Stack Overflow
Stack Overflow

Questions tagged [hsm]

Hardware Security Modules are devices designed to protect cryptographic key material and accelerate certain operations.

Hardware Security Modules are computer devices that provide a protected environment in which cryptographic keys can be generated, used and (in some cases) stored. Without using an HSM, cryptographic keys are exposed in RAM during their generation and use.

Some HSMs also contain special-purpose chips that offer acceleration for particular cryptographic operations, such as RSA signature generation or elliptic curve operations.

412 questions
6
votes
3 answers

Best Practice for Transitioning From Nested State to Nested State (see diagram)

I am trying to wrap my mind around the best way to implement nested state transitions in a single threaded programming language (Actionscript). Say I have a structure like this behavior tree: Now imagine that each leaf node is a destination point…
Lance
  • 75,200
  • 93
  • 289
  • 503
6
votes
1 answer

Loading *.so files into Websphere

My JSP program is set to run on Websphere under HP-UX. I have some .jar files and a .so file which contains classes that my program needs to run. By placing my .jar files into \MyProgram\WEB-INF\lib\ folder, I was able to get some to work. However,…
Em Cee
  • 107
  • 3
  • 11
6
votes
3 answers

Interfacing with a Hardware Security Module on Linux

I have to work with an HSM device for security requirements in my project. I am confused about how HSM is interfaced with C on a Linux machine. How does a user access HSM internal memory for performing different operations with it?
Deepak Sharma
  • 61
  • 1
  • 2
5
votes
0 answers

Why does isInsideSecureHardware return true on an Android Emulator?

Below is the code that I'm running on Android API 27: KeyPairGenerator keyGen = null; keyGen = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, "AndroidKeyStore"); // store the key in the Android KeyStore for security…
Josh Correia
  • 3,807
  • 3
  • 33
  • 50
5
votes
0 answers

How to generate ECDSA keys with brainpool curve in PKCS11 based SafeNet HSM?

I am trying to generate the ECDSA Keys using brain pool curve at the Safenet HSM. I enabled the user-defined domain parameters at the Safenet HSM and we are facing exception java.security.InvalidAlgorithmParameterException: params must be either a…
Ahmad
  • 1,462
  • 5
  • 17
  • 40
5
votes
1 answer

Difference between HSM and Argon2 ? which one is preferrable

I am working on a application dealing with customer details , which we want to store in our DB as encrypted , Which one is preferable Argon2
Muddassir Rahman
  • 976
  • 1
  • 9
  • 20
5
votes
1 answer

TEE/HSM support on Android operating system

Android has the concept of hardware backed security as TEE and in latest Android i.e., Android Pie devices can have a HSM (Strongbox). 1.What is the actual difference between TEE and HSM? 2.Does Android HSM can be used as a cryptography solution…
Ameya721
  • 171
  • 1
  • 9
5
votes
3 answers

signtool fails to sign a binary with a key from a AWS CloudHSM

We are going to use AWS CloudHSM service to keep all code signing certificates secure and perform code signing on our build server. Our build server is Windows Server 2010, so I installed AWS CloudHSM client there. I activated cluster and all…
toohtik
  • 1,892
  • 11
  • 27
5
votes
1 answer

ECDH1_DERIVE issues with PCKS11interop and Safenet Network HSM

Been fighting a Gemalto network HSM for a while and its about time i asked for some expert help. I am trying to derive an ECDH1 key from a known public key and a private key stored on the HSM and keep sending the HSM into some sort of panic mode…
Jon Bridger
  • 55
  • 7
5
votes
2 answers

How to get PKCS11 PublicKey via Template

I have a GO Application, that stores it's certificate to a HSM via opencryptoki (pkcs11) in a softwaretoken. But it's not a go question, more a general pkcs11 question I think. I set my certificates and privatekey like this: certTemplate :=…
Flo
  • 2,699
  • 4
  • 24
  • 46
5
votes
3 answers

Export/Import RSA keypair using PKCS11interop c# wrapper library from Thales nShield HSM?

I have generated a RSA public-private keypair in HSM using PKCS11Interop generate key API. I want to export the keypair. I used Findobject API to get the keys, the API returs an ObjectHandle , while reading attributes using GetAttributeValue API , I…
S Ghosh
  • 61
  • 1
  • 4
5
votes
0 answers

How to reload key from HSM by using openssl?

I'm using HSM via pkcs11 openssl engine. ENGINE_load_private_key() is used to load keys to use. It works fine, except after key pair generation: After generating a new key-pair to HSM, ENGINE_load_private_key() still returns the old…
SKi
  • 8,007
  • 2
  • 26
  • 57
5
votes
5 answers

Which State Machine execution frameworks for C++ implement UML semantics?

I'm looking for a framework that provides execution of hierarchical state machines (HSMs). These are the requirements for the framework: Conforms to UML state machine semantics (as much as possible) Supports at least run-to-completion…
theDmi
  • 17,546
  • 6
  • 71
  • 138
5
votes
1 answer

Getting 02 in response code while firing DE command to HSM

I am trying to create an offset of an encrypted pin using DE command in HSM (Thales). I am using Python code to do this. After firing the command I am getting 02 in the response. The error codes manual describes it as Key inappropriate length for…
Balu SKT
  • 549
  • 5
  • 22
5
votes
2 answers

Implementing Hierarchical State Machines in C

I'm a bit confused about how to implement my state machine. I already know it's hierarchical since some states share the same action. I determine what I need to do by these parameters: Class (Values are: Base, Derived, Specific) OpCode Parameter…
the_drow
  • 18,571
  • 25
  • 126
  • 193
1
2
3
27 28