Hewlett Packard Enterprise DevelopmentLP
HPE BladeSystem c-Class Virtual Connect Firmware
FirmwareVersion: 4.65
FIPS 140-2 Non-Proprietary Security Policy
FIPS Security Level: 1
Document Version: 0.7
Preparedfor: Preparedby:
HewlettPackard Enterprise
DevelopmentLP
Corsec Security,Inc.
11445 CompaqCenterDr.W. 13921 ParkCenterRoad
Suite 460
Houston,TX 77070 Herndon,VA 20171
UnitedStatesof America UnitedStatesof America
Phone:+1 (281) 370-0670 Phone:+1 703 267 6050
http://www.hpe.com www.corsec.com
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 2 of 33
Table of Contents
1. Introduction..........................................................................................................................................4
1.1 Purpose .......................................................................................................................................4
1.2 References...................................................................................................................................4
1.3 Document Organization................................................................................................................4
2. VC Firmware.........................................................................................................................................5
2.1 Overview .....................................................................................................................................5
2.2 Module Specification....................................................................................................................6
2.2.1 Logical Cryptographic Boundary.......................................................................................9
2.2.2 Physical Cryptographic Boundary...................................................................................10
2.3 Module Interfaces ......................................................................................................................11
2.4 Roles, Services, and Authentication .............................................................................................12
2.4.1 Authorized Roles...........................................................................................................12
2.4.2 Operator Services..........................................................................................................13
2.4.3 General Operator Services.............................................................................................15
2.4.4 Non-Security Relevant Services......................................................................................16
2.4.5 Authentication..............................................................................................................16
2.5 Physical Security.........................................................................................................................19
2.6 Operational Environment............................................................................................................19
2.7 Cryptographic Key Management..................................................................................................20
2.8 Self-Tests...................................................................................................................................25
2.8.1 Power-Up Self-Tests......................................................................................................25
2.8.2 Conditional Self-Tests....................................................................................................25
2.8.3 Critical Functions Self-Tests...........................................................................................26
2.9 Mitigation of Other Attacks.........................................................................................................26
3. Secure Operation................................................................................................................................27
3.1 Initial Setup................................................................................................................................27
3.2 Crypto Officer Guidance..............................................................................................................27
3.2.1 Secure Management.....................................................................................................27
3.2.2 Verifying the Approved Mode........................................................................................28
3.2.3 Save Domain and Export Dump......................................................................................28
3.2.4 Zeroization ...................................................................................................................28
3.2.5 Password Complexity ....................................................................................................28
3.2.6 TLS Version Configuration..............................................................................................28
3.3 User Guidance............................................................................................................................29
3.4 Non-Approved Mode of Operation..............................................................................................29
4. Acronyms ...........................................................................................................................................30
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 3 of 33
List of Tables
Table 1 – Security Level per FIPS 140-2 Section.................................................................................................6
Table 2 – FIPS-Approved Cryptographic Algorithms ..........................................................................................7
Table 3 – Allowed Algorithms..........................................................................................................................8
Table 4 – Non-Approved Algorithms ................................................................................................................9
Table 5 – FIPS 140-2 Logical Interface Mappings.............................................................................................12
Table 6 – Mapping of HPE Administrative Roles to FIPS-Defined Roles.............................................................13
Table 7 – Module Services by Role.................................................................................................................13
Table 8 – ServicesNot Requiring anAuthorized Role.......................................................................................15
Table 9 – Authentication Mechanism Used by the Module..............................................................................18
Table 10 – List of Cryptographic Keys, Cryptographic Key Components, and CSPs.............................................20
Table 11 – Acronyms.....................................................................................................................................30
List of Figures
Figure 1 – VC Firmware Logical Cryptographic Boundary.................................................................................10
Figure 2 – HPE BladeSystem c-Class Virtual Connect Hardware Platform Block Diagram....................................11
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 4 of 33
1. Introduction
1.1 Purpose
This is a non-proprietary Cryptographic Module Security Policy for the HPE BladeSystem c-Class Virtual Connect
Firmware (FirmwareVersion:4.65) fromHewlettPackardEnterprise DevelopmentLP (HPE),hereafterreferredto
in this document as the VC Firmware or the module. This SecurityPolicy describes how the VC Firmware meets
the securityrequirementsof FederalInformationProcessingStandards(FIPS) Publication140-2,whichdetailsthe
U.S.1
and Canadiangovernmentrequirementsforcryptographicmodules.More informationaboutthe FIPS140-
2 standard and validationprogramis available onthe National Institute of Standardsand Technology(NIST) and
the CommunicationsSecurityEstablishment(CSE) Cryptographic Module Validation Program (CMVP) website at
http://csrc.nist.gov/groups/STM/cmvp.
This document also describeshow to run the module in a secure FIPS-Approved mode of operation. This policy
was preparedaspart of the Level 1 FIPS140-2 validationof the module.
1.2 References
This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-2
cryptographicmodule securitypolicy.More informationisavailable onthe module fromthe followingsources:
 The HPE website (www.hpe.com)containsinformationonthe full line of productsfrom HPE.
 The CMVP website (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm) contains
contact informationforindividualsresponsible for answeringtechnical orsales-relatedquestionsforthe
module.
1.3 Document Organization
The Security Policy document is organized into two (2) primary sections. Section 2 provides an overview of the
validatedmodule.Thisincludesageneral descriptionof the module’scapabilitiesanduse of cryptographyaswell
as a presentation of the validation level achieved in each applicable functional area of the FIPS standard. It also
provides high-level descriptions of how the module meet FIPS requirements in each functional area. Section 3
documents the guidance needed for the secure use of the module, including initial setup instructions,
managementmethods,andapplicableusage policies.
1 U.S. – United States
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 5 of 33
2. VC Firmware
2.1 Overview
HPE’s Virtual Connect is a server edge virtualization solution that provides connections over Ethernet, Fibre
Channel, and iSCSI2
betweendata and storage networks and a shared resource pool of HPE BladeSystemserver
blades.These connections are virtualizedwithahardware abstractionlayersothatserverchanges,like upgrades
or replacements, are transparent to the external LAN3
and SAN4
environments. Virtual Connect provides four
times the number of connections per physical network link by partitioning server Ethernet ports into smaller-
bandwidth physical functionNIC5
s(calledFlexNICs6
).
The VCFirmware operateson three differentHPEBladeSystemc-ClassVirtualConnecthardwareplatforms(called
interconnectmodules) thatplugdirectly intothe rear bay of HPE BladeSystemc-Classenclosures.The platforms
connect to server blades through the enclosure midplane. HPE BladeSystem is a rack-mount, enterprise-class
computing infrastructure designed to maximize power while minimizing costs. A typical HPE BladeSystem
environment may consist of an HPE BladeSystemc7000 enclosure, one or two HPE Onboard Administrator (OA)
modules forenclosure management,one ormore HPE BladeSystemc-ClassVirtual Connect hardware platforms,
and one or more of a range of serverbladesdesignedtoprovide flexiblecomputationorstorage services.
Virtual Connectprovidesthe followingadvantages:
 Cleanlyseparatesserverenclosure administrationfromLAN andSAN administration
 Allows administrators to add, move, or replace servers without impacting production LAN and SAN
availability
 Simplifiesthe setupandadministrationof serverconnections
 Enables HPEFlexFabric,whichisaconvergednetworksolutioncapable of transmittingbothEthernetand
storage trafficreliablyincongestednetworks
 Supplieseasyandefficientcentral managementtoolsforone tohundredsof domains
Administratorsuse Virtual Connectmanagementtoolslike Virtual ConnectEnterpriseManager(VCEM) orVirtual
ConnectManager (VCM) to create an I/O7
connectionprofile foreachserverafterphysicallymakingthe LAN and
SAN connectionstothe HPE BladeSystemc-ClassVirtual Connect hardware platform.The I/Oconnectionprofile,
or server profile, provides the linkage between the server and the connections defined in the Virtual Connect
application.Serverprofilescontaininformationaboutserveraddresses,connections,andboot parameters.
