Hardware Security Module (HSM) event log entries that CCA version 6.0.3 supports
Table 1 shows all the possible Hardware Security Module (HSM) event log
entries that CCA version 6.0.3 supports.
| Event ID | Description | Notes for the event type |
|---|---|---|
| 0 | Initialize card-scoped role inactive. | |
| 1 | Initialize card-scoped role activate. | |
| 2 | Initialize domain-scoped role inactive. | |
| 3 | Initialize domain-scoped role activate. | |
| 4 | Replace card-scoped role inactive. | |
| 5 | Replace card-scoped role activate. | |
| 6 | Replace domain-scoped role inactive. | |
| 7 | Replace domain-scoped role activate. | |
| 8 | Initialize card-scoped profile inactive. | |
| 9 | Initialize card-scoped profile activate. | |
| 10 | Initialize domain-scoped profile inactive. | |
| 11 | Initialize domain-scoped profile activate. | |
| 12 | Change expiration date card-scoped profile. | |
| 13 | Change expiration date domain-scoped profile. | |
| 14 | Passphrase change card-scoped profile. | |
| 15 | Passphrase change domain-scoped profile. | |
| 16 | Reset failed logon count card-scoped profile. | |
| 17 | Reset failed logon count domain-scoped profile. | |
| 18 | Replace card-scoped profile inactive. | |
| 19 | Replace card-scoped profile activate. | |
| 20 | Replace domain-scoped profile inactive. | |
| 21 | Replace domain-scoped profile activate. | |
| 22 | Delete card-scoped role inactive. | |
| 23 | Delete card-scoped role activate. | |
| 24 | Reserved. | |
| 25 | Delete domain-scoped role inactive. | |
| 26 | Delete domain-scoped role activate. | |
| 27 | Delete card-scoped profile inactive. | |
| 28 | Delete card-scoped profile activate. | |
| 29 | Reserved. | |
| 30 | Delete domain-scoped profile inactive. | |
| 31 | Delete domain-scoped profile activate. | |
| 32 | Failed logon count exceeded. | |
| 33 | Logon failed. | |
| 34 | Clear range card-scoped audit log inactive. | |
| 35 | Clear range card-scoped audit log activate. | |
| 36 | Clear range domain-scoped audit log inactive. | |
| 37 | Clear range domain-scoped audit log activate. | |
| 38 | Clear all card-scoped audit log inactive. | |
| 39 | Clear all card-scoped audit log activate. | |
| 40 | Clear all domain-scoped audit log inactive. | |
| 41 | Clear all domain-scoped audit log activate. | |
| 42 | Firmware update. | The log message contains three (32-bit) integer fields. Each field corresponding to the image revision codes of segments 1, 2, and 3. |
| 43 | Set AES master key. | |
| 44 | Load first AES master key part. | |
| 45 | Load middle AES master key part. | |
| 46 | Load last AES master key part. | |
| 47 | Clear new AES master key register. | |
| 48 | Clear old AES master key register. | |
| 49 | Set APKA (ECC) master key. | |
| 50 | Load first APKA (ECC) master key part. | |
| 51 | Load middle APKA (ECC) master key part. | |
| 52 | Load last APKA (ECC) master key part. | |
| 53 | Clear new APKA (ECC) master key register. | |
| 54 | Clear old APKA (ECC) master key register. | |
| 55 | Set DES master key. | |
| 56 | Load first DES master key part. | |
| 57 | Load middle DES master key part. | |
| 58 | Load last DES master key part. | |
| 59 | Clear new DES master key register. | |
| 60 | Clear old DES master key register. | |
| 61 | Generate random new DES master key. | |
| 62 | Set RSA master key. | |
| 63 | Load first RSA master key part. | |
| 64 | Load middle RSA master key part. | |
| 65 | Load last RSA master key part. | |
| 66 | Clear new RSA master key register. | |
| 67 | Clear old RSA master key register. | |
| 68 | Generate random new RSA master key. | |
| 69 | Set DES and AES master keys. | |
| 70 | Load first DES and AES master key part. | |
| 71 | Load middle DES and AES master key part. | |
| 72 | Load last DES and AES master key part. | |
| 73 | Clear new DES and AES master key registers. | |
| 74 | Clear old DES and AES master key registers. | |
| 75 | Generate random new DES and AES master key. | |
| 76 | Load Function Control Vector. | |
| 77 | Clear Function Control Vector. | |
| 78 | Set clock. | |
| 79 | Load decimalization table or tables. | |
| 80 | Delete decimalization table or tables. | |
| 81 | Enter imprint mode inactive. | |
| 82 | Enter PCI-compliant mode inactive. | |
| 83 | Enter PCI-compliant mode activate. | |
| 84 | Remove PCI-compliant mode inactive. | |
| 85 | Remove PCI-compliant mode activate. | |
| 86 | Enter migration mode inactive. | |
| 87 | Enter migration mode activate. | |
| 88 | Start secure audit log wrap. | |
| 89 | Start secure audit log nowrap. | |
| 90 | Stop secure audit log. | |
| 91 | Load certificate inactive. | |
| 92 | Load certificate activate. | |
| 93 | Load first DES operational key part. | |
| 94 | Load additional DES operational key part. | |
| 95 | Complete DES operational key. | |
| 96 | Clear DES operational key part register. | |
| 97 | Load first AES operational key part. | |
| 98 | Load additional AES operational key part. | |
| 99 | Complete AES operational key. | |
| 100 | Clear AES operational key part register. | |
| 101 | Load first AES operational key part (VAR-AES). | |
| 102 | Load additional AES operational key part (VAR-AES). | |
| 103 | Complete AES operational key (VAR-AES). | |
| 104 | Clear AES operational key part register (VAR-AES). | |
| 105 | Load first HMAC operational key part. | |
| 106 | Load additional HMAC operational key part. | |
| 107 | Complete HMAC operational key. | |
| 108 | Clear HMAC operational key part register. | |
| 109 | Diffie-Hellman key load, load 4096-bit RSA. | |
| 110 | Diffie-Hellman key load, combine 4096-bit RSA. | |
| 111 | Diffie-Hellman key load, clear 4096-bit RSA. | |
| 112 | Diffie-Hellman key load, load ECC. | |
| 113 | Diffie-Hellman key load, combine ECC. | |
| 114 | Diffie-Hellman key load, clear ECC. | |
| 115 | Start access control tracking. | |
| 116 | Stop access control tracking. | |
| 117 | Clear access control tracking data. | |
| 118 | Collect configuration data, card. | |
| 119 | Collect configuration data, domain. | |
| 120 | Apply configuration data, card. | This audit record will not be cut if the auditing level is off both before and after the apply operation. |
| 121 | Apply configuration data, domain. | This audit record will not be cut if the auditing level is off both before and after the apply operation. |
| 122 | Manual create of secure log entry. | |
| 123 | Exit migration mode inactive. | |
| 124 | Exit migration mode activate. | |
| 125 | Exit migration mode, timer expired. | |
| 126 | Reserved. | |
| 127 | Enter imprint mode activate. | |
| 128 | Initialize card-scoped role. | |
| 129 | Initialize card-scoped profile. | |
| 130 | Replace card-scoped profile. | |
| 131 | Delete card-scoped role. | |
| 132 | Delete card-scoped profile. | |
| 133 | Activate decimalization table or tables. | |
| 134 | Load weak PIN value or values. | |
| 135 | Delete weak PIN value or values. | |
| 136 | Activate weak PIN value or values. | |
| 137 | Delete all weak PIN values. | |
| 138 | Exit imprint mode. |