hsm stc hmac disable
Disable the use of an HMAC message digest algorithm for message integrity verification on the secure trusted channel (STC) admin channel. The STC admin channel is local to the appliance, and is used to transmit data between the local services and applications running on the appliance (such as LunaSH, NTLS, and the STC service) and the HSM SO partition.
NOTE The STC admin channel is configurable using Luna Appliance Software 7.4.0 and older, and Luna HSM Firmware 7.4.2 and older. This feature is not available in Luna HSM Firmware 7.7.0 and newer.
The HMAC algorithm that is both enabled and that offers the highest level of security is used. For example, if SHA 256 and SHA 512 are enabled, SHA 512 is used. You can use the command hsm stc hmac show to show which HMAC message digest algorithms are currently enabled/disabled.
NOTE You cannot disable all HMAC message digest algorithms.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
hsm stc hmac disable -id <hmac_id>
Argument(s) | Shortcut | Description |
---|---|---|
-id <hmac_id> | -i | Specifies the numerical identifier of the HMAC algorithm you want to disable, as listed using the command hsm stc hmac show. |
Example
lunash:>hsm stc hmac disable -id 0 HMAC with SHA 256 Bit is now disabled. Command Result : 0 (Success)