VCM management capabilities are provided through firmware running on a processor on Ethernet-capable
interconnect modules. Consequently, each HPE BladeSystem enclosure must have at least one HPE Virtual
2 iSCSI –Internet SmallComputer Systems Interface
3 LAN – Local Area Network
4 SAN – Storage Area Network
5 NIC – Network InterfaceController
6 A FlexNIC is a physical PeripheralComponent InterconnectExpress (PCIe) function thatappears to thesystem read-only memory, operating system, and
hypervisor as a discretephysicalNIC with its own driver instance. It is not a virtual NICcontainedin a softwarelayer.
7 I/O –Input/Output
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 6 of 33
Connect Ethernet-capable interconnect module. VCM provides a Web-based GUI8
(the Web GUI) and a CLI9
for
managinga single Virtual Connectdomain.
VCEM, a plug-in for HPE Systems Insight Manager (HPSIM), is an optional software application used to manage
multiple Virtual Connect domains10
(up to 1,000 BladeSystem enclosures). It provides automation and group-
basedmanagementcapabilitiesbeyondwhatVCMoffers.VCMcommunicateswithVCEMoveraSOAP11
interface
to forward serverandnetworkconfigurationdata.
Additional information about the Virtual Connect infrastructure and technologies can be found in the technical
white paper Overview of HP Virtual Connect technologies, available from the HPE website at
http://h20195.www2.hp.com/V2/GetDocument.aspx?docname=4AA4-8174ENW&cc=us&lc=en.
The VC Firmware isvalidatedatthe FIPS140-2 Sectionlevelsshownin Table 1.
Table 1 – Security Level per FIPS 140-2 Section
Section Section Title Level
1 Cryptographic Module Specification 1
2 Cryptographic Module Ports and Interfaces 1
3 Roles, Services, and Authentication 2
4 Finite State Model 1
5 Physical Security 1
6 Operational Environment N/A12
7 Cryptographic KeyManagement 1
8 EMI/EMC13 1
9 Self-tests 1
10 Design Assurance 1
11 Mitigation ofOther Attacks N/A
2.2 Module Specification
The VCFirmware isa firmware module withamulti-chipembeddedembodiment.The overallsecurity levelof the
module is 1. The firmware image (vcfwall465.bin) runsonan HPE BladeSystemc-ClassVirtual Connecthardware
platforminstalledinan HPE BladeSystemc-Classenclosure.
The module implementsthe FIPS-Approvedalgorithmslistedin Table 2.
8 GUI – GraphicalUser Interface
9 CLI –Command LineInterface
10 Virtual Connect domain -AVirtual Connect domainconsists ofa BladeSystem enclosure anda setofassociated modules andserver blades that are
managedtogetherby a singleinstanceoftheVCM.
11 SOAP – Simple ObjectAccess Protocol
12 N/A – Not Applicable
13 EMI/EMC – ElectromagneticInterference / ElectromagneticCompatibility
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 7 of 33
Table 2 – FIPS-Approved Cryptographic Algorithms
CAVP Cert Algorithm Standard Mode / Method
Key Lengths,
Curves, or Moduli
Use
4777 AES14 FIPS PUB 197,
NIST SP15 800-38A
CBC16 128, 192, 256 Data Encryption/Decryption
CFB17128 128 Data Encryption/Decryption
CTR18 128, 192, 256 Data Encryption/Decryption
FIPS PUB 197,
NIST SP 800-38D
GCM19 128, 256 Data Encryption/Decryption
and Authentication
NIST SP 800-38F KW20 128, 192, 256 KeyWrapping/Unwrapping
Vendor
Affirmation
CKG21 NIST SP 800-133 - - KeyGeneration
1424 CVL22 NIST SP 800-135Rev1 TLS23 1.2 - KeyDerivation
No parts ofthis protocol, other
than the KDF, have been
testedbythe CAVPand CMVP.
1425 CVL24 NIST SP 800-135Rev1 SSH - KeyDerivation
No parts ofthis protocol, other
than the KDF, have been
testedbythe CAVPand CMVP.
1426 CVL25 NIST SP 800-135Rev1 SNMP26v3 - KeyDerivation
No parts ofthis protocol, other
than the KDF, have been
testedbythe CAVPand CMVP.
1655 DRBG27 NIST SP 800-90A CTR - Deterministic Random Bit
Generation
3187 HMAC28 FIPS PUB 198-1 HMAC-SHA-1,
HMAC-SHA-256,
HMAC-SHA-384,
HMAC-SHA-512
160, 256, 384, 512 Message Authentication
14 AES – Advance EncryptionStandard
15 SP – SpecialPublication
16 CBC – Cipher Block Chaining
17 CFB – Cipher Feedback
18 CTR –Counter
19 GCM – Galois Counter Mode
20 KW – Key Wrap
21 CKG – Cryptographic Key Generation
22 CVL – Component ValidationList
23 TLS – TransportLayerSecurity
24 CVL – Component ValidationList
25 CVL – Component ValidationList
26 SNMP – Simple Network Management Protocol
27 DRBG –Deterministic RandomBit Generator
28 HMAC – (Keyed-) HashMessageAuthenticationCode
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 8 of 33
CAVP Cert Algorithm Standard Mode / Method
Key Lengths,
Curves, or Moduli
Use
Vendor
Affirmation
PBKDF29 NIST SP 800-132 DerivingKeys for Storage
Applications
2618 RSA30 FIPS PUB 186-4 SHA-256, SHA-384, SHA-
512
2048 KeyPair Generation
SHA-224, SHA-256, SHA-
384, SHA-512
2048 Signature Generation and
Verification
3923 SHS31 FIPS PUB 180-4 SHA32-1, SHA-256, SHA-
384, SHA-512
- Message Digest
2539 Triple-DES33 NIST SP 800-67 TCBC34 - Data Encryption/Decryption
The TLS protocol governs the
generationof Triple-DES keys.
Refer to RFC5246 for details
relevant to the generationof
the Triple-DESkeys. The user is
responsible for ensuring the
module limits the number of
encryptions with the same key
to 232.
The module implementsthe Allowedalgorithmslisted inTable 3below.
Table 3 – Allowed Algorithms
Algorithm Caveat Use
FFC35 DH36 Provides between 112 and 150 bits of
encryption strength
Keyagreement
RSA (keyencapsulation) Provides between 112 and 256 bits of
encryption strength
Keyestablishment
NDRNG37 (/dev/random) N/A Seedingfor the DRBG
The module implementsthe Non-Approvedalgorithmslistedin Table 4below.
29 PBKDF –Password-Based Key DerivationFunction
30 RSA –Rivest ShamirAdleman
31 SHS – Secure HashStandard
32 SHA –Secure Hash Algorithm
33 DES –Data Encryption Standard
34 TCBC – Triple Data Encryption AlgorithmCipher Block Chaining
35 FFC – Finite FieldCryptography
36 DH – Diffie-Hellman
37 NDRNG –Non-deterministicRandom Number Generator
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 9 of 33
Table 4 – Non-Approved Algorithms
Algorithm Use
OpenSSL md_rand Provides Salt as input to the PBKDF2 function
Further,the vendoraffirmscompliance withthe followingsecuritymethods:
 NIST SP 800-132 (PBKDF2) – The module implements option 1(a) from section 5.4 of the Special
Publication.PleaserefertoSection 3.2.3for Crypto-Officerguidance specificto thisfunction.
