Home >

LunaSH Command Reference Guide > LunaSH Commands > partition > partition policyTemplate create

partition policytemplate create   

Create an application partition policy template in memory (for editing). To preserve the template, it must be saved separately by the partition policyTemplate save command.

Partition policy template naming

A policy template must have a unique name, which can be a character string. Acceptable characters are:

-.0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz

Minimum length is a single character.

Maximum length is 20 characters.

Syntax

partition create -policytemplate[-force]

Option Shortcut Parameter Description
-force -f . Force the partition creation with no prompting - you are still prompted by SafeNet PED, if yours is a PED authenticated HSM.

Example

lunash:> partition policyTemplate create


                                                              Destructive
 Description                                   Value Code Off-To-On On-To-Off
______________________________________________________________________________

 Allow private key cloning                       1    0      Yes       Yes
 Allow private key wrapping                      0    1      Yes       Yes
 Allow private key unwrapping                    1    2      No        No
 Allow private key masking                       0    3      Yes       Yes
 Allow secret key cloning                        1    4      Yes       Yes
 Allow secret key wrapping                       1    5      No        No
 Allow secret key unwrapping                     1    6      No        No
 Allow secret key masking                        0    7      Yes       Yes
 Allow multipurpose keys                         1    10     No        No
 Allow changing key attributes                   1    11     No        No
 Ignore failed challenge responses               1    15     No        No
 Operate without RSA blinding                    1    16     Yes       Yes
 Allow signing with non-local keys               1    17     No        No
 Allow raw RSA operations                        1    18     No        No
 Max failed user logins allowed                 10    20     No        No
 Allow high availability recovery                1    21     No        No
 Allow activation                                0    22     No        No
 Allow auto-activation                           0    23     No        No
 Minimum pin length (inverted: 255 - min)       248   25     No        No
 Maximum pin length                             255   26     No        No
 Allow Key Management Functions                  1    28     No        No
 Perform RSA signing without confirmation        1    29     No        No
 Allow Remote Authentication                     1    30     No        No
 Allow private key unmasking                     1    31     No        No
 Allow secret key unmasking                      1    32     No        No
 Allow RSA PKCS mechanism                        1    33     No        No
 Allow CBC-PAD (un)wrap keys of any size         1    34     No        No
 Allow private key SFF backup/restore            0    35     No        No
 Allow secret key SFF backup/restore             0    36     No        No
 Force Secure Trusted Channel                    0    37     No        No

          Type 'proceed' to continue, or 'quit'
          to quit now.
          > proceed

Success: Created and loaded the new partition policy template.

Use 'partition policyTemplate change' to edit the template and
'partition policyTemplate save' to save the template once you have applied all necessary
changes.

Command Result : 0 (Success)

SafeNet Network HSM 6.3 Product Documentation
007-011136-015 Rev. A 14 July 2017 Copyright 2001-2017 Gemalto All rights reserved.