C005590_01_CR2500_CR3500_User Manual_Appendix H
5
The code below shows the Authencaon .crb le that contains a new value for the CO password. This code is provided
as an example only and Code Corporaon recommends that the password below never be used in your producon
environment. This is an example based on the Reader password ‘NewRPass’.
; 8/5/2010 20:15
;Authentication command for FIPS Code products
;This example shows
;%48 = H = FIPS Command Set
;%33 = 3 = Authenticate Command
;Cryptographic Ofcer Password is %4E%65%77%52%50%61%73%73 or NewRPass (Passwords must not contain
%00-%1F)
%48%33%4E%65%77%52%50%61%73%73
Inializaon
The Inializaon process updates the CO password, the Reader password and the KEK. Now that you have new
Authencaon, Inializaon, and new Authencaon bar codes created you can use them to inialize the modules.
Note: Any customizaon bar codes such as Sux Enter must be scanned before pung the modules in FIPS mode.
1. Scan the QuickConnect code on the modem to pair the reader and modem modules.
2. Authencate the CO using the default Authencaon bar code (See Figure 1). Observe the indicators on
the modules showing that the CO has been authorized. (See secon ‘FIPS mode indicators on the
modules’ below)
3. Inialize the modules using the custom Inializaon bar code you created above. Observe the indicators
on the modules showing that the module has been inialized but no user is authencated. (See secon
‘FIPS mode indicators on the modules’ below)
4. The FIPS modules are now ready to be authencated by the Reader role to pass FIPS encrypted data or
the CO role to re-inialize again.
Zeroizaon
The Zeroizaon process removes the custom passwords and KEK applied in the Inializaon process. If the FIPS modules
are in an unknown state, Zeroize the modules and re-Inialize. You would also want to Zeroize the modules if you
believe the passwords or KEK have been compromised. Aer Zeroizaon the modules will respond just as non-FIPS
readers and modems unl they have been re-Inialized.
Below is the bar code for the Zeroizaon command:
Figure 2 - Zeroizaon Bar Code
FIPS Mode Indicators On the Modules
Due to the available lights and screens on the dierent FIPS modules they have slightly dierent behavior when
indicang FIPS modes.
CR2500 FIPS Reader -
The CR2500 module indicates FIPS mode in three stages. The three stages are:
(2 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales