stcconfig hmacenable
Enable the use of an HMAC message digest algorithm for message integrity verification on an STC link.The HMAC algorithm that is both enabled and that offers the highest level of security is used. For example, if SHA 256 and SHA 512 are enabled, SHA 512 is used. You can use the command stcconfig hmacshow to show which HMAC message digest algorithms are currently enabled/disabled and the command stc status to display the HMAC message digest algorithm that is currently being used.
NOTE This command was removed when STC was upgraded in Luna HSM Client 10.3.0, Luna Appliance Software 7.7.0, and Luna HSM Firmware 7.7.0. Newer versions of any of these components do not support this command.
Syntax
stcconfig hmacenable -id <hmac_ID>
Argument(s) | Shortcut | Description |
---|---|---|
-id <hmac_ID> | -i | Specifies the numerical identifier of the HMAC message digest algorithm you want to use, as listed using stcconfig hmacshow |
Example
lunacm:> stcconfig hmacshow This table lists the HMAC algorithms supported for STC links to the current slot. Enabled algorithms are accepted during STC link negotiation with a client. At least one HMAC algorithm must be enabled. HMAC ID HMAC Name Enabled __________________________________________________________________ 0 HMAC with SHA 256 Bit No 1 HMAC with SHA 512 Bit Yes Command Result : 0 (Success) lunacm:> stcconfig hmacenable -id 0 HMAC with SHA 256 Bit for the current slot is now enabled. Command Result : 0 (Success)