new-world
Creates a new security world, or adds or restores a HSM to an existing security world.
new-world [ACTION] [OPTION] [-m MODULE] [FEATURES]
Prerequisites for using new-world
-
Most options of
new-world
require a privileged connection between the host machine on which you run it and the HSM that it uses to administer the security world. -
The HSM must be in pre-initialization mode for the
new-world
utility to work with the HSM to create, configure, erase a security world or to enrol the HSM into the security world. Furthermore, if you usenew-world
to re-configure an HSM, you will have to restart the HSM into operational state.
If the HSM is not in the pre-initialization mode,new-world
advises you that you must put the HSM in this mode and waits until you have changed the HSM mode before continuing. See-
Network-attached HSMs: Checking and changing the mode on a network-attached HSM
-
nShield Solo and Solo XC: Checking and changing the mode on an nShield Solo module
-
nShield 5s: nShield 5s modes of operation
-
-
If the HSM is ready for creating, repprogramming, or erasing a security world (that is, it’s in the pre-initialization mode),
new-world
prompts you for smart cards and passphrases as required. -
If
new-world
cannot interpret the command line, it displays its usage message and exits. It does not create a security world and does not modify the existing security world. -
If you attempt to set a quorum for a feature that you have disabled or if you attempt to set a quorum too high,
new-world
displays an error and exits. -
If
new-world
cannot find the key-management data, it displays the messagenew-world: no existing world to load
new-world [ACTIONS]
You can use new-world
in three different ways to perform three different ACTIONs.
Each ACTION has its own options.
If you do not enter a specific action, new-world
selects one of [-i]
or [-l]
, depending on whether you have already created a security world.
Action | Description |
---|---|
|
Initializes a new security world according to the specified parameters and programs it into the given module.
Creating a new security world replaces any existing Replacing an existing security world in this way does not delete the security world’s host data and recovery and replacement data, but renames the existing |
|
Programs a module with an existing security world (enrols the module into the security world).
Adds an HSM to an existing security world in the Key Management Data directory. |
|
Restores a module to its factory default condition:
You must run
|
new-world [OPTIONS]
Option | Description | ||||||
---|---|---|---|---|---|---|---|
|
Specifies the Cipher suite and type of key that is used to protect the new security world.
In v3 security worlds, you must set |
||||||
|
Disables OCS and softcard replacement; see Replacing Operator Card Sets. Equivalent to setting By default,
Default: disabled |
||||||
|
Uses a reduced default feature set when it creates the security world:
Such a reduced-features security world can perform many operations faster than more fully featured security worlds.
Default: *dis*abled |
||||||
|
Prevents the HSM from becoming a target for remote shares.
If you do not want an HSM to be able to read remote card sets, initialize it by running `new-world -S <module-id>. |
||||||
|
Available modes:
Default: no mode is specified, a FIPS 140-2 Level 2 compliant security world is created |
new-world [FEATURE] syntax
The feature expressions in the new-world
utility is a comma-separated list of <feature-terms>, each of which can optionally be flanked by an <operator> and the <quorum-info> for the ACS that is required to manage the feature:
<operator><feature-term><quorum-info>
Term | Description | ||
---|---|---|---|
<feature-term> |
Name of the feature, see new-world [FEATURES]. |
||
<operator> |
double dash (
|
||
<quorum-info> |
|
new-world [FEATURES]
Feature | Description | ||
---|---|---|---|
|
Disables the use of PKCS#1 v1.5 padding.
All attempts to use PKCS#1 v1.5 padding for encryption or decryption operations will be rejected. |
||
|
Specifies that that ACS authorization is needed to enable SEE World debugging.
See Debugging SEE machines. |
||
|
Enables SEE World debugging for
|
||
|
Configures the security world and the HSM on which it is being created for audit logging, creating a log signing key for each HSM.
The log destination must have already been set in the hardserver configuration file.
See Audit Logging. |
||
|
Specifies that ACS authorization is needed to enable foreign token operations (FTO). +
This feature remains available for use on presentation of the standard ACS quorum, even if turned off using the |
||
|
Specifies a maximum reauthorization condition in terms of number of key usages since authorization for Assigned keys in common-criteria-cmts mode.
A use limit compatible with the specified maximum will be applied at key creation time and can be verified for Assigned keys.
If this is not set then no |
||
|
Specifies a maximum reauthorization condition in terms of a TIMEOUT since authorization for Assigned keys in common-criteria-cmts mode.
By default, an integer given for TIMEOUT is interpreted in seconds, but you can supply values for TIMEOUT in the form Ns, Nh, or Nd where N is an integer and s specifies second, h specifies hours, and d specifies days.
A use limit compatible with the specified maximum will be applied at key creation time and can be verified for Assigned keys.
If this is not set then no limit is applied to Assigned keys on creation. |
||
|
This option prevents making the HSM from becoming a target for remote shares. |
||
|
If you have not specified a mode parameter you can use the |
||
|
This option allows you to specify the time-out for new security worlds.
By default, an integer given for TIMEOUT is interpreted in seconds, but you can supply values for TIMEOUT in the form N |
||
|
This feature specifies that ACS authorization is needed to enable nonvolatile memory (NVRAM) allocation. |
||
|
This feature enables passphrase replacement; see passphrase replacement and Changing card and softcard passphrase. |
||
|
Enables a minimum passphrase length check for the Administrator Card Set (ACS) the Operator Card Set (OCS) and any associated softcards when you create a security world.
The minimum passphrase length check is then applied after the security world is created.
When enabled and you attempt to create a card passphrase with fewer characters than the specified minimum length, the following warning message displays:
new-world --initialize --acs-quorum=K/N --pp-min=14
---- |
||
|
Enables passphrases to have at least one uppercase, lowercase, number, and symbol. |
||
|
This feature only takes effect if you are creating a new security world. |
||
|
This feature specifies that ACS authorization is needed to set the real-time clock (RTC); (see rtc).
This feature remains available for use on presentation of the standard ACS quorum, even if turned off using the + Not available on the nShield 5c. |
||
Module selection |
|||
|
Specifies the number ID to use.
|
||
Help options |
|||
|
Displays help for |
||
|
Displays a brief usage summary for |
||
|
Displays the version number of the Security World Software that deploys |
new-world examples
Example 1
new-world m=1, r, !p, nv=2, rtc=1
Create a security world for which:
m=1
r |
y |
!p |
passphrase replacement is not enabled |
nv=2 |
Two cards are required to allocate nonvolatile memory |
rtc=1 |
1 card is required to set the real-time clock (applies to SEE only) |
(--acs-quorum is omitted) |
The default number is required to replace an OCS |
(--acs-quorum is omitted) |
A single card from the ACS is required to add a new HSM |