Login
- Table of Contents
-
- 19-Security Command Reference
- 00-Preface
- 01-Object group commands
- 02-Keychain commands
- 03-Public key management commands
- 04-PKI commands
- 05-Crypto engine commands
- 06-SSH commands
- 07-SSL commands
- 08-Security zone commands
- 09-Packet filter commands
- 10-ASPF commands
- 11-Security policy commands
- 12-Session management commands
- 13-ARP attack protection commands
- 14-ND attack defense commands
- 15-Attack detection and prevention commands
- 16-mGRE commands
- 17-Connection limit commands
- 18-IP-based attack prevention commands
- 19-IP source guard commands
- 20-uRPF commands
- 21-APR commands
- 22-FIPS commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 05-Crypto engine commands | 55.37 KB |
Crypto engine commands
display crypto-engine
Use display crypto-engine to display crypto engine information.
Syntax
display crypto-engine
Views
Any view
Predefined user roles
network-admin
network-operator
Usage guidelines
If the device does not have hardware crypto engines, this command displays information only about software crypto engines.
Examples
# Display crypto engine information.
<Sysname> display crypto-engine
Crypto engine name: Hardware crypto engine: Otx
Crypto engine state: Enabled
Crypto engine type: Hardware
Slot ID: 0
CPU ID:0
Crypto engine ID: 0
Crypto device name: Hardware-Octeontx
Crypto device serial number:
Symmetric algorithms: des-ecb 3des-cbc 3des-ecb aes-cbc aes-ecb md5 sha1 sha2-256 sha2-384 sha2-512 md5-hmac sha1hmac sha2-256-hmac sha2-384-hmac sha2-512-hmac
Asymmetric algorithms:
Random number generation function: Not Supported
Crypto engine name: Software crypto engine
Crypto engine state: Enabled
Crypto engine type: Software
Slot ID: 0
CPU ID:0
Crypto engine ID: 1
Crypto device name: Software
Crypto device serial number:
Symmetric algorithms: des-cbc des-ecb 3des-cbc aes-cbc aes-ecb aes-ctr camellia_cbc md5 sha1 sha2-256 sha2-384 sha2-512 md5-hmac sha1-hmac sha2-256-hmac sha2-384-hmac sha2-512-hmac aes-xcbc aes-xcbc-hmac
Asymmetric algorithms: sm2
Random number generation function: Supported
# Display crypto engine information.
<Sysname> display crypto-engine
Crypto engine name: Software crypto engine
Crypto engine state: Enabled
Crypto engine type: Software
Slot ID: 0
CPU ID:0
Crypto engine ID: 0
Crypto device name: Software
Crypto device serial number:
Symmetric algorithms: des-cbc des-ecb 3des-cbc aes-cbc aes-ecb aes-ctr camellia_cbc md5 sha1 sha2-256 sha2-384 sha2-512 md5-hmac sha1-hmac sha2-256-hmac sha2-384-hmac sha2-512-hmac aes-gcm aes-gmac aes-xcbc aes-xcbc-hmac sm3 sm3-hmac sm4-cbc
Asymmetric algorithms: sm2
Random number generation function: Supported
Table 1 Command output
|
Field |
Description |
|
Crypto engine state |
Hardware crypto engine state: · Enabled. · Disabled. This field always displays Enabled for software crypto engines. |
|
Crypto engine type |
Crypto engine type: · Hardware. · Software. |
|
CPU ID |
This field is not supported in the current software version. ID of the CPU. |
|
Crypto device name |
Name of the crypto device. This field displays Software for software crypto engines. For hardware crypto engines, the value of this field is Hardware-Octeontx. |
|
Crypto device serial number |
Serial number of the crypto device. This field is always empty for software crypto engines. For hardware crypto engines, this field is empty. |
|
Symmetric algorithms |
Supported symmetric algorithms. |
|
Asymmetric algorithms |
Supported asymmetric algorithms. |
|
Random number generation function |
Whether random number generation function is supported: · Supported. · Not supported. |
display crypto-engine statistics
Use display crypto-engine statistics to display crypto engine statistics.
Syntax
display crypto-engine statistics [ engine-id engine-id slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
engine-id engine-id: Specifies a crypto engine by its ID. The value range for the engine-id argument is 0 to 4294967295.
slot slot-number: Specifies a card by its slot number.
Usage guidelines
If hardware crypto engines are not enabled or the device does not have hardware crypto engines, this command displays statistics only for software crypto engines.
If you do not specify any parameters, this command displays crypto engine statistics for all cards.
Examples
# Display all crypto engine statistics.
<Sysname> display crypto-engine statistics
Slot ID: 1
CPU ID: 0
Crypto engine ID: 0
Submitted sessions: 0
Failed sessions: 0
Symmetric operations: 0
Symmetric errors: 0
Asymmetric operations: 0
Asymmetric errors: 0
Get-random operations: 0
Get-random errors: 0
# Display statistics for crypto engine 1 on the specified slot.
<Sysname> display crypto-engine statistics engine-id 1 slot 1
Submitted sessions: 0
Failed sessions: 0
Symmetric operations: 0
Symmetric errors: 0
Asymmetric operations: 0
Asymmetric errors: 0
Get-random operations: 0
Get-random errors: 0
Table 2 Command output
|
Field |
Description |
|
Submitted sessions |
Number of established sessions. |
|
Failed sessions |
Number of failed sessions. |
|
Symmetric operations |
Number of operations using symmetric algorithms. |
|
Symmetric errors |
Number of failed operations using symmetric algorithms. |
|
Asymmetric operations |
Number of operations using asymmetric algorithms. |
|
Asymmetric errors |
Number of failed operations using asymmetric algorithms. |
|
Get-random operations |
Number of operations for obtaining random numbers. |
|
Get-random errors |
Number of failed operations for obtaining random numbers. |
Related commands
reset crypto-engine statistics
reset crypto-engine statistics
Use reset crypto-engine statistics to clear crypto engine statistics.
Syntax
reset crypto-engine statistics [ engine-id engine-id slot slot-number ]
Views
User view
Predefined user roles
network-admin
Parameters
engine-id engine-id: Specifies a crypto engine by its ID.The value range for the engine-id argument is 0 to 4294967295.
slot slot-number: Specifies a card by its slot number.
Usage guidelines
If you do not specify any parameters, this command clears crypto engine statistics for all cards.
Examples
# Clear statistics for all crypto engines.
<Sysname> reset crypto-engine statistics
# Clear statistics for crypto engine 1 on the specified slot.
<Sysname> reset crypto-engine statistics engine-id 1 slot 1
Related commands
display crypto-engine statistics
