Open topic with navigation

Home >

stc hmac disable

Disable the use of an HMAC message digest algorithm for message integrity verification on an STC link. The HMAC algorithm that is both enabled and that offers the highest level of security is used. For example, if SHA 256 and SHA 512 are enabled, SHA 512 is used. You can use the command "stc hmac show" to show which HMAC message digest algorithms are currently enabled/disabled.

Note:  All STC links use message integrity verification, so at least one HMAC algorithm must be enabled.

You must be logged in as the HSM SO to use this command.

Syntax

stc hmac disable -partition <partition_name> -id <hmac_id>

Parameter Shortcut Description
-partition <partition_name>

-p <partition_name>

 Specifies the partition for which you want to enable an HMAC algorithm.
-id <hmac_id> -id <hmac_id> Specifies the numerical identifier of the HMAC algorithm you want to disable, as listed using the command "stc hmac show".

Example

lunash:> stc hmac show -par mapleleafs
 
HMAC ID     HMAC Name                Enabled
0           HMAC with SHA 256 Bit    Yes
1	    HMAC with SHA 512 Bit    Yes
 
Command Result : 0 (Success)
 
lunash:> stc hmac disable -par mapleleafs -id 0
 
HMAC with SHA 256 Bit is now disabled for partition mapleleafs.
 
Command Result : 0 (Success)
 
lunash:> stc hmac show -par mapleleafs
 
HMAC ID     Name                     Enabled
0           HMAC with SHA 256 Bit    No
1	    HMAC with SHA 512 Bit    Yes
 
Command Result : 0 (Success)

Luna PCI-E 6.0 Product Documentation
007-011329-007 Rev. A May 2015 Copyright 2015 SafeNet, Inc. All rights reserved.

Open topic with navigation