4 key and csp zeroization, 5 error state – HP FIPS 140-2 User Manual

Security Policy, version 1.0

January 31, 2008

HP StorageWorks Secure Key Manager

Page 24 of 26

© 2008 Hewlett-Packard Company

This document may be freely reproduced in its original entirety.

3.4 Key and CSP Zeroization

To zeroize all keys and CSPs in the module, the Crypto Officer should execute reset factory settings
zeroize

command in the serial console interface. Notice that, for security reasons, the command cannot be

initiated from the SSH interface.

When switching between different modes of operations (FIPS and non-FIPS), the Crypto Officer must zeroize all
CSPs.

3.5 Error State

The module has two error states: a Soft Error state and a Fatal Error state.

When a power-up self-test fails, the module may enter either the Fatal Error state or the Soft Error State. When a
conditional self-test fails, the module will enter the Soft Error state. The module can recover from the Fatal Error
state if power is cycled or if the SKM is rebooted. An HP User can reset the module when it is in the Fatal Error
State. No other services are available in the Fatal Error state. The module can recover from the Soft Error state if
power is cycled. With the exception of the firmware upgrade integrity test and Diffie-Hellman primitive test, the
only service that is available in the Soft Error state is the FIPS status output via port 9081 (default). A User can
connect to port 9081 and find the error message indicating the failure of FIPS self-tests. Access to port 9081 does
not require authentication.