Hewlett Packard Enterprise Development LP iLO 4 Cryptographic Module Firmware Version: 2.11 Hardware Version: Gen9 Servers: ASIC (GLP-4: 531510-004) with Flash Memory (820595-001), NVRAM (820597-001), and DDR3 SDRAM (820594-001); Gen8 Servers: ASIC (GLP-3: 531510-003 or Sabine: 610107-002) with Flash Memory (820595-001), NVRAM (820596-001), and DDR3 SDRAM (820594-001) FIPS 140-2 Non-Proprietary Security Policy FIPS Security Level: 1 Document Version: 1.2 Prepared for: Prepared by: Hewlett Packard Enterprise Development LP Corsec Security, Inc. 11445 Compaq Center Dr. W. 13921 Park Center Road, Suite 460 Houston, TX 77070 Herndon, VA 20171 United States of America United States of America Phone: +1 (281) 370-0670 Phone: +1 (703) 267-6050 http://www.hpe.com http://www.corsec.com Security Policy, Version 1.2 February 10, 2016 Table of Contents 1 INTRODUCTION ................................................................................................................... 3 1.1 PURPOSE ................................................................................................................................................................ 3 1.2 REFERENCES .......................................................................................................................................................... 3 1.3 DOCUMENT ORGANIZATION ............................................................................................................................ 3 2 ILO 4 CRYPTOGRAPHIC MODULE ..................................................................................... 4 2.1 OVERVIEW ............................................................................................................................................................. 4 2.2 MODULE SPECIFICATION..................................................................................................................................... 8 2.3 MODULE INTERFACES ........................................................................................................................................11 2.4 ROLES AND SERVICES .........................................................................................................................................12 2.4.1 Crypto-Officer Role.............................................................................................................................................. 12 2.4.2 User Role ................................................................................................................................................................ 14 2.4.3 Additional Services............................................................................................................................................... 15 2.5 PHYSICAL SECURITY ...........................................................................................................................................15 2.6 OPERATIONAL ENVIRONMENT.........................................................................................................................15 2.7 CRYPTOGRAPHIC KEY MANAGEMENT ............................................................................................................16 2.8 EMI/EMC ............................................................................................................................................................20 2.9 SELF-TESTS ..........................................................................................................................................................20 2.9.1 Power-Up Self-Tests ............................................................................................................................................ 20 2.9.2 Conditional Self-Tests ......................................................................................................................................... 20 2.9.3 Critical Functions Tests ...................................................................................................................................... 20 2.9.4 Self-Test Failure Handling................................................................................................................................. 21 2.10 MITIGATION OF OTHER ATTACKS ..................................................................................................................21 3 SECURE OPERATION ......................................................................................................... 22 3.1 CRYPTO-OFFICER GUIDANCE ..........................................................................................................................22 3.1.1 Initialization ........................................................................................................................................................... 22 3.1.2 Secure Management .......................................................................................................................................... 23 3.2 USER GUIDANCE ................................................................................................................................................23 3.3 MODULE’S MODE OF OPERATION ...................................................................................................................23 3.4 NON-APPROVED MODE ...................................................................................................................................23 4 ACRONYMS .......................................................................................................................... 24 Table of Figures FIGURE 1 – ILO 4 ASIC............................................................................................................................................................7 FIGURE 2 – ILO 4 HARDWARE BLOCK DIAGRAM ................................................................................................................9 List of Tables TABLE 1 – COMPARISON OF HP ILO 4 ADVANCED AND STANDARD FEATURES............................................................4 TABLE 2 – SECURITY LEVEL PER FIPS 140-2 SECTION .........................................................................................................7 TABLE 3 – MODULE COMPONENT PART NUMBERS .............................................................................................................8 TABLE 4 – FIPS-APPROVED ALGORITHM IMPLEMENTATIONS IN HARDWARE ..................................................................9 TABLE 5 – FIPS-APPROVED ALGORITHM IMPLEMENTATIONS IN FIRMWARE .................................................................. 