 NIST SP 800-133 (CKG) – When the module generates symmetric keys or seeds used for generating
asymmetrickeys,unmodifiedDRBGoutputisusedasthe symmetrickeyorasthe seedforgeneratingthe
asymmetrickeys.
Asafirmware module, themodule hasbothalogical andphysical cryptographicboundary.Thelogical andphysical
cryptographicboundariesare describedinSections 2.2.1and 2.2.2, respectively.
2.2.1 Logical Cryptographic Boundary
The logical cryptographicboundaryis drawn around the VCFirmware executingonthe HPE BladeSystemc-Class
Virtual Connecthardware platform.
Figure 1 shows the module’s logical cryptographic boundary including the four main parts that comprise the VC
Firmware.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 10 of 33
Figure 1 – VC Firmware Logical Cryptographic Boundary
2.2.2 Physical Cryptographic Boundary
Asa firmware module, the cryptographicmodulehasnophysical characteristics;however,the physical boundary
of the cryptographic module is defined by the HPE BladeSystem c-Class Virtual Connect hardware platform on
whichitruns.
The module wastestedandfoundcompliantonthe following HPEBladeSystemc-ClassVirtualConnect hardware
platforms:
 HPE Virtual ConnectFlexFabric-20/40F8 Module forc-Class BladeSystemwithTAA38
 HPE Virtual ConnectFlexFabric10 Gb39
/24-portModule for c-ClassBladeSystem
 HPE Virtual ConnectFlex-10/10DModule forc-ClassBladeSystem
The module executesonthe Freescale MPC8535processorlocatedoneachof the HPEBladeSystemc-ClassVirtual
Connecthardware platforms.The module’sphysical cryptographicboundary isthe physical perimeterof the HPE
BladeSystem c-Class Virtual Connect hardware platform. This boundary fully encloses the processor and other
hardware componentsthatstore andprotect the VCFirmware.
38 TAA – Trade Agreements Act. This extension on the model name signifies itis TAA-compliant, i.e., itwas manufactured in a TAAdesignated country;
otherwise, it is thesamehardwareand firmware as the HPEVirtual ConnectFlexFabric20/40F8 Modulefor c-Class BladeSystem.
39 Gb – Gigabit
HPE BladeSystem c-Class Virtual Connect
Hardware Platform
Data Output
Data Input
Control Input
Status Output
Logical Cryptographic Boundary
HPE Operating System
uBoot
HPE Virtual Connect Application
Cryptographic Library
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 11 of 33
Figure 2 presents ahardware blockdiagramforthe HPEBladeSystemc-ClassVirtualConnect hardware platforms.
It illustratesthe physical componentsandthe portsandinterfacesacross the physical boundary.
Data Output
Data Input
Control Input
Status Output
Physical Cryptographic
Boundary
Power
Freescale
Processor
MPC8535
Flash
ROM
Boot
ROM
DDR
RAM
GBx
Backplane
Connector
Ethernet
(SFP+/QSFP)
Broadcom
Network
Controller
(Switch)
LED
Mini-
USB
Next
Button
Reset
ISMIC
Ethernet
Transceiver
ROM Bus ROM Bus
DDR2 Bus
RS-232 Bus
PCIe/PCI Bus
Ethernet
Bus
USB Bus
I2
C Bus
GPIO Bus
DDR – Double Date Rate
GPIO – General Purpose Input/Output
I2
C – Inter-Integrated Circuit
ISMIC – I2
C Switch Management Interface Controller
LED – Light Emitting Diode
PCI(e) – Peripheral Component Interface (express)
QSFP – Quad Small Form-factor Pluggable
RS – Requirement Specification
RAM – Random Access Memory
ROM – Read-Only Memory
SFP – Small Form-factor Pluggable
USB – Universal Serial Bus
Figure 2 – HPE BladeSystem c-Class Virtual Connect Hardware Platform Block Diagram
2.3 Module Interfaces
Asa firmware cryptographicmodule,the module’sphysicalportsandinterfacesare those of theHPEBladeSystem
c-ClassVirtual Connecthardware platform onwhichthe VCFirmware runs.
The module’s hardware platformsconnect to the BladeSystem Enclosure through the backplane connector that
plugs into the enclosure,providing connectionpathways to all of the enclosure components and subsystems in
order to provide administration. The backplane connector provides serial, Ethernet, and I2
C connectivity. In
addition,the backplane connectoralsoprovidesVirtual Connectmanagementviaboththe WebGUI and the CLI.
Informationflowingthroughthe Ethernetinterfaceisgeneral,non-securityrelevantdata.
The followingisalistof physical interfacesimplementedbythese platforms:
 GBx backplane connector
 EthernetSFP+connector
 EthernetQSFPconnector
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 12 of 33
 Resetbutton
 LED indicators
 USB 2.0 (Mini) Type B connector(notusedby the module)
 Nextbutton(notusedby the module)
The physical portsare separatedintothe logical interfacesdefinedbyFIPS140-2:data input,dataoutput,control
input,statusoutput,andpower.The module provides thissame setof logical interfacesthroughitsuserinterfaces
(WebGUI andCLI),which allow itto receive andrespondto callsforcryptographicand administrative services.
A mappingof the FIPS140-2 logical interfaces tothe module’sphysical andlogical interfaces isshown inTable 5.
Table 5 – FIPS 140-2 Logical Interface Mappings
FIPS 140-2 Logical
Interface
Module Physical Interface Module Logical Interface
Data Input  Ethernet Interfaces (SFP+, QSFP)
 Backplane connector
Applicationinputs via user interfaces
Data Output  Ethernet Interfaces (SFP+, QSFP)
 Backplane connector
Applicationoutputs via user interfaces
Control Input  Backplane connector
 Reset button
Applicationmanagement commands and
commandparameters via user interfaces
Status Output  Backplane connector
 LED40 indicators
Applicationcommandreturn statuses via
user interfaces
Power Interface Power interface Not applicable
2.4 Roles, Services, and Authentication
The sectionsbelowdescribethe module’srolesandservicesanddefine the authenticationmethodsemployed.
2.4.1 Authorized Roles
There are twoauthorized FIPSrolessupportedbythe module:the Crypto-Officer(CO)role andthe Userrole. The
module iscapable of supportingmultiple CO andUsersecure sessionsata time.Operatorsof the moduleassume
the role of CO or User through role-based authenticationmechanisms implemented by the HPE Virtual Connect
application. The module supports both local and remote authentication methods. An operator accesses the
module byprovidingcredentialsthatmatchthose storedlocallyorona remote LDAPserver.
Operators of the module are assignedto an HPE-defined administrative role, each of which maps to one of the
authorizedFIPS roles.Anoperator’sroleisexplicitly assumedbasedontheirusername orcredentials storedona
CAC41
card.
40 LED – Light Emitting Diode
41 CAC – Common Access Card
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 13 of 33
An operatorassignedtothe “Domain”HPE administrative role assumesthe COrole. Table 6 maps all of the HPE
administrative roles to their FIPS-defined role and provides a description of the services available to each role.
Table 7 liststhe Approvedsecurityservicesforboththe CO and User roles.The CO has access to all the services
of the User.
Table 6 – Mapping of HPE Administrative Roles to FIPS-Defined Roles
FIPS-Defined Role HPE Administrative Role Description
CO Domain Define localuser accounts, set passwords,
define roles;configure role-baseduser
authentication;Import enclosures
User Network Configure networkdefault settings;select the
MAC42 addressrange to be usedbythe Virtual
Connect domain;create, delete, andedit
networks
Server Create, delete, andedit server VirtualConnect
profiles;assignand unassign profiles to device
bays;select and use available networks
Storage Select the WWNs43 to be used bythe domain;
set up the connections to the external FC44
Fabrics;configure FCSNMP settings
2.4.2 Operator Services
Descriptions of the services available to an operator with the CO and User role are provided in Table 7. Please
note that the keysand CSPslistedin Table 7indicate the type of access requiredusingthe followingnotation:
 R – Read:The CSPis read.
