stc cipher enable

Enable the use of a symmetric encryption cipher algorithm for data encryption on an STC link. All data transmitted over the STC link will be encrypted using the cipher that is both enabled and that offers the highest level of security. For example, if AES 192 and AES 256 are enabled, and AES 128 is disabled, AES 256 will be used. You can use the command stc cipher show to show which ciphers are currently enabled/disabled.

NOTE Secure Trusted Channel (STC) changes format for Luna HSM Firmware 7.7.0; LunaSH commands used by the HSM SO for STC are described here for Luna HSM Firmware 7.4.2 and older, and are discontinued for Luna HSM Firmware 7.7.0 and newer.

For Luna HSM Firmware 7.7.0 and newer, only the Partition SO can configure these STC options, using LunaCM (see stcconfig) after the partition is initialized.

You must be logged in as the HSM SO to use this command.

NOTE Performance is reduced for larger ciphers.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

stc cipher enable -partition <partition_name> {-all | -id <cipher_id>}

Argument(s)	Shortcut	Description
-all	-a	Enable all ciphers.
-id <cipher_id>	-i	Specifies the numerical identifier of the cipher you want to use, as listed using the command stc cipher show.
-partition <partition_name>	-p	Specifies the name of the partition for which you want to enable the specified cipher.

Example

lunash:>stc cipher enable -partition partition2 -id 2


AES 192 Bit with Cipher Block Chaining is now enabled.


Command Result : 0 (Success)



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-04-26 12:02:08 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information