10 TABLE 6 – FIPS 140-2 LOGICAL INTERFACE MAPPINGS ................................................................................................... 11 TABLE 7 – CRYPTO-OFFICER SERVICES ............................................................................................................................... 13 TABLE 8 – USER SERVICES ..................................................................................................................................................... 14 TABLE 9 – CRYPTOGRAPHIC KEYS, CRYPTOGRAPHIC KEY COMPONENTS, AND CSPS............................................... 16 TABLE 10 – ACRONYMS ........................................................................................................................................................ 24 HP iLO 4 Cryptographic Module Page 2 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 1 Introduction 1.1 Purpose This is a non-proprietary Cryptographic Module Security Policy for the iLO 4 Cryptographic Module from Hewlett Packard Enterprise Development LP, or HP. This Security Policy describes how the iLO 4 Cryptographic Module meets the security requirements of Federal Information Processing Standards (FIPS) Publication 140-2, which details the U.S. and Canadian Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) Cryptographic Module Validation Program (CMVP) website at http://csrc.nist.gov/groups/STM/cmvp. This document also describes how to run the module in a secure FIPS-Approved mode of operation. This policy was prepared as part of the Level 1 FIPS 140-2 validation of the module. The iLO 4 Cryptographic Module is referred to in this document as iLO 4, the cryptographic module, or the module. 1.2 References This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-2 cryptographic module security policy. More information is available on the module from the following sources:  The HP website (http://www.hp.com) contains information on the full line of products from HP.  The CMVP website (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm) contains contact information for individuals to answer technical or sales-related questions for the module. 1.3 Document Organization The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this document, the Submission Package contains:  Vendor Evidence document  Finite State Model document  Other supporting documentation as additional references This Security Policy and the other validation submission documentation were produced by Corsec Security, Inc. under contract to HP. With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Submission Package is proprietary to HP and is releasable only under appropriate non-disclosure agreements. For access to these documents, please contact HP. HP iLO 4 Cryptographic Module Page 3 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 2 iLO 4 Cryptographic Module 2.1 Overview HP’s Integrated Lights-Out (iLO) is a proprietary embedded server management technology that provides out-of-band management functionality. HP’s fourth generation of iLO (iLO 4) is the foundation of HP’s Proliant series embedded server and fault management. iLO 4 provides system administrators with secure remote management capabilities regardless of the server status or location, and it is available whenever the server is connected to a power source, even if the server main power switch is in the Off position. HP Proliant servers are designed so that administrative functions that are performed locally can also be performed remotely. iLO 4 enables remote access to the operating system console, control over the server power, and hardware reset functionality, and works with the server to enable remote network booting through a variety of methods. The iLO 4 architecture ensures the availability of the majority of iLO 4 functionality, regardless of the state of the host operating system. The HP Lights-Out Online Configuration Utility is available for Windows and Linux operating systems. Additionally, iLO 4 provides Microsoft device driver support, improved .NET framework support, and HP SIM1 SSO2 support. iLO 4 functions out-of-the-box without additional software installation. It functions regardless of the servers’ state of operation, and uses a local account database or directory service to authenticate and authorize its users. iLO 4 can be accessed from any location via a web browser and works hand-in-hand with HP Systems Insight Manager, Insight Control, and Insight Dynamics. Advanced features of iLO 4, available via licensing, include (but are not limited to) the following: graphical remote console, multi-user collaboration, power and thermal optimization, health monitoring, virtual media, and console video recording and playback. The advanced features offer sophisticated remote administration of servers in dynamic data center and remote locations. A comparison of standard and advanced functionality is shown in Table 1. Table 1 – Comparison of HP iLO 4 Advanced and Standard Features iLO 4 iLO 4 iLO 4 iLO 4 Advanced for Standard for Advanced Standard Feature Blade Blade Systems Systems iLO Remote Administration Full text and Full text and Full text and Full text and Virtual Keyboard, Video, Mouse graphic modes graphic modes graphic modes graphic modes (KVM3) (pre-OS4 & OS) (pre-OS) (pre-OS & OS) (pre-OS) Global Team Collaboration Up to 6 Server Up to 6 Server (Virtual KVM) Administrators Administrators Console Record and Replay   Virtual Power     SIM – System Insight Manager 1 SSO – Single Sign-On 2 3 KVM – Keyboard, Video, Mouse 4 OS – Operating System HP iLO 4 Cryptographic Module Page 4 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 iLO 4 iLO 4 iLO 4 