 W – Write:The CSP isestablished,generated,modified,orzeroized.
 X – Execute: The CSP is used within an Approved or Allowed security function or authentication
mechanism.
Table 7 – Module Services by Role
Service
Role
Description CSP and Type of Access
CO User
Create/ModifyUsers  Create, edit, anddelete users;define
user accounts and assignpermissions
User password– W
Change CO Password  Change the CO password CO password – W
Change User Password   Change the User password User password – W
42 MAC – Media Access Control
43 WWN –World Wide Name
44 FC – Fibre Channel
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 14 of 33
Service
Role
Description CSP and Type of Access
CO User
Access the CLI   Manage the module using the CLI,
accessed via SSHprotocol over
Ethernet or directlyvia serial console
Crypto Officer password – X
User password – X
SSH session key– W/X
FFCDH public/private keycomponents – W/X
SSH integritykey– W/X
SSH encryptionkey– W/X
RSA SSH public/private keys – X
Access the WebGUI   Access the WebGUI via HTTPS
connectionthroughwebbrowser
Crypto Officer password – X
User password – X
Crypto Officer LDAPpassword – X
User LDAPpassword – X
TLS session Key– W/X
FFCDH public/private keycomponents – W/X
RSA TLS public/private keys – X
TLS integritykey– W/X
TLS encryptionkey – W/X
AES GCM IV45 – W/X
Access the Module
using CACcards
  Log in to the module usingCAC cards TLS session Key– W/X
FFCDH public/private keycomponents – W/X
RSA TLS public/private keys – X
TLS integritykey– W/X
TLS encryptionkey – W/X
AES GCM IV – W/X
Operator CACcredential – X
Zeroize Keys  Zeroize all keys46 andcertificates;
resets default CO password to factory
settings
All keys – W
Show Status   Indicate whether the module is in FIPS
mode
None
Initialize Module
(Enter FIPS mode)
 Initialize the module in FIPS mode Module key– W
Module keypassword – W
Utilitykey– W
Utilitykeypassword – W
RSA TLS private key – W
RSA SSH private key – W
BackupModule  Backupthe domainconfigurationfile
to be loadedfor future use
Backupencryptionkeypassword – W/X
Backupencryptionkey – W/X
Restore Module  Restore the module withanencrypted
domainconfigurationfile
Backupencryptionkeypassword – W/X
Backupencryptionkey – W/X
Create Support Dump  Generate a support log, whichcanbe
usedfor technical assistance
Support encryptionkeypassword – W/X
Support encryptionkey – W/X
Connect to HPE OA  Communicate with HPE OA to obtain
status
TLS session key– W/X
TLS integritykey– W/X
TLS encryptionkey – W/X
45 IV –Initialization Vector
46 PleaseseeTable 10 for the list ofkeys that can bezeroized using the“ZeroizeKeys”service. More specifically, ifa key listed in Table 10 has thetext
“Zeroized via WebGUI or CLI zeroizationcommand” inthe“Zeroization”column, then it canbezeroizedwith the“ZeroizeKeys”service.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 15 of 33
Service
Role
Description CSP and Type of Access
CO User
Configure SNMPv3
Settings
  Enable anddisable SNMPv3;configure
SNMPv3 access types
SNMPv3 privacykey– W
SNMPv3 authentication key – W
Connect via SNMPv3   Connect to the modulevia SNMPv3 SNMPv3 privacykey– RX
SNMPv3 authentication key – RX
Generate TLS
Certificate
 Generate a TLS certificate to be used
for new TLS sessions
RSA TLS public/private keys – W
Import TLS Certificate  Import a TLS certificate generatedbya
Certificate Authority
RSA TLS public key – W
Import Asymmetric
Keys
  Import a trustedkey pair to be used
for services such as SSHandSFTP47
RSA SSH public/private Keys – W
Update Firmware  Update module firmware with newer
version;verifymodule firmware with
public key
Firmware Update Key – X
Perform Self-Tests   Initiate power-upself-tests on
demandvia reboot or power cycle
None
Configure CAC
Authentication
 Enable, disable, andconfigure CAC
authentication. Requires LDAPto be
enabledandconfigured, including
LDAPService Account details.
None
2.4.3 General Operator Services
The module providesadditionalservices forwhich anoperatorisnot requiredtoassume an authorizedrole.
Modules that are part of a single or multi-enclosure Virtual Connect domain may communicate to synchronize
configurationdataand exchangeencrypted supportfiles. Thisallows amoduletobe aback-upincase the primary
module forthe Virtual Connectdomainbecomesdisabled.These servicesallowexternal Virtual Connectmodules
to accessstatusinformationfromthemodule. A requestforaconfiguration datafiledoesnotrequireanoperator
to assume an authorizedrole asitdoesnot require operatorinteraction.
The additional servicesare listed in Table 8. These services do not affect the overall security of the module, nor
do theymodifyany private/secretkeysorCSPs.
Table 8 – Services Not Requiring an Authorized Role
Service Description CSP and Type of Access
Synchronize with
back-upmodule
Synchronize configurationdata
with the back-upmodule
Backupmodule password – X
SSH encryptionkey – X
SSH integritykey– X
Support file
extraction
Extract encryptedsupport file
with anexternalVirtual Connect
appliance
Virtual Connect dumppassword – X
SSH encryptionkey – X
SSH integritykey– X
47 SFTP – Secure FileTransferProtocol
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 16 of 33
Service Description CSP and Type of Access
Module
management
Provide configurationdata to
HPE OA
Virtual Connect management password – X
SSH encryptionkey – X
SSH integritykey– X
Send/receive SOAP
messages
Establisha connectionwitha
server and communicate via
SOAP
TLS encryptionkey – X
TLS integritykey– X
2.4.4 Non-Security Relevant Services
The module offersadditional servicestoall operators;these services are notrelevanttothe secure operationof
the module.Allservicesprovidedbythe moduleare listedinthe HPEVirtualConnectforc-ClassBladeSystemUser
GuideVersion 4.65; PartNumber:P01611-001, Dated:January2018,whichisavailablefromHPEcustomersupport.
2.4.5 Authentication
The module supportsrole-basedauthentication.Rolesare explicitlyassumedbasedonthe credential providedby
the operator.The followingauthenticationmethodsare supported:
 Local Authentication(Username/Password)
Local authentication employs a locally-stored username/passwordcombination that is unique to each
supportedrole. To assume the CO role,operatorsmust authenticate usingthe username andpassword
associated with the “Domain” HPE administrative role. To assume the User role, operators must
authenticate using the username and password associated with the “Network”, “Server”, or “Storage”
HPE administrativerole.
CO andUser passwordsthatare createdbythe CO or Usermustbe at least8 characters inlengthandcan
containuppercase andlowercase letters[A-z,a-z];numbers[0-9];andspecial characters.
 Remote Authentication(LDAPCredential Certificate)
Module operatoraccounts that are storedona remote LDAPserverare assignedtoone or more groups.
Each group is assigned an HPE administrative role.Thus, when logging via LDAP, the operator explicitly
assumesthe role designatedbytheLDAPgrouptowhichtheyare assigned.If theyare assignedtomultiple
LDAP groups, the operator will assume multiple HPE administrative roles. To assume the CO role,
operators must authenticate using the username and password associated with the “Domain” LDAP
groups. To assume the User role, operators must authenticate using the username and password
associatedwiththe “Network”,“Server”,or“Storage”LDAPgroups. If the userisassignedtoagroup that
fallsintoboththe CO and User roles,the userassumesthe role withthe highestprivileges,the CO.
