User Guide DDOC0199-000-A9
1-Slot Data Transport System (CSfC) 6 - 5 Encryption
© 2024 Curtiss-Wright Defense Solutions Revision 3.0
Example
6.3.2 Initialize / Login - Crypto Module
NOTE
username and password are selected and entered by the user.
• User name (-u) requirement is 1-15 characters in length.
• Password (-p) requirement: see paragraph 6.1.1 Hardware Layer Passwords for
requirements.
1. Obtain user token.
Command:
cmlogin -u username -p -I
Example
NOTE
Decrypting the user token requires a 3rd-party AES256 key-unwrapping algorithm and the PSK.
2. Decrypt user token.
3. Generate challenge.
Command:
cmlogin -u username -p -L
Example
NOTE
Generating the HMAC requires the decrypted user token, challenge, and a HMAC hash generator
that supports the SHA-384 algorithm.
4. Generate the HMAC.
5. Login to crypto module.
Command:
cmlogin -M Generated HMAC string
Example
cw_dts> ibit -s
[ibit]
IBIT_MON: mcu=1 i2c=1 volt=1 status=OK
IBIT_ETH: eth0=1 eth1=1 status=OK
IBIT_RMC0: volt=NA ata=NA smart=NA status=OK
IBIT_SEC: fips=1 seal=1 sb=1 status=OK
[!ibit] OK
cw_dts> cmlogin -u username -p -I
[cmlogin]
Please enter password: password
Please verify password: password
CMLOGIN: action=init status=OK
USER_TOKEN=Generated random string 80 characters (40 bytes Hex) long
TOKEN_HMAC=Generated random string 96 characters (48 bytes Hex) long
[!cmlogin] OK
cw_dts> cmlogin -u username -p -L
[cmlogin]
Please enter password: password
CHALLENGE=Generated random string 128 characters (64 bytes Hex) long
[!cmlogin] OK
cw_dts> cmlogin -M Generated HMAC string
[cmlogin]
CMLOGIN: action=auth status=ok
[!cmlogin] OK
To Next Page
Loading...