iLO 4 Advanced for Standard for Advanced Standard Feature Blade Blade Systems Systems Virtual Media Browser Only   Virtual Folders   SSH6 Only Remote Serial Console SSH Only SSH Only SSH Only Virtual Unit Indicator Display     Simplified Server Setup ROM7-Based Setup Utility     (RBSU) Option ROM Configuration for     Arrays (ORCA) Power Management & Control Present Power Reading     Power Usage Reporting   Ambient Temperature Reporting     Dynamic Power Capping   Power Supply High-Efficiency     Mode Sea of Sensors     Embedded System Health Power On Self Test (POST) and   Failure Sequence Replay iLO and Server Integrated     Management Log Advanced Server Management     (ASM) Alert Administrator (SNMP8     Passthrough) System Health & Configuration     Display Access Security Directory Services   Authentication Locally Stored Accounts     SSH – Secure Shell 6 ROM – Read-Only Memory 7 8 SNMP – Simple Network Management Protocol HP iLO 4 Cryptographic Module Page 5 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 iLO 4 iLO 4 iLO 4 iLO 4 Advanced for Standard for Advanced Standard Feature Blade Blade Systems Systems Interfaces Browser     Command Line     Extensible Markup Language     (XML)/Perl Scripting Integrated Remote Console for     Windows Clients Java Applet Client for Windows     and Linux Clients Security Protocols Transport Layer Security (TLS)     Secure Shell (SSH)     RC4/AES9 (Virtual KVM) 10     Network Connectivity Dedicated Network Interface     Controller (NIC) Shared Network Port     iLO 4 is deployed in the form of an ASIC11, a system-on-a-chip with an independent 400MHz RISC microprocessor (ARM926EJ) running an embedded real-time operating system. The iLO 4 ASIC comes in three flavors referred to as “GLP-3”, “GLP-4”, and “Sabine12”. iLO 4 ASICs for HP ProLiant Gen8/Gen9 servers virtualize system controls to help simplify server setup, engage health monitoring, provide power and thermal control, and promote remote administration of HP ProLiant ML, DL, SL, and BL servers. Figure 1 shows a iLO 4 ASIC. AES – Advanced Encryption Standard 9 10 Feature only available while not operating in the Approved mode of operation 11 ASIC – Application-Specific Integrated Circuit 12 Sabine and GLP-4 are identical except that Sabine has a cache used by drive arrays. HP iLO 4 Cryptographic Module Page 6 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 Figure 1 – iLO 4 ASIC The HP iLO 413 Cryptographic Module includes the iLO 4 ASIC and its associated memory components incorporated directly onto the motherboards of HP Proliant servers. The HP iLO 4 Cryptographic Module is validated at the FIPS 140-2 section levels listed in Table 2. Table 2 – Security Level Per FIPS 140-2 Section Section Section Title Level 1 Cryptographic Module Specification 1 2 Cryptographic Module Ports and Interfaces 1 3 Roles, Services, and Authentication 1 4 Finite State Model 1 5 Physical Security 1 N/A14 6 Operational Environment 7 Cryptographic Key Management 1 EMI/EMC15 8 1 9 Self-tests 1 10 Design Assurance 1 11 Mitigation of Other Attacks N/A iLO – Integrated Lights-Out 13 N/A – Not Applicable 14 15 EMI/EMC – Electromagnetic Interference / Electromagnetic Compatibility HP iLO 4 Cryptographic Module Page 7 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 2.2 Module Specification The iLO 4 Cryptographic Module is a hardware module with a multiple-chip embedded embodiment. The overall security level of the module is 1. The cryptographic boundary of the module surrounds the iLO 4 ASIC, Flash memory, battery-backed NVRAM16, and DDR317 SDRAM18 (see Table 3 for part numbers of these components). Table 3 – Module Component Part Numbers HP Part Number Module Component GLP-4 GLP-3/Sabine ASIC 531510-004 531510-003/610107- 002 Flash Memory (16MB19) 820595-001 820595-001 Battery-Backed NVRAM (GLP-3/Sabine: 820597-001 820596-001 256KB20)(GLP-4: 1MB) DDR3 SDRAM 820594-001 820594-001 The module also includes the iLO 4 firmware and the circuit traces between the module’s physical components. With the exception of power and ground pins, all data pins on the Flash and RAM21 chips lead directly to the iLO 4 ASIC and do not cross the module boundary. The cryptographic boundary of the module and the relationship among the various internal components of the module are depicted in Figure 2 below. NVRAM – Non-Volatile Random Access Memory 16 DDR3 – Double Data Rate v3 17 18 SDRAM – Synchronous Dynamic Random Access Memory 19 MB – Megabyte 20 KB – Kilobyte 21 RAM – Random Access Memory HP iLO 4 Cryptographic Module Page 8 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 South Bridge PWM GPI GPO PCI-E x1 USB 2.0 LPC NVRAM Expansion Bus (PECI) VGA/DVI Analog Video Out DDR-3 16x 33Mhz GLP/Sabine XTAL 48Mhz iLO Flash SPI KBD PS/2 Intf Mouse PS/2 Intf Host SPI System I2C Memory I2C (8x) Peripherals UART A Primary Ethernet Intf Secondary Ethernet Intf XCVR Legend or SD card Data Input Module Data Output Boundary System Control Input NC-SI NIC PHY Status Output Figure 2 – iLO 4 Hardware Block Diagram The cryptographic module was tested and found compliant using the specific part numbers shown in Table 3. However, HP affirms that the iLO Sabine, GLP-3, and GLP-4 ASICs specified in this module will perform the same in all HP Proliant servers regardless of the specific SDRAM, NVRAM, or flash memory chips used. All HP hardware components must meet HP’s rigorous part requirements and demonstrate the HP-required functionality. The module uses the FIPS-Approved algorithm implementations in hardware as listed in Table 4. Table 4 – FIPS-Approved Algorithm Implementations in Hardware Certificate Number Algorithm Sabine GLP-3 GLP-4 Advanced Encryption Standard (AES) in OFB22 mode (128-bit) 3399 3401 3398 Additionally, the module uses FIPS-Approved algorithms implemented in firmware as listed in Table 5. OFB – Output Feedback 22 HP iLO 4 Cryptographic Module Page 9 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 Table 5 – FIPS-Approved Algorithm Implementations in Firmware Certificate Algorithm Number AES Encryption/Decryption in CBC23, ECB24 modes (128, 192, 256-bit) 3400 25 AES GCM Encryption/Decryption/Generation/Verification (128, 192, 3400 256-bit) Triple-DES26 Encryption/Decryption in CBC, ECB modes (3-key) 1924 RSA27 (FIPS 186-4) Key Generation (2048, 3072-bit), Signature Generation 1740 (2048, 3072-bit), Signature Verification (2048, 3072-bit) RSA (FIPS 186-2) Signature Verification (1024, 1536, 2048, 3072, 4096-bit) 1740 DSA29 (FIPS 186-4) Key Generation (2048, 3072-bit), Signature 959 Generation (2048, 3072-bit), Signature Verification (2048, 3072-bit) ECDSA30 (FIPS 186-4) PKG/PKV/SigGen/SigVer for P-256 and P-384 676 curves SHA31-1, SHA-256, SHA-384, SHA-512 2814 HMAC32 with SHA-1, SHA-256, SHA-384, SHA-512 2169 33 34 35 NIST SP 800-90A based CTR _DRBG (with 128-bit AES), no 814 derivation function Section 4.2, TLS – KDF36 (SP 800-135)37 502 Section 5.2, SSH – KDF (SP 800-135) 502 Note: Additional information concerning RSA, DSA, and SHA-1, and specific guidance on transitions to the use of stronger cryptographic keys and more robust algorithms, is contained in NIST Special Publication 800-131A. The module utilizes the following non-Approved algorithm implementations that are allowed for use in an Approved mode of operation:  Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength)  EC38 Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 192 bits of encryption strength)  MD395 (for TLS use) CBC – Cipher-Block Chaining 23 ECB – Electronic Codebook 24 25 GCM – Galois/Counter Mode 26 DES – Data Encryption Standard 27 RSA – Rivest, Shamir, and Adleman 29 DSA – Digital Signature Algorithm 30 ECDSA – Elliptical Curve Digital Signature Algorithm 31 SHA – Secure Hash Algorithm 32 HMAC – (Keyed) Hash Messaged Authentication Code 33 SP – Special Publication 34 CTR – Counter 35 DRBG – Deterministic Random Bit Generator 36 KDF – Key Derivation Function 37 The corresponding protocols of this KDF, TLS and SSH, have not been tested by CAVP and CMVP. 38 EC – Elliptical Curve 39 MD – Message Digest HP iLO 4 Cryptographic Module Page 10 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016  RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)  NDRNG40 used for entropy gathering 2.3 Module Interfaces iLO 4 offers a WebUI41 (accessible over TLS) and a Command Line (CLI) (accessible over SSH) management interfaces. The module’s design separates the physical ports into five logically distinct categories. They are:  Data Input  Data Output  Control Input  Status Output  Power The iLO 4 ASIC provides several power and ground interfaces to the module, as do the Flash and RAM chips. The physical ports and interfaces of the module comprise the individual pins on the iLO 4 ASIC as described by logical interfaces in Table 6. All of these interfaces are also separated into logical interfaces defined by FIPS 140-2 in Table 6 below. Table 6 – FIPS 140-2 Logical Interface Mappings Physical Interface Quantity FIPS 140-2 Interface (ASIC Pins) LPC42/PCIe43  1 Data Input  Data Output USB 2.044  1 Data Input  Data Output  Control Input  Status Output PECI45  1 Data Input  Data Output VGA46/DVI47  1 Data Output  Status Output  Clock In 2 Data Input GPIO48  2 Control Input  Status Output NDRNG – Non-Deterministic Random Number Generator 40 WebUI – Web User Interface 41 42 LPC – Low Pin Count 43 PCIe – Peripheral Component Interconnect Express 44 USB – Universal Serial Bus 45 PECI – Platform Environmental Control Interface 46 VGA – Video Graphics Array 47 DVI – Digital Visual Interface 48 GPIO – General Purpose Input Output HP iLO 4 Cryptographic Module Page 11 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 Physical Interface Quantity FIPS 140-2 Interface (ASIC Pins) PS/249  2 Data Input  Control Input I2C50  1 Data Input  Data Output GMII51/MII52 (Primary  1 Data Input Ethernet)  Data Output  Control Input  Status Output RMII53/MII (Secondary  1 Data Input Ethernet)  Data Output  Control Input  Status Output UART54  3 Control Input  Status Output PWM55  8 Data Output SPI56  2 Data Input  Data Output  Power 4 Power Input 2.4 Roles and Services The module supports two roles that operators may assume: a Crypto-Officer (CO) role and a User role. The roles are explicitly assumed by using a username and a password. 2.4.1 Crypto-Officer Role The Crypto-Officer role has the ability to configure the module. This role is assigned when the first operator logs into the system using the default username and password. Only the Crypto-Officer can create other users and provision the iLO 4 to operate in FIPS-Approved mode. Crypto-Officer services are provided via the supported secure protocols, specifically Transport Layer Security (TLS) and SSH. Descriptions of the services available to the Crypto-Officer are provided in Table 7. Please note that the keys and CSPs listed in the table indicate the type of access required using the following notation:  R – Read: The CSP57 is read.  W – Write: The CSP is established, generated, modified, or zeroized. PS/2 – Personal System/2 49 I2C – Inter-Integrated Circuit 50 51 GMII – Gigabit Media Independent Interface 52 MII – Media Independent Interface 53 RMII – Reduced Media Independent Interface 54 UART – Universal Asynchronous Receiver/Transmitter 55 PWM – Power Management 56 SPI – Serial Peripheral Interface 57 CSP – Critical Security Parameter HP iLO 4 Cryptographic Module Page 12 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016  X – Execute: The CSP is used within an Approved or Allowed security function or authentication mechanism. Table 7 – Crypto-Officer Services CSP and Type of Service Description Inputs Outputs Access Authenticate Authenticate CO to module Command Command Password – R/X and response / parameters Status output Add, remove, Create, edit, and delete Command Command Password – W/R/X modify or assign users; Define user accounts and response / users and roles and assign permissions parameters Status output View system View and monitor system Command Command Password – R/X information information, event logs, response / power settings, etc. Status output View network View and monitor network Command Command Password – R/X statistics information and statistics response / Status output Configure the Configure and manage the Command Command Password – R/X module and