CO and User passwords used for LDAP authentication follow the same complexity rules as those noted
above forpasswordsusedforlocal authentication.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 17 of 33
In orderto accessthe remote LDAPserver,authenticationismade tothe serverusingthe server’s2048-
bitRSA publickeylocatedonthe server’scertificate.Once aconnectiontothe LDAPserverisestablished,
authenticationdataiswrappedwiththe server’sRSA publickey.
 Remote Authentication(CACCardCertificate)
CAC authentication is based on the certificate presented by the operator via CAC card. The operator
selectsthe appropriate certificate fromthose readbyawebbrowserfromthe CACcard.The certificate is
checkedforitsvalidity,chainof trust,andrevocationstatus.If itisavalidcertificate,LDAPserviceaccount
detailssetinthe module are usedto login to LDAP and authenticate the subjectorsubjectAltNamedata
obtainedfromthe certificate.
The LDAPservice accountdetailsare usedtoestablishasessionbetweenthemoduleandthe LDAPserver
to validate the subject or subjectAltName. Therefore, LDAP authentication must be enabled and LDAP
service account details must be properly configured. Based on the LDAP server response to the
authenticationrequestfromthe module,the operatorwillgetappropriate accessprivilege asconfigured
inthe LDAPserverforthe corresponding subjectorsubjectAltName.
In orderto accessthe remote LDAPserver,authenticationismade tothe serverusingthe server’s2048-
bitRSA publickeylocatedonthe server’scertificate.Once aconnectiontothe LDAPserverisestablished,
authentication dataiswrappedwiththe server’sRSA publickey.
Note thatCACuserauthenticationissupportedonlyonthe WebGUI.WhenCACisenabled,the followingwillbe
disabled:
 CLI access
 WebGUI loginwithusername andpassword
 Local useraccounts
For all supported authentication methods, the probability that a random attempt will succeed or a false
acceptance will occurinone minuteis lessthan1:100,000 as requiredbyFIPS140-2.Table 9provides the strength
of the authenticationmechanismsusedbythe module.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 18 of 33
Table 9 – Authentication Mechanism Used by the Module
Authentication Type Strength
Username/Password (local) Once properlyconfigured, the minimumlengthof the passwordis 8 characters, with 94
different case-sensitive alphanumeric characters andsymbolspossible for usage. Assuming a
minimum passwordlengthof 8 characters, the chance ofa random attempt falselysucceeding
is:
1: (948), or
1: 6,095,689,385,410,816
Which is less than1:1,000,000 as required byFIPS 140-2.
The fastest networkconnectionsupportedbythe module (for management) is 100 Mbps. Hence
at most (100 x 10242 bits × 60 seconds=) 6.29 x 109 bits of data canbe transmittedto the module
in one minute (assumingno overhead).
Each password attempt is (8 bits x 8 characters =) 64 bits in length, meaning (6.29 x 109/64=)
9.83 x 107 password attempts can be made in one minute. Therefore, the probability that a
randomattempt willsucceed or a false acceptance willoccur inone minute is:
1: (948 possible passwords / 9.83 x 107 passwords per minute)
1: 62,011,082
Which is less than1:100,000 withinone minute as requiredbyFIPS140-2.
RSA Public Key(LDAP
authentication ofusername and
password)
The RSA public keyused for LDAPauthenticationof username and passwordis 2048 bits,
yielding an equivalent 112 bits of strength. The chance of a random authentication attempt
falselysucceeding is:
1: (2112), or
1: 5.1922968585348276285304963292201e+33
Which is less than1:1,000,000 as required byFIPS 140-2.
The fastest networkconnectionsupportedbythe module (for management) is 100 Mbps. Hence
at most (100 x 10242 bits × 60 seconds=) 6.29 x 109 bits of data canbe transmittedto the module
in one minute (assumingno overhead).
Each attempt is 112 bits in length, meaning(6.29 x 109/112=) 5.62 x 107 attempts canbe made
in one minute. Therefore, the probability that a random attempt will succeed or a false
acceptance will occur inone minute is:
1: (2112 possible keys / 5.62 x 107 keys per minute)
1: 9.24 x 1025
Which is less than1:100,000 withinone minute as requiredbyFIPS140-2.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 19 of 33
Authentication Type Strength
RSA Public Key(LDAP
authentication ofsubject or
subjectAltName from CAC
certificate)
The RSA public keyused for LDAPauthenticationof subject or subjectAltName is 2048 bits,
yielding an equivalent 112 bits of strength. The chance of a random authentication attempt
falselysucceeding is:
1: (2112), or
1: 5.1922968585348276285304963292201e+33
Which is less than1:1,000,000 as required byFIPS 140-2.
The fastest networkconnectionsupportedbythe module (for management) is 100 Mbps. Hence
at most (100 x 10242 bits × 60 seconds=) 6.29 x 109 bits of data canbe transmittedto the module
in one minute (assumingno overhead).
Each attempt is 112 bits in length, meaning(6.29 x 109/112=) 5.62 x 107 attempts canbe made
in one minute. Therefore, the probability that a random attempt will succeed or a false
acceptance will occur inone minute is:
1: (2112 possible keys / 5.62 x 107 keys per minute)
1: 9.24 x 1025
Which is less than1:100,000 withinone minute as requiredbyFIPS140-2.
Upon successful logintothe CLI, the operator ispresentedwitha bannerdisplayingthe Virtual Connectversion,
the copyright notice, and a “Getting Started” message followedby the CLI command prompt, “FIPS->”. Upon
successful logintothe WebGUI, the operatoris presentedwiththe Virtual ConnectManagerhome page.
2.5 Physical Security
As a multi-chip embedded firmware module, the module relies on the HPE BladeSystem c-Class Virtual Connect
hardware platform to provide the mechanisms necessary to meet FIPS 140-2 level 1 physical security
requirements. All componentsof thehardware are madeof production-gradematerials,andall integratedcircuits
are coatedwithcommercial standardpassivation.
Additionally,the hardware hasbeentestedforandmeetsapplicable Federal CommunicationsCommission(FCC)
Electromagnetic Interference and Electromagnetic Compatibility requirements for business use as defined in
SubpartB of FCC Part 15.
2.6 Operational Environment
The module does not provide a general-purpose OS to the user. The module runs a proprietary OS (HPE OS
2.6.32.60), which providesa limited operational environment, and onlythe module’s custom-writtenimage can
be run on the system.Accessbyotherprocessesto plaintextprivateandsecretkeys,CSPs,andintermediatekey
generationvaluesduringthe timethe firmwaremodule isexecuting/operational isprohibited. Processesthatare
spawnedbythe firmwaremodule are ownedbythe moduleandare notownedbyexternalprocesses.The module
providesamethodtoupdate itsfirmware toanewerversion. Thismethodinvolvesdownloadingadigitally-signed
firmware update tothe module.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 20 of 33
2.7 Cryptographic Key Management
The module supportsthe CSPslisted below inTable 10.
