Home >

LunaSH Command Reference Guide > LunaSH Commands > hsm > hsm stc hmac enable

hsm stc hmac enable

Enable the use of an HMAC message digest algorithm for message integrity verification on the secure trusted channel (STC) admin channel. The STC admin channel is local to the appliance, and is used to transmit data between the local services and applications running on the appliance (such as LunaSH, NTLS, and the STC service) and the HSM SO partition.

The HMAC algorithm that is both enabled and that offers the highest level of security is used. For example, if SHA 256 and SHA 512 are enabled, SHA 512 is used. You can use the command hsm stc hmac show to show which HMAC message digest algorithms are currently enabled/disabled.

Note:  You must enable at least one HMAC message digest algorithm.

Syntax

hsm stc hmac enable -id <hmac_id>

Parameter Shortcut Description
-id <hmac_id> -i <hmac_id> Specifies the numerical identifier of the HMAC algorithm you want to enable, as listed using the command hsm stc hmac show.

Example

lunash:>hsm stc hmac show
 
HMAC ID     Name                     Enabled
0           HMAC with SHA 256 Bit    No
1	    HMAC with SHA 512 Bit    Yes
 
Command Result : 0 (Success)
 
lunash:>hsm stc hmac enable -id 0
 
Command Result : 0 (Success)
 
HMAC with SHA 256 Bit is now enabled for HSM.
 
lunash:>hsm stc hmac show
 
HMAC ID     HMAC Name                Enabled
0           HMAC with SHA 256 Bit    Yes
1	    HMAC with SHA 512 Bit    Yes
 
Command Result : 0 (Success)