host module and host system and response / server parameters such as Remote parameters Status console, virtual media, output power management, network management and host server Activate or Enable advanced features Command Command Password – R/X deactivate licensed including graphical remote and response / features console, multi-user parameters Status collaboration, power and output thermal optimization, health monitoring, virtual media, and console video recording and playback Set FIPS mode Set the FIPS mode flag Command Command Password – R/X response / Status output Zeroize keys and Zeroize all the keys and Command Command All – R/W/X CSPs CSPs stored within iLO response / Status output HP iLO 4 Cryptographic Module Page 13 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 CSP and Type of Service Description Inputs Outputs Access Administer TLS Add, remove, or view root Command Command Password – R/X certificates and specific certificates for response / RSA private/public keys – HTTPS58 connections Status R/X output Show status Indicate whether the Command Command Password – R/X module is in FIPS-Approved response / mode Status output Perform self-tests Perform power-up self-tests Reset or Status None on demand Power output Cycle Access the module Login to the module via CLI Command Command Password – R/X via SSH/CLI using SSH protocol to response / DSA Public key – R/X perform CO services Status DSA Private key – R/X output SSH Session key – R/W/X SSH Authentication Key – R/W/X Access the module Login to the module via Command Command Password – R/X via TLS/WebUI WebUI using TLS protocol response / RSA Public key – R/X to perform CO services Status RSA Private key – R/X output ECDSA Public key – R/X TLS Session key – R/W/X TLS Authentication Key – R/W/X Firmware Upgrade Load new firmware and Command Status Firwmare Upgrade perform an integrity test output Authentication Key – R/X using an RSA digital signature verification 2.4.2 User Role The User role has the ability to monitor the module configurations and the host system. Descriptions of the services available to the User role are provided in the Table 8. Table 8 – User Services CSP and Type of Service Description Input Output Access Authenticate User logs into module Command Command Password – R/X and response / parameters Status output Change Password Change the user’s password Command Command Password – R/W/X and response / parameters Status output HTTPS – Hypertext Transfer Protocol Secure 58 HP iLO 4 Cryptographic Module Page 14 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 CSP and Type of Service Description Input Output Access View system View and monitor system Command Command None information information, event logs, response / power settings, etc. Status output View network View and monitor network Command Command Password – R/X statistics information and statistics response / Status output Show status Indicate whether the Command Command Password – R/X module is in FIPS-Approved response / mode Status output Perform self-tests Perform Power-up Self Reset or Status None Tests on demand Power output Cycle Access the module Login to the module via CLI Command Command Password – R/X via CLI using SSH protocol to response / DSA Public key – R/X perform user services Status DSA Private key – R/X output SSH Session key – R/W/X SSH Authentication Key – R/W/X Access the module Login to the module via Command Command Password – R/X via WebUI WebUI using TLS protocol response / RSA Public key – R/X to perform user services Status RSA Private key – R/X output ECDSA Public key – R/X TLS Session key – R/W/X TLS Authentication Key – R/W/X 2.4.3 Additional Services The module offers additional services to both the CO and User, which are not relevant to the secure operation of the module. All services provided by the modules are listed in the HP iLO 4 User Guide; March 2015 (Edition:1). The User Guide is supplied with the shipment of the iLO 4 modules or may be freely obtained at the following webpage: http://h20628.www2.hp.com/km-ext/kmcsdirect/emr_na-c03334051-12.pdf. 2.5 Physical Security The iLO 4 Cryptographic Module is a multiple-chip embedded cryptographic module. The module consists of production-grade components that include standard passivation techniques. 2.6 Operational Environment The iLO 4 Cryptographic Module does not provide a general-purpose operating system (OS) to the user. The operating system is not modifiable by the operator and only the module’s signed image can be executed. HP iLO 4 Cryptographic Module Page 15 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 2.7 Cryptographic Key Management The module supports the critical security parameters (CSPs) listed below in Table 9. Table 9 – Cryptographic Keys, Cryptographic Key Components, and CSPs CSP CSP Type Generation/Input Output Storage Zeroization Use Exiting FIPS-Approved Used for PKI59 authentication, RSA public key 2048-bit key Internally generated or Exits the module in NVRAM imported in plaintext or plaintext in the form of (plaintext) mode TLS authentication, RSA encrypted form a certificate signature verification, and certificate generation RSA private 2048-bit key Internally generated using Never exits the module NVRAM Exiting FIPS-Approved Used for PKI authentication, key NIST SP 800-90A CTR (plaintext) mode TLS authentication, signature DRBG generation, and certificate generation DSA public key 2048-bit key Internally generated or Exits the module in NVRAM Exiting FIPS-Approved Used for PKI authentication, imported in plaintext or plaintext (plaintext) mode TLS and SSH authentication, encrypted form and DSA signature verification DSA private 224-bit key Internally generated using Never exits the module NVRAM Exiting FIPS-Approved Used for PKI authentication, key NIST SP 800-90A CTR (plaintext) mode and TLS and SSH DRBG authentication, and DSA signature generation ECDSA public NIST defined Imported in plaintext form Exits the module in NVRAM Exiting FIPS-Approved Used for PKI authentication key P-256 and P- plaintext (plaintext) mode 384 curves PKI – Public Key Infrastructure 59 HP iLO 4 Cryptographic Module Page 16 