Table 10 – List of Cryptographic Keys, Cryptographic Key Components, and CSPs
CSP CSP Type Generation / Input Output Storage Zeroization Use
Module KeyPassword Random data (32 Bytes) Internallygeneratedvia
Approved DRBG
Not output from
the module
Stored inplaintext in
NOR48 flashmemory
Zeroizedvia WebGUI or
CLI zeroizationcommand
Used as PBKDF2 input to
generate ModuleKey
Module Key 32-byte Data Protection
Key(AES 256-bit key)
Internallygenerated via PBKDF2 Not output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Keyused to encrypt all
CSPs storedinNAND49
flashmemory
UtilityKeyPassword Random data (20 Bytes) Internallygenerated via
Approved DRBG
Output encrypted
via SSH to the
backupmodule
Stored inplaintext in NOR
Flashmemory; stored
encrypted via Module Key
in NAND flashmemory
Zeroizedvia WebGUI or
CLI zeroizationcommand
Used as PBKDF2 input to
generate UtilityKey
UtilityKey 32-byte Data Protection
Key(AES 256-bit key)
Internallygenerated via PBKDF2 Output encrypted
via SSH protocol
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Keyused to obfuscate
BackupModule Password
BackupEncryption Key
Password
8-byte Password Externallygenerated;input
electronicallyvia TLS or SSH
Not output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Password input to PBKDF2
function to derive Backup
Encryption Key
BackupEncryption Key 32-byte Data Protection
Key(AES 256-bit key)
Internallygenerated via PBKDF2 Not output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Keyused to encrypt
Virtual Connect
configurationfile
48 NOR –Not OR
49 NAND – Not AND
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 21 of 33
CSP CSP Type Generation / Input Output Storage Zeroization Use
Support EncryptionKey
Password
8-byte Password Externallygenerated;input
electronicallyvia TLS or SSH
Not output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Password input to PBKDF2
function to derive Support
Encryption Key
Support EncryptionKey 32-byte Data Protection
Key(AES 256-bit key)
Internallygenerated via PBKDF2 Not output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Keyused to encrypt
Virtual Connect support
file
RSA SSH Public Key RSA 2048-bit public key Internallygenerated via
Approved RSAKeyGeneration
method; input via configuration
file restore
Output in plaintext;
output encrypted
byBackup
Encryption Key
Stored encrypted via
Module KeyinNAND flash
memory
N/A SSH Protocol;
SFTP;
Signature verification;
Keyunwrapping
RSA SSH Private Key RSA 2048-bit private key Internallygenerated via
Approved RSAKeyGeneration
method; input via configuration
file restore
Output encrypted
byBackup
Encryption Key
Stored encrypted via
Module KeyinNAND
Flashmemory
N/A SSH Protocol;
SFTP;
Signature generation;
Keywrapping
RSA TLS Public Key RSA 2048-bit public key Internallygenerated via
Approved RSAKeyGeneration
method; input via configuration
file restore
Output in plaintext;
output encrypted
byBackup
Encryption Key
Stored encrypted via
Module KeyinNAND flash
memory
N/A TLS protocol;
Signature verification;
Keyunwrapping
RSA TLS Private Key RSA 2048-bit private key Internallygenerated via
Approved RSAKeyGeneration
method; input via configuration
file restore
Output encrypted
byBackup
Encryption Key
Stored encrypted via
Module KeyinNAND
Flashmemory
N/A TLS protocol;
Signature generation;
Keywrapping
SSH Session Key SSH sharedsecret Agreed usingDiffie-Hellman Never output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Sharedsessionkeyused
to derive SSH IntegrityKey
and SSH EncryptionKey
SSH IntegrityKey HMAC SHA-256
HMAC SHA-512
Internallygenerated via SP800-
135rev1
SSH KDF
Never output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Used to generate SSH
payload integrity
message; used to verify
integrityof SSHpayload
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 22 of 33
CSP CSP Type Generation / Input Output Storage Zeroization Use
SSH EncryptionKey AES 128, 192, 256 (CBC,
CTR)
Internallygenerated via SP800-
135rev1 SSH KDF
Never output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Used to encrypt and
decrypt SSH payload
TLS Pre-Master Secret Pre-master secret for TLS Establishedusing RSA transport Never output from
module
Plaintext in volatile RAM Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Derivationof TLS Master
Secret
TLS Master Secret TLS master secret
AES 128, 256 (CBC, GCM)
Triple-DES168-bit
Internallygenerated via SP800-
135rev1 TLS KDF
Never output from
the module
Stored in plaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Sharedmaster secret
usedto derive TLS
IntegrityKeyandTLS
SessionEncryption Key
TLS IntegrityKey HMAC SHA-256
HMAC SHA-512
Internallygeneratedvia SP800-
135rev1 TLS KDF
Never output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Used to generate TLS
payload integrity
message;
usedto verifyintegrityof
TLS payload
TLS SessionEncryption
Key
AES 128, 256 (CBC, GCM)
Triple-DES168-bit
Internallygenerated via SP800-
135rev1 TLS KDF
Never output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Used to encrypt and
decrypt TLS payload
AES GCM IV 96 bit IV length InternallyGenerated
deterministicallyincompliance
with TLS 1.2 GCMCipher Suites
for TLS and Section8.2.1 of NIST
SP800-38D
Not output from
the module
Stored inplaintext in
volatile memory
Zeroizedvia GUI or CLI
zeroizationcommand;
Module shutdown or
reboot
IV input to AES GCM
function
FFCDH Public Key
Component
Public components of FFC
DH protocol
2048-bit
Internallygenerated via
Approved DRBG
Output in plaintext Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Used for SSH session
establishment andinitial
keyexchange
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 23 of 33
CSP CSP Type Generation / Input Output Storage Zeroization Use
FFCDH Private Key
Component
Private exponent of FFC
DH protocol
2048-bit
Internallygenerated via
Approved DRBG
Never output from
module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Used for SSH session
establishment andinitial
keyexchange
Crypto Officer Password ASCII string(minimum8
characters)
Externallygenerated;input
electronicallyvia TLS or SSH;
input via configuration file
restore
Output encrypted
byBackup
Encryption Key
Stored obfuscatedvia
SHA-512 hash inNAND
Flashmemoryand
encrypted via Module Key
Zeroizedvia WebGUI or
CLI zeroizationcommand
Used for CO
authentication to the
module
User Password ASCII string(minimum8
characters)
Externallygenerated;input
electronicallyvia TLS or SSH;
input via configuration file
restore
Output encrypted
byBackup
Encryption Key
Stored obfuscatedvia
SHA-512 hash inNAND
Flashmemoryand
encrypted via Module Key
Zeroizedvia WebGUI or
CLI zeroizationcommand
Used for User
authentication to the
module
Operator CACCredential Public keyassociatedwith
module operator’s
certificate
Input byCO via TLS Never output from
the module
Stored inFlashmemory
and inRAMinplaintext
Zeroizedwhen the
certificate validationand
user authentication is
complete
Authenticatingthe
Operator
Crypto Officer LDAP
Password
ASCII string(minimum8
characters)
Externallygenerated;input
electronicallyvia TLS
Never output from
module
Not storedon the module N/A Used for CO
authentication to the
module via LDAP
User LDAPPassword ASCII string(minimum8
characters)
Externallygenerated;input
electronicallyvia TLS
Never output from
module
Not storedon the module N/A Used for User
authentication to the
module via LDAP
BackupModule Password ASCII string(16
characters, excludes
specialcharacters)
Internallygeneratedvia
Approved DRBG
Output encrypted
via the UtilityKey
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
Used bythe backup
Virtual Connect unit in
order to synchronize
configurationdata
Virtual Connect Dump
Password
ASCII string(12
characters, excludes
specialcharacters)
Internallygenerated via
Approved DRBG
Output encrypted
over SSH session
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
Password used by
external VirtualConnect
units to authenticate SSH
sessioninorder to extract
a support file
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 24 of 33
CSP CSP Type Generation / Input Output Storage Zeroization Use
SNMPv3 PrivacyKey AES 128-bit key Internallygenerated via SNMP
KDF
Output encrypted
byBackup
Encryption Key
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
Encrypt packets being
transferredvia SNMP
SNMPv3 Authentication
Key
HMAC SHA-1 Key Internallygenerated via SNMP
KDF
Output encrypted
byBackup
Encryption Key
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
Authenticate packets
being transferredvia
SNMP
Firmware Update Key RSA 2048-bit Public Key Externallygenerated;hardcoded Never output from
module
Stored unencryptedin
NAND Flash memory
N/A Verifythe RSA signature
of new firmware prior to
installation
DRBG Seed Random data – (384 bits) Internallygenerated using nonce
along withDRBG entropyinput
Never output from
module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Seedingmaterial for SP
800-90A DRBG
DRBG Entropy 256-bit value Internallygenerated Never output from
module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Entropymaterial for SP
800-90A DRBG
DRBG ‘V’ Value Internalstate value Internallygenerated Never output from
module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Internalstate value for SP
800-90A DRBG
DRBG ‘Key’ Value Internalstate value Internallygenerated Never output from
module
Stored inplaintext in
volatile memory
Zeroizedvia WebGUI or
CLI zeroizationcommand
or by module shutdown
or reboot
Internalvalue for SP800-
90A DRBG
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 25 of 33
2.8 Self-Tests
Cryptographic self-tests are performedby the module when the module begins operationin the FIPS mode and
whena randomnumberor asymmetrickeypairiscreated. The followingsectionslistthe self-testsperformedby
the module,expectederrorstatus,anderrorresolution.
