User Manual
SCSI Commands Reference Manual, Rev. J 208
www.seagate.com Direct Access Block commands (SPC-5 and SBC-4)
3.42.2.4 Certificate data description
3.42.2.4.1 Certificate overview
A certificate is either an X.509 Public Key Certificate or an X.509 Attribute Certificate depending on the capabilities of the logical
unit.
If the SECURITY PROTOCOL field is set to 00h and the SECURITY PROTOCOL SPECIFIC field is set to 0001h in a SECURITY
PROTOCOL IN command, the parameter data shall have the format shown in table 177.
CERTIFICATE LENGTH field
The CERTIFICATE LENGTH field indicates the total length, in bytes, of the certificate or certificates that follow. The length may include more
than one certificates. If the device server doesn’t have a certificate to transfer, the CERTIFICATE LENGTH field shall be set to 0000h.
CERTIFICATE field
The contents of the CERTIFICATE field are defined in 3.42.2.4.2 and 3.42.2.4.3.
3.42.2.4.2 Public Key certificate description
RFC 3280 defines the certificate syntax for certificates consistent with X.509v3 Public Key Certificate Specification. Any further
restrictions beyond the requirements of RFC 3280 are yet to be defined by T10.
3.42.2.4.3 Attribute certificate description
FRC 3281 defines the certificate syntax for certificates consistent with X.509v2 Attribute certificate Specification. Any further
restrictions beyond the requirements of RFC 3281 are yet to be defined by T10.
Table 177 Certificate data SECURITY PROTOCOL IN parameter data
Bit
Byte
7 6 5 4 3 2 1 0
0
Reserved
1
2
(MSB)
CERTIFICATE LENGTH (m - 3)
3
(LSB)
4
CERTIFICATE
. . .
m
m + 1
Pad bytes (optional)
. . .
n