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 CSP CSP Type Generation/Input Output Storage Zeroization Use Diffie-Hellman 2048, 3072-bit Internally generated or Exits the module in DDR3 Session termination, Used for key agreement public key imported in plaintext plaintext RAM rebooting, or power during TLS and SSH sessions component (plaintext) cycling (deriving TLS and SSH session and authentication keys) Diffie-Hellman 224, 256-bit Internally generated using Never exits the module DDR3 Session termination, Used for key agreement private key NIST SP 800-90A CTR RAM rebooting, or power during TLS and SSH sessions component DRBG (plaintext) cycling (deriving TLS and SSH session and authentication keys) EC Diffie- NIST defined Internally generated or Exits the module in DDR3 Session termination, Used for key agreement Hellman public P-256 and P- imported in plaintext plaintext RAM rebooting, or power during TLS and SSH sessions key component 384 curves (plaintext) cycling (deriving TLS and SSH session and authentication keys) EC Diffie- NIST defined Internally generated using Never exits the module DDR3 Session termination, Used for key agreement Hellman private P-256 and P- NIST SP 800-90A CTR RAM rebooting, or power during TLS and SSH sessions key component 384 curves DRBG (plaintext) cycling (deriving TLS and SSH session and authentication keys) TLS Pre-Master Shared Secret Imported in encrypted form Never exits the module DDR3 Exiting FIPS-Approved Used to derive the TLS Secret (384, 1024, RAM mode, session Master Secret as part of TLS 2048-bit) (plaintext) termination, Pseudo-Random Function rebooting, or power cycling TLS Master Shared Secret Internally generated via TLS Never exits the module DDR3 Exiting FIPS-Approved Used to derive the TLS Secret (384-bit) Pseudo-Random Function RAM mode, session Session and Authentication (plaintext) termination, Keys as part of TLS Pseudo- rebooting, or power Random Function cycling HP iLO 4 Cryptographic Module Page 17 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 CSP CSP Type Generation/Input Output Storage Zeroization Use TLS Session AES 128, 256- Established internally using Never exits the module DDR3 Exiting FIPS-Approved It is used for encrypting or Key bit or Triple- TLS KDF. RAM mode, session decrypting the data traffic DES-168 bit (plaintext) termination, during the TLS session rebooting, or power cycling TLS HMAC with Generated internally using Never exits the module DDR3 Exiting FIPS-Approved It is used for data integrity and Authentication SHA-1, SHA- NIST SP 800-90A CTR RAM mode, session authentication during TLS Key 256, SHA-384, DRBG (plaintext) termination, sessions SHA-512 rebooting, or power cycling SSH Session AES 128, 256- Generated internally using Never exits the module DDR3 Exiting FIPS-Approved It is used for encrypting or Key bit or Triple- NIST SP 800-90A CTR RAM mode, session decrypting the data traffic DES 168-bit DRBG (plaintext) termination, during the SSH session rebooting, or power cycling SSH HMAC SHA-1 Generated internally using Never exits the module DDR3 Exiting FIPS-Approved It is used for data integrity and Authentication NIST SP 800-90A CTR RAM mode, session authentication during SSH Key DRBG (plaintext) termination, sessions rebooting, or power cycling AES GCM Key 128, 256-bit Generated internally using Never exits the module DDR3 Exiting FIPS-Approved It is used for encrypting or NIST SP 800-90A CTR RAM mode, session decrypting the data traffic DRBG * (plaintext) termination, rebooting, or power cycling AES GCM IV 96-bits Generated internally using Never exits the module DDR3 Exiting FIPS-Approved It is used as an IV input to AES NIST SP 800-90A CTR RAM mode, session GCM function DRBG * (plaintext) termination, rebooting, or power cycling HP iLO 4 Cryptographic Module Page 18 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 CSP CSP Type Generation/Input Output Storage Zeroization Use DRBG seed 256-bit value Generated internally using Never exits the module DDR3 Exiting FIPS-Approved Random number generation entropy input RAM mode, session (plaintext termination, rebooting, or power cycling Entropy Input 256-bit value Generated internally using Never exits the module DDR3 Exiting FIPS-Approved Random number generation string NDRNG RAM mode, session (plaintext termination, rebooting, or power cycling Password Crypto-Officer Entered by Crypto-Officer Never exits the module NVRAM Exiting FIPS-Approved Used for authenticating the and User or User (plaintext) mode Crypto-Officer or User passwords Firmware Hardcoded Embedded in pre-boot image Never exits the module Image in When overwritten Used to verify RSA signature Upgrade RSA 2048-bit Flash with a new key of items loaded through Authentication public key memory Firmware Upgrade utility Key * Note: The AES GCM key and IV are generated internally in cryptographic module using the module’s Approved NIST SP 800-90A CTR DRBG and meet the requirements specified in IG A.5. The module follows the mechanism for IV generation defined in RFC 5288, and is used only within the TLS protocol and for the protocol versions specified in Section 4 of RFC 5288 which is TLS 1.2. The IV length is 96-bits. HP iLO 4 Cryptographic Module Page 19 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 2.8 EMI/EMC The module was tested and found to be conformant to the EMI/EMC requirements specified by 47 Code of Federal Regulations, Part 15, Subpart B, Unintentional Radiators, Digital Devices, Class A (i.e., for business use). 2.9 Self-Tests The module performs various self-tests (power-up self-tests, conditional self-tests, and critical self-test) on the cryptographic algorithm implementations to verify their functionality and correctness. This section explains the required self-tests that the module implements. 