User Guide
DDOC0099-000-AH
DTS1 CSfC
5 - 4
Encryption
© 2020 Curtiss-Wright Defense Solutions
Revision 6.0
Example
NOTE
Generating the HMAC requires the decrypted user token, challenge, and a HMAC hash generator
that supports the SHA-384 algorithm.
4. Generate the HMAC.
5. Login to crypto module.
Command:
cmlogin -M
[Generated HMAC string]
Example
5.3.2
Verify Successful Login
To verify a successful login type
cmlogin
and press E
NTER
key
.
•
State should show ready
•
Init show 1
•
Status show OK
Example
5.3.3
Access RMC Module (Plain Text
DEK / Encrypted DEK)
CAUTION
DATA ACCESS. Use of slot option (-s 0) is required to when entering key (DEK and PSK).
NOTE
Use of -s 0 option denotes slot 0, -F option forces an over-write of any key previously installed.
Entering a plain text DEK
or
an encrypted DEK (EDEK) is required to access the RMC. The EDEK
provides additional security, but requires additional effort on the part of the user.
5.3.3.1
Access RMC Module (Plain Text DEK)
NOTE
The DEK is a user-generated 64-character string.
1. To access the RMC, enter the DEK and PSK.
2. Type
cmkey -s 0 -d -p --force
and press E
NTER
key
.
Example
cw_dts>
cmlogin -u [username] -p -L
[cmlogin]
Please enter password:
[password]
CHALLENGE=[Generated random string 80 characters (40 bytes Hex) long]
[!cmlogin] OK
cw_dts>
cmlogin -M [Generated HMAC string]
[cmlogin]
CMLOGIN: action=auth status=ok
[!cmlogin] OK
cw_dts>
cmlogin
[cmlogin]
CMLOGIN: state=ready init=1 status=OK
[!cmlogin] OK
cw_dts>
cmkey -s 0 -d -p --force
[cmkey]
Please enter plaintext DEK:
[User-generated plain text DEK string]
Please enter current PSK:
[Curtiss-Wright provided PSK string]
CMKEY: action=inst slot=0 status=ok
[!cmlogin] OK