2.8.1 Power-Up Self-Tests
Power-upself-testsare automaticallyperformedbythe module whenpowerissuppliedtothe HPE BladeSystem
c-ClassVirtual Connecthardware platform andthe module isloadedintomemory. The power-upself-testsinthe
list that follows may also be run on-demand when the CO or User reboots the HPE BladeSystem c-ClassVirtual
Connect hardware platform. The module will perform the listed power-up self-teststo successful completion.
Duringthe executionof self-tests,dataoutputfromthe module isinhibited.
If the module failsa power-up self-test,the module’s self-test error counter will increment and the module will
reboot in order to recover from the failure. After rebooting, the module will attempt to perform the power-up
self-tests again. After 10 failed self-test attempts throughout the lifetime of the module (including conditional
self-tests), the module will enter a critical error state and no longer function, requiring the HPE BladeSystem c-
Class Virtual Connect hardware platform to be returned to HPE. The module indicates the critical error to the
operatorthroughthe Web GUIandviaLEDs. Error messagesforaKATfailure willindicate thealgorithmthatfailed
alongwiththe text“selftestfailed”.
The module performsthe followingself-testsatpower-up:
 Firmware integritycheck(HMACSHA-256)
 KnownAnswerTests(KATs)
o AES EncryptKAT (CBCmode)
o AES DecryptKAT (CBCmode)
o AES EncryptKAT (GCMmode)
o AES DecryptKAT (GCMmode)
o Triple-DESEncryptKAT(CBC mode)
o Triple-DESDecryptKAT(CBCmode)
o RSA 186-4 Signature GenerationKAT
o RSA 186-4 Signature VerificationKAT
o RSA EncryptKAT
o RSA DecryptKAT
o SHA-1 KAT
o HMAC SHA-256 KAT
o HMAC SHA-384 KAT
o HMAC SHA-512 KAT
o CTR_DRBG KAT
2.8.2 ConditionalSelf-Tests
Conditionalself-testsare performedbythe modulewheneveranew randomnumberisgeneratedorwhenanew
RSA key pair is generated. If the module fails a conditional self-test, the module’s self-test error counter will
increment and the module will reboot in order to recover from the failure. After 10 failed self-test attempts
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 26 of 33
throughoutthe lifetimeof the module (includingpower-upself-tests),the module entersintoacritical errorstate
and will no longer function, requiring the HPE BladeSystem c-Class Virtual Connect hardware platform to be
returnedtoHPE. The module indicatesthe critical errortothe operatorthroughthe Web GUI and viaLEDs. Error
messagesfora conditional testfailure will indicatethe algorithmthatfailedalongwiththe reason,whichmaybe
one of the following: “selftestfailed”,“internal error”,“drgbnotinitialized”, or“pairwise testfailed”.
The module performsthe followingconditionalself-tests:
 CTR_DRBG ContinuousRandomNumberGeneratorTest(CRNGT)
 NDRNG CRNGT
 RSA Pairwise ConsistencyTestfor sign/verify
 Firmware LoadTest
For the Firmware LoadTest,the module verifiesthatthe image isproperly signedusinga2048-bit RSA publickey
(Firmware Update Keyin Table 10) withSHA-256 digest.
2.8.3 Critical FunctionsSelf-Tests
The module performsfour critical functiontestsforeachof the fourSP 800-90A DRBGs: DRBG Instantiate,DRBG
Reseed,DRBGGenerate,andDRBG Uninstantiate.The purpose of the DRBG InstantiationTestistoprepare each
SP800-90A DRBG withinitial state valuesandareseedcountervalue.The purposeof the DRBGReseedingTestin
eachof the SP800-90A DRBGs istoensure thatthe DRBGdoesnotrepeatapreviouslygeneratedrandomnumber.
The purpose of the DRBG Generate Testis to verifythatboth the instantiationandreseedalgorithmsare tested
duringpower-up.The purpose of the DRBG Uninstantiate testis to verifythat the DRBG uninstantiatesproperly
and no secretvaluescreatedbythe DRBG are accessible.
Critical functions tests are performed during power-up and conditionally. If the module fails a critical functions
test, the module will cease operation and enter a critical error state. In the critical error state, the module will
indicate the errortotheoperatorthroughtheWebGUI andautomaticallyreboot.After10failedself-testattempts
throughoutthe lifetimeof the module,the modulewill nolongerfunction,requiringthe HPEBladeSystemc-Class
Virtual Connecthardware platform tobe returnedto HPE.
The module performsthe followingcritical functionstests:
 SP 800-90A DRBG Instantiate Test
 SP 800-90A DRBG Generate Test
 SP 800-90A DRBG ReseedTest
 SP 800-90A DRBG Uninstantiate Test
2.9 Mitigation of Other Attacks
Thissectionisnot applicable.The module doesnotclaimtomitigate any otherattacks.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 27 of 33
3. Secure Operation
The module meetsLevel 1for FIPS 140-2. The sectionsbelow describe how toplace and keepthe module in the
FIPS-approvedmode of operation.
HPE recommendsthatmodule operators readthe specificHPEVirtualConnectforc-ClassBladeSystemUserGuide
for enclosure-specific information before proceeding with the VC Firmware setup. The User Guide provides
informationonthe initial setupandoperationof the VCFirmware.
3.1 Initial Setup
Prior to operating the module for the first time, the CO must configure a 4-pin DIP50
switch located on the
motherboard of the HPE BladeSystem c-Class Virtual Connect hardware platform. The switch is located at the
front of the platform, on the opposite end of the backplane connector. In order to place the module in the FIPS
mode,the pinsof the switchshall be placedinthe followingpositions(fromswitch1to switch4): OFF,OFF,ON,
OFF.The CO mustremove the coverof the platforminorderto access the DIP switch.
After configuring the DIP switch, the CO shall replace the cover on the platform, reinsert the platform into the
BladeSystem enclosure, and power-up the module for the first time. The CO can confirm that the module is
operating in the FIPS mode via the Web GUI or the CLI. Additional information on confirming the FIPS mode of
operation isprovidedinSection 3.2.2.
3.2 Crypto Officer Guidance
The Crypto Officer is responsible for ensuring that the module has been properly configured as described in
Section3.1 and istherefore operatingin itsFIPS-Approvedmode of operation. Whenconfiguredaccordingtothe
CryptoOfficerguidance inthisSecurityPolicy,the moduleonlyrunsinitsFIPS-Approved mode of operation.
3.2.1 Secure Management
The module can be managed remotely via a Web GUI or CLI. Through these management interfaces, a CO can
viewthe statusof the FIPSmode of operation,managethe module’soperations,andback-upandrestore module
configuration files. Access to the module is controlled by role-based authentication,described in Section 2.4.