2.9.1 Power-Up Self-Tests iLO 4 performs the following self-tests at power-up to verify the integrity of the firmware images and the correct operation of the FIPS-Approved algorithms implemented in the module:  Firmware integrity test using 512-bit EDC verification of the kernel  Firmware integrity test using 512-bit EDC verification of the Dynamic Download  Self-Tests in hardware o AES Encryption KAT o AES Decryption KAT  Self-Tests in firmware o AES Encryption KAT o AES Decryption KAT o AES GCM Encryption KAT o AES GCM Decryption KAT o Triple-DES Encryption KAT o Triple-DES Decryption KAT o RSA Signature Generation KAT o RSA Signature Verification KAT o DSA Pairwise Consistency Test o ECDSA Pairwise Consistency Test o SHA-1 KAT o HMAC with SHA-1, SHA-256, SHA-384, and SHA-512 KATs o DRBG KAT The power-up self-tests can be performed at any time by power-cycling the module or via resetting the module. 2.9.2 Conditional Self-Tests iLO 4 performs the following conditional self-tests (all in firmware):  Continuous Random Number Generator Test (CRNGT) for the DRBG  CRNGT for the NDRNG  RSA Pairwise Consistency Test for key pair generation  DSA Pairwise Consistency Test for sign/verify  ECDSA Pairwise Consistency Test for sign/verify  Firmware Load Test (using RSA 2048-bit and SHA-256) 2.9.3 Critical Functions Tests iLO 4 performs the following critical functions self-tests (all in firmware):  SP 800-90A CTR_DRBG Instantiate Health Test  SP 800-90A CTR_DRBG Generate Health Test HP iLO 4 Cryptographic Module Page 20 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016  SP 800-90A CTR_DRBG Reseed Health Test  SP 800-90A CTR_DRBG Uninstantiate Health Test 2.9.4 Self-Test Failure Handling Upon failure of any power-up self-test, conditional self-test, or critical function test, the module demonstrates the following behavior:  On failure of firmware intergrity test, the module reaches “ Boot Error” state in which the module firmware does not get loaded and the module aborts. The only way to continue from this state is by rebooting or power-cycling the module. If the error still exists, then the module needs to be returned to the factory.  In case of failure of any other self-test, the module reaches the “Critical Error” state and it disables all access to cryptographic functions and CSPs. All data outputs via data output interfaces are inhibited upon any self-test failure. A permanent error status will be relayed via the status output interface, which then is recorded as an entry to the module log file and also relayed via the status output interfaces. The module then zeroizes all the keys and CSPs, performs a reset to factory default settings, and performs a reboot. The factory default reset changes the FIPS mode flag, taking the module out of FIPS mode. The module will have to be reset in order to reconfigure the module to FIPS mode. 2.10 Mitigation of Other Attacks This section is not applicable. The module does not claim to mitigate any attacks beyond the FIPS 140-2 Level 1 requirements for this validation. HP iLO 4 Cryptographic Module Page 21 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 3 Secure Operation The iLO 4 Cryptographic Module meets Level 1 requirements for FIPS 140-2. The sections below describe how to place and keep the module in its FIPS-Approved mode of operation. 3.1 Crypto-Officer Guidance The following sections provide the necessary step-by-step instructions for the secure installation of iLO 4 card, as well as the steps necessary to configure the module for a FIPS-Approved mode of operation. 3.1.1 Initialization The module is delivered in an uninitialized factory state, and require first-time configuration in order to operate in its FIPS-Approved mode. Access to the module shall be limited to the Crypto-Officer, and it is the Crypto-Officer’s responsibility to configure the module into the FIPS-Approved mode. iLO 4 contains a distinct FIPS-Approved mode of operation that can be set through the configuration of a single parameter during initial initialization. The following sections provide the necessary step-by-step instructions for the secure installation of the iLO 4, as well as the steps necessary to configure the module for a FIPS-Approved mode of operation. Once the host platform is properly installed, the Crypto-Officer shall immediately configure iLO 4 to operate in FIPS-Approved mode; it is expected that iLO 4 will be configured for FIPS-Approved mode only once during initial host platform installation. Exiting the FIPS-Approved mode will initiate a factory-reset of the module, zeroizing all keys, CSPs, and user accounts. The following steps outline the procedure for configuring iLO 4 to run in FIPS-Approved mode: 1. Access the iLO 4 over the Ethernet port via WebUI (over TLS). 2. Use the default username and password provided on the server tag along with the iLO 4 server to log on. Accept the certificate. 3. Under the “Administration” menu click on “Security” sub-menu. Under the “Security” sub-menu navigate to the “Encryption” tab. 4. Under the Encryption Enforcement Settings, select the “Enabled” option of the drop down menu for the “FIPS Mode”. 5. iLO 4 will wipe the memories, reinitialize (zeroizing all existing keying material), and reboot. 6. Access the iLO again, using the first two steps outlined above. 7. Accept the new certificate. 8. Use the default username and password provided on the server tag along with the iLO 4 server to log on. 9. Under the “Administration” menu, click on the “User Administration” sub-menu. Check the box next to “Administrator”, under Local Users, and click the “Edit” button. Enter a new password in the “Password” text box. Reenter the password, to confirm, in the “Password Confirm” text box. Click the “Update User” button at the bottom of the page. 10. Under the “Administration” menu, click on the “Management” sub-menu. The “SNMP Settings” tab contains SNMP configuration data. In the “Insight Management Integration” area, change the value of “Level of Data Returned” to “Disabled (No Response to Request)”. Click “Apply”. This disables “Insight Management Integration”. 11. The SNMP and its settings are disabled by default. Do not change default SNMP settings. 