Technical data
Brocade Communications Systems, Inc. Page 39 of 48
6.1.7 Trusted Path
The TOE provides a trusted path for its remote administrative users accessing the TOE via the Ethernet ports
provided on the TOE using either the command line interface using SSH or Advanced Web Tools using HTTPS.
Note that local administrator access via the serial port is also allowed for command line access, however this access
is protected by physical protection of the serial interface along with the TOE itself.
During TOE installation, a 1024-bit RSA key pair and then a corresponding PKCS#10 certificate request is
generated. The TOE provides command-line interfaces to generate new keys and certificate requests. The private
key is stored in persistent memory in the clear (the TOE will be located within controlled access facilities, which
will prevent unauthorized physical access). The TOE uses the OpenSSL crypto engine to perform all cryptographic
operations. After a key pair is generated, after a certificate request is generated using the new keys, the certificate
request is sent to a CA in the environment. After the CA creates the certificate, the certificate is imported into the
TOE using additional command-line interfaces. This certificate is called the “SSL switch certificate”. There are
also interfaces to import the issuing CA’s certificate. The TOE also clears keys associated with SSL and SSH
functions from internal memory when the key is no longer needed.
All Brocade switch products share the same underlying code base and implement a common set of cryptographic
mechanisms to support trusted path. The algorithms available to support trusted path are HMAC-SHA1, 3DES-
CBC, AES128-CBC, AES192-CBC, AES256-CBC, TLS/AES128. Additionally, the DCX-4S, DCX, DCX 8510-4,
DCX 8510-8, 6510, 7800 and 8000 products have received FIPS 140-2 Level 2 certification (1796), while the
encryption component within the BES and FS8-18 products have received FIPS 140-2 Level 3 certification
(pending). The TOE zeroizes keys used in for the trusted path mechanism and DEKs when the key is no longer
needed.
In the evaluated configuration, the TOE must be configured to operate in “FIPS mode” to enforce various
constraints including use of Approved crypto algorithms and disabling the root account. However, only a subset of
the TOE models have also received FIPS 140-2 certification. The TOE models that have received FIPS 140-2
certification (pending) are: 6510, 7800, DCX, DCX-4S, DCX 8510-4, DCX 8510-8. All TOE models execute the
same version of FOS and support the same “FIPS mode” behavior and must be configured to operate in “FIPS
mode”, regardless of whether the TOE model has received FIPS 140-2 certification.
The following table correlates algorithms, key lengths and standards for the algorithms used to support SSH and
HTTPS.
Algorithm
Key Sizes
Standards
Certificate #
HMAC-SHA1
160 bit
FIPS 198
397, 933, 934
3DES-CBC
168 bit
FIPS 46-3
652, 1043
AES128-CBC
128 bit
FIPS 197
1796,1595, 1596
AES192-CBC
192 bit
FIPS 197
1796,1595, 1596
AES256-CBC
256 bit
FIPS 197
1796, 1595, 1596
TLS/AES128
128 bit
FIPS 197
1796, 1595, 1596
Table 3 Trusted Path Algorithms, Key Sizes, Standards and Certificate Numbers
The application must be configured with the same issuing CA certificate in order to build a path and to verify the
switch certificate’s signature to establish the secure connection.
The Trusted Path function is designed to satisfy the following security functional requirements:
• FCS_COP.1(1): The TOE uses SSH and HTTPS to provide a trusted path for use by administrators.
These operations are performed using the algorithms and bit sizes specified above.
• FCS_CKM.1(1): The TOE generates new RSA keys based upon ANSI X9.331 DRNG for keys shown in
Table 3.
• FCS_CKM.4: The TOE clears a DEK and clears keys associated with SSL and SSH functions from internal
memory when the key is no longer needed.
• FTP_TRP.1: The TOE uses SSH and HTTPS to provide a trusted path to its terminal-based management
interfaces to protect the communication from disclosure and modification.