edit-world

Edits parameters on an existing security world.

edit-world [ACTION]

Prerequisites for using edit-world

  • A pre-existing Security World must exist and be loaded on at least 1 HSM.

  • If changing the world, the Administrative cardset will be needed to authorize the changes.

edit-world syntax

Without any parameters specified the edit-world utility will list the editable Security World parameters.

edit-world NAME=VALUE syntax

The edit-world utility allows the changing of parameters using NAME=VALUE as the input.

  • NAME is the target parameter to be altered

  • VALUE is either 0 (disable) or 1 (enable)

edit-world [OPTIONS]

|-h, --help |Displays help for new-world.

|-v, --version |Displays the version number of the Security World Software that deploys edit-world.

|-u, --usage |Displays a brief usage summary for edit-world.

edit-world examples

Example 1

edit-world
StrictSP80056Ar3=0|1 Enforce strict SP800-56Ar3 compliance

List editable Security World parameters. Currently the only support parameter is SP800-56Ar3 compliance.

Example 2

edit-world StrictSP80056Ar3=0

Disable SP800-56Ar3 compliance in the Security World (FIPS-140 Level 3 worlds only)

Example 3

edit-world StrictSP80056Ar3=1

Enable SP800-56Ar3 compliance in the Security World (FIPS-140 Level 3 worlds only)