Skip to content

Logical interfaces

The relationships between the logical interfaces and the physical ports of Dinamo are described in the table below.

Logical Interface Description Physical port
Data entry Data that can be entered into the HSM. LAN1, LAN2, Keyboard, Smart card reader
Data output Data that can come out of HSM. LAN1, LAN2
Control Control commands, signals and data for the HSM. LAN1, LAN2, Keyboard, Power button
State Status information, signals, logical and physical indicators of the HSM. LAN1, LAN2, Keyboard, LEDs

A type of data passes through each interface; the data that passes through each interface is described below.

Data entry

  1. data in clear text to be encrypted and/or signed by the HSM (via physical network port and using API)
  2. encrypted data to be deciphered and/or verified by the HSM (via physical network port and using API)
  3. cryptographic keys in clear text and cipher, and corresponding attributes (initialization vectors, size, permissions, exportable, temporary), (via physical network port and using API)
  4. encrypted user and operator authentication data (passwords), using the physical network port, (via physical network port and using API)
  5. clear text operator authentication data (PIN), using the physical keyboard port
  6. seed for generating the Server Master Key in clear text via physical keyboard port
  7. Server Master Key in clear text via smart card reader port
  8. encrypted HSM database and PCS for backup restoration (via physical network port and using API)
  9. plain text information about HSM users/operators

Data output

  1. plaintext data that has been decrypted and/or signed by the HSM (via physical network port and using API)
  2. encrypted data that has been encrypted and/or verified by the HSM (via physical network port and using API)
  3. cryptographic keys in clear text and cipher (only when they are exportable), and corresponding attributes (initialization vectors, size, permissions, exportable, temporary) (via physical network port and using API)
  4. encrypted HSM database and PCS for backup generation (via physical network port and using API)
  5. plain text information about HSM users/operators, except password.

Control input

  1. power button
  2. input of logical commands to control API (via physical network port and using API)
  3. entry of manual commands via the physical keyboard port (activation, deactivation, shutdown, reset, network settings)

Status output

  1. return code from the status API (library), via the physical network port
  2. HSM logical states (via API on physical network port and via monitor port)
  3. on/off status (power LED)
  4. power supply status (LED status)
  5. activity on physical network port 1 (front and rear LAN1 LED)
  6. activity on physical network port 2 (front and rear LAN2 LED)
  7. power supply on/off status (rear LED)
  8. HSM resource consumption status (memory and CPU)