Table of Contents
Advertisement
Key
Key Type
DRBG Seed
Random bit value
DRBG 'V' Value
Internal DRBG state
value (integer)
DRBG 'Key' Value
Internal DRBG state
value (integer)
2.7.6 Mixed Mode Cryptographic Keys and Critical Security Parameters
The cryptographic keys, key components, and other CSPs used by the module while operating in the Mixed Mode are
shown in Table 11.
Table 11 – List of Cryptographic Keys, Cryptographic Key Components, and CSPs ( Mixed Mode)
Key
Key Type
Firmware Signature
RSA 2048-bit public
Public Key
key
(FSPubKey)
Firmware Signature
RSA 2048-bit public
Root Certificate Key
key
(FSRootCert)
Generation / Input
Generated internally
Output encrypted via
DEKey
Generated internally
Output encrypted via
DEKey
Generated internally
Output encrypted via
DEKey
Generation / Input
Generated externally;
Does not exit the
Hardcoded into
module
module
Generated externally;
Output encrypted via
Hardcoded into
SSH_SK
module
© Copyright 2017 Oracle Corporation
This document may be freely reproduced and distributed whole and intact including this Copyright notice.
Output
Storage
Plaintext in RAM
Plaintext in RAM
Plaintext in RAM
Output
Storage
Plaintext in
EEPROM
Plaintext in
EEPROM and RAM
Page 38 of 51
Zeroization
Use
"Reset" service;
Generate random
Power cycle;
values for the
Switch Approved
CTR_DRBG
Mode
"Reset" service;
Internal state value for
Power cycle;
the CTR_DRBG
Switch Approved
Mode
"Reset" service;
Internal state value for
Power cycle;
the CTR_DRBG
Switch Approved
Mode
Zeroization
Use
Not Applicable
Validate a new
firmware image loaded
onto module
Not Applicable
Verify the chain of
certificates provided by
the new firmware
image
Advertisement
Table of Contents
