Boot Options
144
Basic System Configuration Guide
3HE 11010 AAAC TQZZA Edition: 01
5.1.3 FIPS-140-2 Mode
The 7705 SAR provides the fips-140-2 boot command to allow a node to run in
FIPS-140-2 mode. This mode limits the use of cryptographic algorithms on both the
CSM and data plane to only those that are in accordance with security level 1 of the
Federal Information Processing Standards 140 series, version 2 (FIPS-140-2). This
functionality is supported on the CSM on all 7705 SAR platforms that are equipped
with a CSM. It is supported on both the CSM and data plane on the 7705 SAR-8 Shelf
V2 and 7705 SAR-18 platforms when equipped with the following adapter cards:
• 7705 SAR-8 Shelf V2—8-port Gigabit Ethernet Adapter card, version 3; 2-port
10GigE (Ethernet) Adapter card
• 7705 SAR-18—8-port Gigabit Ethernet Adapter card, version 3; 2-port 10GigE
(Ethernet) Adapter card; 10-port 1GigE/1-port 10GigE X-Adapter card, version 2
To support the implementation of FIPS-140-2, the TiMOS software image contains
an HMAC-SHA-1 secret key that is verified upon boot-up. When FIPS-140-2 is
enabled on the node, an HMAC-SHA-1 integrity check is performed during the
loading of the both.tim file to ensure that the calculated HMAC-SHA-1 secret key of
the loaded image matches that stored in the hmac-sha1.txt file. This is a new
signature file that has been added to the TiMOS software image and only applies to
FIPS-140-2.
If the image fails the HMAC-SHA-1 check, the node does not boot up, an error
message is displayed, and the node tries to reboot the load after a delay of 60 s. It
keeps trying to reboot until the operator cancels the reboot. If the software image is
verified by the HMAC-SHA-1 check, the node boots up normally and a message
indicating that the software load has passed verification is displayed.
The node performs its normal boot-up sequence, including reading the config.cfg file
and loading the configuration. The config.cfg file that is used to boot the node in
FIPS-140-2 mode must not contain any configuration that is not supported by the
FIPS-140-2 implementation. If such a configuration is present in the config.cfg file
when the node boots up, the node loads the config.cfg file until the unsupported
configuration is reached and then stops. A failure message is also displayed.
When the node boots in FIPS-140-2 mode, Cryptographic Module Validation
Program (CMVP) startup tests are executed on the CSM and applicable data plane.
CMVP conditional tests, such as manual key entry tests, pairwise consistency
checks, and RNG tests, are executed when required during normal operation.
Note: The hmac-sha1.txt file must be stored in the same directory as the TiMOS image.
To Next Page
Loading...
