Spout Implementation Notes; Table 3-169 Key-Associated Data Reported Parameters (Spout) - Oracle StorageTek T10000 Reference Manual

SPOUT Implementation Notes

The following table lists the possible Key-Associated Data (KAD) parameters
supported in the Set Data Encryption page.

TABLE 3-169 Key-Associated Data Reported Parameters (SPOUT)

Record Decryption
Information Mode
0h Disable 0h Disable
0h Disable 1h Raw
0h Disable 2h Decrypt
0h Disable 3h Mixed
1h External 0h Disable
1h External 1h Raw
1h External 2h Decrypt
1h External 3h Mixed
2h Encrypt 0h Disable
2h Encrypt 1h Raw
2h Encrypt 2h Decrypt
2h Encrypt 3h Mixed
Legend:
C = Cleartext read & write data
D = Decrypted read data
E = Encrypted write data
P = Prohibited
M= Mandatory
O = Optional
n/a = Not Applicable
• If the SECURITY PROTOCOL or the SECURITY PROTOCOL SPECIFIC field is set
to a reserved or unsupported value.
The device server shall terminate the command with CHECK CONDITION status,
with the sense key set to ILLEGAL REQUEST, and the additional sense code set to
INVALID FIELD IN CDB.
• If the SPOUT command is sent to an older drive firmware that does not support
the SPIN/SPOUT commands.
August 2016
Encryption
Read Data Status
C/C P
D/C M
D/C M
C/E M
D/E M
D/E M
Note – The references in the following paragraphs refer to SSC-3.
Security Protocol Out Command
Key-Associated Descriptors
U-KAD A-KAD Nonce
00h 01h 02h
P P P
1
M P P
1
M P P
2
O P P
1
M P P
1
M P P
Notes:
1. Pending ANSI approval.
2. Optional when SDK is not supported, SDK
supported will become Mandatory.
Metadata
03h Notes
P
Not
Supported
P
P
Not
Supported
Not
Supported
Not
Supported
Not
Supported
P
Not
Supported
P
P
Commands 221