Encryptiond - Oracle StorageTek T10000D Manual

Non-proprietary security policy
Table of Contents

Advertisement

Key
Key Type
Firmware Signature
RSA 2048-bit public
Public Key
key
(FSPubKey)
Firmware Signature
RSA 2048-bit public
Root Certificate Key
key
(FSRootCert)
DRBG Seed
Random bit value
DRBG 'V' Value
Internal DRBG state
value (integer)
DRBG 'Key' Value
Internal DRBG state
value (integer)
2.7.5 Encryption Disabled Cryptographic Keys and Critical Security Parameters
The cryptographic keys, key components, and other CSPs used by the module while operating in the Encryption
Disabled Approved Mode are shown in Table 10.
Table 10 – List of Cryptographic Keys, Cryptographic Key Components, and CSPs (Encryption Disabled Mode)
Key
Key Type
Generation / Input
Generated externally;
Does not exit the
Hardcoded into
module
module
Generated externally;
Output encrypted via
Hardcoded into
DEKey
module
Generated internally
Output encrypted via
DEKey
Generated internally
Output encrypted via
DEKey
Generated internally
Output encrypted via
DEKey
Generation / Input
© Copyright 2017 Oracle Corporation
This document may be freely reproduced and distributed whole and intact including this Copyright notice.
Output
Storage
Plaintext in
EEPROM
Plaintext in
EEPROM and RAM
Plaintext in RAM
Plaintext in RAM
Plaintext in RAM
Output
Storage
Page 36 of 51
Zeroization
Use
Not Applicable
Validate a new
firmware image loaded
onto module
Not Applicable
Verify the chain of
certificates provided by
the new firmware
image
"Reset" service;
Generate random
Power cycle;
values for the
Switch Approved
CTR_DRBG
Mode
"Reset" service;
Internal state value for
Power cycle;
the CTR_DRBG
Switch Approved
Mode
"Reset" service;
Internal state value for
Power cycle;
the CTR_DRBG
Switch Approved
Mode
Zeroization
Use

Advertisement

Table of Contents
loading

Table of Contents