All commands to CCA host crypto modules
are signed. Depending on the command and the setup, the command is
either executed immediately or is pending (waiting to be co-signed
by other authorities before being executed). Commands requiring more
than one signature are called dual-signature commands.
The following single-signature commands deal with master key management
and disabling the host crypto module:
- Clear old master key (DES, AES, RSA, or ECC (APKA))
- Clear new master key (DES, AES, RSA, or ECC (APKA))
- Load/combine new master key parts (DES, AES, RSA, or ECC (APKA))
- Set master key (RSA master key only)
- Set master key, immediate (DES, AES, RSA, or ECC (APKA))
- Disable crypto module
The
dual-signature commands always require two signatures.
These commands deal with:
- Access Control
- Zeroize Domain
- Enable Crypto Module
- Domain Controls
The
single-signature commands for operational keys are:
- Load first key part (DES or AES)
- Load additional key part (DES or AES)
- Complete key (DES or AES)
- Clear operational key register (DES or AES)