Home >

LunaCM Command Reference Guide > LunaCM Commands > partition > partition policyTemplateCReate

partition policyTemplatecreate   

Create an application partition policy template in memory (for editing). To preserve the template, it must be saved separately by the partition policyTemplatesave command.

Partition policy template naming

A policy template must have a unique name, which can be a character string.
Acceptable characters are:
-.0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz

Minimum length is a single character.

Maximum length is 20 characters.

Syntax

partition create -policyTemplateCreate[-force]

Option Shortcut Parameter Description
-force -f . Force the partition creation with no prompting - you are still prompted by SafeNet PED, if yours is a PED authenticated HSM.

Example

lunacm:> partition policytemplatecreate 

                                                            Destructive
 Code Description                                   Value Off-To-On On-To-Off
______________________________________________________________________________

  0   Allow private key cloning                      On      Yes       No
  1   Allow private key wrapping                     Off     Yes       No
  2   Allow private key unwrapping                   On      No        No
  3   Allow private key masking                      Off     Yes       No
  4   Allow secret key cloning                       On      Yes       No
  5   Allow secret key wrapping                      On      Yes       No
  6   Allow secret key unwrapping                    On      No        No
  7   Allow secret key masking                       Off     Yes       No
  10  Allow multipurpose keys                        On      Yes       No
  11  Allow changing key attributes                  On      Yes       No
  15  Ignore failed challenge responses              On      Yes       No
  16  Operate without RSA blinding                   On      Yes       No
  17  Allow signing with non-local keys              On      No        No
  18  Allow raw RSA operations                       On      Yes       No
  20  Max failed user logins allowed                 10      N/A       N/A
  21  Allow high availability recovery               On      No        No
  22  Allow activation                               On      No        No
  23  Allow auto-activation                          On      No        No
  24  Allow indirect login                           Off     No        No
  25  Minimum pin length (inverted: 255 - min)       248     N/A       N/A
  26  Maximum pin length                             255     N/A       N/A
  28  Allow Key Management Functions                 On      Yes       No
  29  Perform RSA signing without confirmation       On      Yes       No
  30  Allow Remote Authentication                    On      No        No
  31  Allow private key unmasking                    On      No        No
  32  Allow secret key unmasking                     On      No        No
  33  Allow RSA PKCS mechanism                       On      Yes       No
  34  Allow CBC-PAD (un)wrap keys of any size        On      Yes       No
  35  Allow private key SFF backup/restore           Off     Yes       No
  36  Allow secret key SFF backup/restore            Off     Yes       No
  37  Force Secure Trusted Channel                   Off     No        Yes

          Type 'proceed' to continue, or 'quit'
          to quit now.
          > proceed

Success: Created and loaded the new partition policy template.

Use 'partition policyTemplateChange' to edit the template and
'partition policyTemplateSave' to save the template once you have applied all necessary
changes.

Command Result : No Error  

SafeNet PCIe HSM 6.3 Product Documentation
007-011329-012 Rev. A 14 July 2017 Copyright 2001-2017 Gemalto All rights reserved.