12. Under the “Administration” menu, click on the “Access Settings” sub-menu. Uncheck the checkbox for “Enable IPMI/DCMI over LAN on Port 623”. Click “Apply”. This disables IPMI. The module is now initialized and in FIPS-Approved mode. HP iLO 4 Cryptographic Module Page 22 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 3.1.2 Secure Management A CO shall change the default password after first login. When a module is powered on for the first time, a CO shall configure the module for FIPS mode by following the steps mentioned in Section 3.1.1. Additionally, the following usage policies apply:  SNMP and IPMI shall be disabled while the module is running in the FIPS-Approved mode of operation.  The CO shall not enter the DSA or RSA public keys manually while the module is operating in the FIPS-Approved mode.  Remote administration must only be performed over the WebUI (HTTPS) and CLI (SSH) interfaces. Once the module is provisioned into FIPS mode during initialization, the module will operate and remain in FIPS-Approved mode of operation unless the module enters an error state and performs a factory reset. The Crypto-Officer can also exit FIPS-Approved mode on demand by restoring the module to factory default. In order to check the module’s FIPS mode status, the Crypto-Officer can check the “iLO Event Log” page, under the “Information” header. In the “Description” column of the event log, the text “FIPS Mode Enabled.” should appear at the time when the iLO was powered on or the status was changed to enable it. 3.2 User Guidance The User does not have the ability to configure sensitive information on the module, with the exception of their password. The User must be diligent to pick strong passwords, and must not reveal their password to anyone. Additionally, the User should be careful to protect any secret/private keys in their possession, if any. The module requires 256-bits of entropy to generate a seed for the RNG. After initial startup the system must be operational for one minute 50 seconds to generate enough entropy for the seeding function. Once operational for this timeframe the module can be configured in FIPS approved mode. 3.3 Module’s Mode of Operation On the first power up, the module is not configured in its Approved mode. During initial configuration and setup, the module is explicitly set to operate in the FIPS-Approved mode of operation. An authorized operator can access the module via the WebUI or the CLI and determine the operational mode of the module. Detailed steps and procedure required to determine whether the module is operating in FIPS-Approved mode or not can be found in the “Enabling FIPS Mode” section of the iLO User’s Guide, which is available at http://www.hp.com/support/ilo4_ug_en. 3.4 Non-Approved Mode When initialized and configured according to the Crypto-Officer guidance in this Security Policy, the modules do not support a non-Approved mode of operation. HP iLO 4 Cryptographic Module Page 23 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 4 Acronyms Table 10 in this section describes the acronyms. Table 10 – Acronyms Acronym Definition AES Advanced Encryption Standard ANSI American National Standards Institute API Application Programming Interface ASIC Application Specific Integrated Circuit ASM Advanced Server Management CA Certificate Authority CBC Cipher Block Chaining CBIT Conditional Built In Test CFB Cipher Feedback CLI Command Line Interface CMVP Cryptographic Module Validation Program CO Crypto-Officer CRNGT Continuous Random Number Generator Test CSE Communications Security Establishment CSP Critical Security Parameter CSR Certificate Signing Request CTR Counter CVL Component Validation List DDR Double Data Rate DES Data Encryption Standard DH Diffie Hellman DRBG Deterministic Random Bit Generator DSA Digital Signature Algorithm DVI Digital Visual Interface EC Elliptical Curve ECB Electronic Codebook ECDSA Elliptical Curve Digital Signature Algorithm EMC Electromagnetic Compatibility EMI Electromagnetic Interference FIPS Federal Information Processing Standard HP iLO 4 Cryptographic Module Page 24 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 Acronym Definition GMII Gigabit Media Independent Interface GPC General Purpose Computer GPIO General Purpose Input Output HA High Availability HMAC (Keyed-) Hash Message Authentication Code HP Hewlett Packard HTTPS Hypertext Transfer Protocol Secure I2C Inter-Integrated Circuit iLO Integrated Lights-Out IPMI Intelligent Platform Management Interface IT Information Technology JTAG Joint Test Action Group KAT Known Answer Test KB Kilobyte KDF Key Derivation Function KVM Keyboard, Video, Mouse LPC Low Pin Count MB Megabyte MD Message Digest MII Media Independent Interface NDRNG Non-Deterministic Random Number Generator NIC Network Interface Card NIST National Institute of Standards and Technology NVLAP National Voluntary Laboratory Accreditation Program NVRAM Non-Volatile Random Access Memory OFB Output Feedback ORCA Option ROM Configuration for Arrays OS Operating System PBIT Power up Built In Test PCIe Peripheral Component Interconnect Express PECI Platform Environmental Control Interface PKI Public Key Infrastructure POST Power On Self Test PRNG Pseudo Random Number Generator HP iLO 4 Cryptographic Module Page 25 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Security Policy, Version 1.2 February 10, 2016 Acronym Definition PS/2 Personal System/2 PWM Power Management RAM Random Access Memory RBSU ROM-Based Set-up Utility RMII Reduced Media Independent Interface RNG Random Number Generator ROM Read-Only Memory RSA Rivest Shamir and Adleman SD Secure Digital SDRAM Synchronous Dynamic Random Access Memory SHA Secure Hash Algorithm SIM System Insight Manager SNMP Simple Network Management Protocol SP Special Publication SPI Serial Peripheral Interface SSH Secure Shell SSO Single Sign On TCP Transmission Control Protocol TDES Triple Data Encryption Standard TLS Transmission Layer Security UART Universal Asynchronous Receiver/Transmitter USB Universal Serial Bus VGA Video Graphics Array WebUI Web User Interface XML Extensible Markup Language HP iLO 4 Cryptographic Module Page 26 of 27 © 2016 Hewlett Packard Enterprise Development LP This document may be freely reproduced and distributed whole and intact including this copyright notice. Prepared by: Corsec Security, Inc. 13921 Park Center Road, Suite 460 Herndon, VA 20171 United States of America Phone: +1 (703) 267-6050 Email: info@corsec.com http://www.corsec.com