Accesstothe module viathe Web GUI isprovidedby HPEVCM.Accesstothe module viathe CLIisprovidedbyan
SSH clientrunningona networkedmachine.
While the module is operating in the FIPS-Approved mode, additional modules not configured to operate in an
Approvedmode cannotcommunicate withthe module.Inorderforadditional modulestocommunicatewithone
another, they too must be operating in the FIPS-Approvedmode. When initialized and configured per the CO
guidance inthisSecurityPolicy,the module doesnotsupportanon-Approvedmode of operation.
50 DIP –Dual In-linePackage
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 28 of 33
3.2.2 Verifying the Approved Mode
The CO shall be responsibleforregularlymonitoringthe modules’statusforFIPS-Approvedmode of operation.
The module providesitscurrent operational statusviathe Web GUI andCLI. When connectingtothe module via
the Web GUI, the CO or User can confirmthe current mode of operationbylocatingthe FIPS icon inthe top HPE
VCMbanner. If the FIPSicon ispresent,the module isoperatinginthe FIPS-Approved mode.
When accessing the module via the CLI, the CO or User can determine the current mode of operation withthe
“showdomain”command. The CLI will output“FIPSMode:true”if the module isoperatinginthe FIPS-Approved
mode.
3.2.3 Save Domainand Export Dump
The CO iscapable of savinganencryptedversionof the module’sconfigurationfileorsupportfile.The generation
of the keyusedforthe encryptionof these filesisperformedbyanSP800-132 PBKDF2.Whenthe COisprompted
to enter a new “Encryption key” (password), the CO shall enter a password no less than 8 characters in length.
The password shall consist of upper-case and lower-case letters and numbers. The probability of guessing the
passwordwill be equalto1:628
,or 1:2.18x1011
. The keyderivedbythe PBKDF2isusedsolelyforstorage purposes.
3.2.4 Zeroization
Ephemeral keyscanbe zeroizedbypower-cyclingtheVirtual Connect hardwareplatform.KeysstoredinNORflash
and the ISMIC51
(refer to Table 10) can be zeroized via the Destroy Domain screen in the “Configuration” tab of
the Web GUI or withthe “delete domain –zeroize”commandinthe CLI. KeysstoredinNANDflashare encrypted
withthe Module Key;therefore,theyare notrequiredtomeetzeroizationrequirements.The keysstoredinNAND
flashwill notbe accessible afterazeroizationservice hasbeenperformedandthe Module Keyiszeroized.
3.2.5 Password Complexity
Passwords that are created by module operators shall be at least 8 characters in length and may contain any
combination of uppercase and lowercase letters [A-z, a-z]; numbers [0-9]; and special characters (not including
space).
3.2.6 TLS Version Configuration
The TLS v1.0 and TLS v1.1 protocol should not be used in the FIPS-Approved mode of operation. By default the
TLS v1.2 protocol isenabledinthe FIPS-Approvedmode.Anadministratorwiththe CO role can use the Web SSL
Configurationscreenofthe HPEVCMtobe certaintheTLSversionis1.2.Itmustremain“TLSv1.2only”. The“TLSv1,
TLSv1.1, and TLSv1.2” optionmustnotbe selected.
51 ISMIC – I2c SwitchManagement Interface Controller
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 29 of 33
3.3 User Guidance
An operator with the User role is neither authorizednor able to modify the configuration of the module. Users
may onlyuse the serviceslistedin Table 7.AlthoughUsersdo not have any abilitytomodifythe configurationof
the module, theyshouldreporttothe COif any irregularactivityisobserved.
3.4 Non-Approved Mode of Operation
When configured according to the Crypto Officer’s guidance found herein,the module does not support a non-
Approvedmode of operation.
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 30 of 33
4. Acronyms
Table 11 providesdefinitionsforthe acronymsusedinthisdocument.
Table 11 – Acronyms
Acronym Definition
AES AdvancedEncryptionStandard
ANSI American National Standards Institute
ASCII American StandardCode for InformationInterchange
BIOS Basic Input/Output System
CBC Cipher Block Chaining
CLI CommandLine Interface
CMVP Cryptographic Module Validation Program
CO Crypto-Officer
CPU Central Processing Unit
CRNGT Continuous RandomNumber Generator Test
CSE Communications SecurityEstablishment
CSP Critical SecurityParameter
CTR Counter
CVL Component ValidationList
DDR Double Data Rate
DES Data EncryptionStandard
DH Diffie-Hellman
DIP Dual In-line Package
DRBG Deterministic Random Bit Generator
EC Elliptic Curve
ECC Elliptic Curve Cryptography
ECDA Elliptic Curve Digital Signature Algorithm
EMC Electromagnetic Compatibility
EMI Electromagnetic Interference
FC Fibre Channel
FCC FederalCommunications Commission
FFC Finite FieldCryptography
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 31 of 33
Acronym Definition
FIPS FederalInformationProcessing Standard
Gb Gigabit
Gbps Gigabits per second
GCM Galois Counter Mode
GPIO General Purpose Input/Output
GUI GraphicalUser Interface
HMAC (keyed-) HashMessage AuthenticationCode
HP Hewlett Packard
HPSIM HPSystems Insight Manager
HTTP Hypertext Transport Protocol
HTTPS Secure Hypertext Transport Protocol
I2C Inter-IntegratedCircuit
I/O Input/Output
IP Internet Protocol
iSCSI Internet Small Computer Systems Interface
ISMIC I2c Switch Management Interface Controller
KAS KeyAgreement Scheme
KAT Known Answer Test
KDF KeyDerivationFunction
KO Keying Option
KPW KeyWrap with Padding
KW KeyWrap
LAN Local Area Network
LANIO Local Area Network I/O
LDAP Lightweight DirectoryAccessProtocol
LED Light-EmittingDiode
MAC Media AccessControl
Mbps Megabits per Second
N/A Not Applicable
NAND Not AND
NDRNG Non-Deterministic Random Number Generator
NIC Network Interface Controller
NIST NationalInstitute of Standards and Technology
NOR Not OR
FIPS 140-2 Non-ProprietarySecurity Policy, Version 0.7 March 13, 2018
HPE BladeSystem c-Class Virtual Connect Firmware
©2018 Hewlett Packard Enterprise Development LP
This document may be freely reproduced and distributed whole and intact including this copyright notice.
Page 32 of 33
Acronym Definition
NVLAP NationalVoluntaryLaboratoryAccreditationProgram
NVRAM Non-Volatile Random Access Memory
OA OnboardAdministrator
OFB Output Feedback
OS Operating System
PBKDF Password-Based KeyDerivation Function
PCI(e) PeripheralComponent Interface (express)
PKCS Public KeyCryptographyStandards
PKG Public Key(Q) Generation
QSFP Quad Small Form-factor Pluggable
RAM Random Access Memory
RFC Request for Comments
ROM Read-OnlyMemory
RS Requirement Specification
RSA Rivest Shamir andAdleman
SAN Storage Area Network
SDRAM Synchronous Dynamic RandomAccess Memory
SFP Small Form-factor Pluggable
SFPT Secure File Transfer Protocol
SHA Secure HashAlgorithm
SNMP Simple Network Management Protocol
SOAP Simple Object Access Protocol
SP Special Publication
SSH Secure Shell
SSL Secure Socket Layer
TCP TransmissionControl Protocol
TLS Transport Layer Security
U.S. UnitedStates
USB Universal Serial Bus
VC Virtual Connect
VCEM Virtual Connect Enterprise Manager
VCM Virtual Connect Manager
VLAN Virtual LocalArea Network
WWN World Wide Name
Prepared by:
Corsec Security, Inc.
13921 Park Center Road, Suite 460
Herndon, VA 20171
United States of America
Phone: +1 703 267 6050
Email: info@corsec.com
http://www.corsec.com