortinputs" (6)
    

    1

    Enables use of AES Key Wrap encryption.

    2

    Specifies the iteration count of the encryption key.

    Large iteration counts, for example, of 20,000, slow down brute-force attacks when passwords are of low quality (less than 20 characters and easy to predict).

    AM does not have an iteration count requirement. However, it will log a warning if both of the following conditions are true:

    • The number of iterations is less than 10,000.

    • The AM encryption key is less than 20 characters long.

    3

    Enables the algorithm introduced in AM 7.1 that reduces the performance cost of AES Key Wrap encryption even when high iteration counts are used.

    If this property is unset, and you configured a large iteration count, AM startup times may see a performance impact if there are many agents in your deployment.

    Determine the optimal iteration count based on the security and performance requirements of your deployment.

    4

    Specifies the size of the encryption key.

    Configure the key size to meet the needs of your deployment.

    5

    Specifies the digest algorithm. Possible values are SHA1, SHA256, SHA384, or SHA512.

    Configure the digest algorithm to meet the needs of your deployment.

    6

    For systems running Java 17, this property pads short inputs (less than 8 bytes). If you are using Java 17 with AES Key Wrap Encryption, enable this system property and re-encrypt any short system passwords that have already been encrypted. If you do not do this, AM will be unable to decrypt the short values.

    Configure the digest algorithm to meet the needs of your deployment.

    Caution

    You cannot change these configuration parameters once AM has been installed.

To Configure ssoadm for AES Key Wrap Encryption

After you enable AES key wrap encryption, update the ssoadm command to work with the new encryption settings.

  • Add the following properties to the /path/to/ssoadm/setup and /path/to/ssoadm/bin/ssoadm commands:

    -Dcom.iplanet.security.encryptor=org.forgerock.openam.shared.security.crypto.AESWrapEncryption
    -Dorg.forgerock.openam.encryption.key.iterations=10000
    -Dorg.forgerock.openam.encryption.key.size=256
    -Dorg.forgerock.openam.encryption.key.digest=SHA512
    -Dorg.forgerock.openam.encryption.padshortinputs
Read a different version of :