Stack Overflow
Stack Overflow

Questions tagged [hsm]

Hardware Security Modules are devices designed to protect cryptographic key material and accelerate certain operations.

Hardware Security Modules are computer devices that provide a protected environment in which cryptographic keys can be generated, used and (in some cases) stored. Without using an HSM, cryptographic keys are exposed in RAM during their generation and use.

Some HSMs also contain special-purpose chips that offer acceleration for particular cryptographic operations, such as RSA signature generation or elliptic curve operations.

412 questions
0
votes
1 answer

AWS CloudHSM AES-256 bit keys generation using PKCS#11 API

I am using the PKCS#11 API to generate AES-256 bit keys in AWS CloudHSM. I believe I can generate the key successfully using (C_GenerateKey) however, when I try to print the value of the key, I get a "CKR_ATTRIBUTE_TYPE_INVALID" error on the first…
ejohnson
  • 139
  • 1
  • 4
  • 16
0
votes
1 answer

Thales HSM generate pinblock in thales format 05(ISO 9564-1 Format 1) without pan and encrypt it with zpk

How to generate pinblock in thales format 05(ISO 9564-1 Format 1) without PAN and encrypt it with ZPK, this format does't requite PAN but i can't find way to do it without it in documentation (http://www.pay-logic.com/docs/hostcommandv23b.pdf)
Robert Wróbel
  • 345
  • 1
  • 2
  • 9
0
votes
0 answers

I can't sign xml file with HSM device

I'm trying to sign a xml file using PKCS11 library but I got some errors when I'm trying to sign. Here is my code and I pointed exception line. ComputeSignature method returns me exception and I'm confused. ... ObjectHandle publicKey…
TEngineer
  • 95
  • 1
  • 18
0
votes
1 answer

Protocol and data format to get connected with HSM boards

Folks - How does an application connect with HSM(Hardware security Module) boards? What is the protocol they use and what would be the data formats for interaction? The reason for asking protocol is that I may have the application running on a…
techtantric
  • 1
  • 3
0
votes
1 answer

How to sign xml file with HSM Device?

I can get certificate from HSM device but it doesn't give me private key for signing. How can I sign xml file and what should I do with it? Thanks for helps.
TEngineer
  • 95
  • 1
  • 18
0
votes
1 answer

Pkcs11 - How to add signature to xml file?

I've a problem that occurs when getting certificate and putting to xml file. Should I use private key for signing? I see only public key in certificate. There is no private key in my certificate. byte[] ckaIdd =…
TEngineer
  • 95
  • 1
  • 18
0
votes
1 answer

Microsoft Certificate Authority - Cloning

I'm considering to clone a CA that has its private key stored in a HSM from environment A to environment B. However, if the private key cannot be cloned, is there anyway we can start the CA service just so I can generate a new key-pair/CSR or to…
Dickson Chu
  • 3
  • 2
0
votes
1 answer

YubiHSM 2 PKCS11 Cant connect

I have a YubiHSM2 HSM device and want to access it via PKCS11. I have installed the YubiHSM2 drivers as well as Libp11 and OpenSC tools. However, when I try to connect and generate a key via: pkcs11-tool --module…
LikeAKemper
  • 155
  • 2
  • 12
0
votes
1 answer

crypto.dll error 'C_Initialize - This object is not connected to a module.'

I'm getting this error when I try to access. How to access HSM in .NET C# with crypto.dll library? signature.addKeyInfo(new ECertificate(cert.getEncoded())); var c = HsmManager.getInstance().getSigner("MyPassword", cert); static Module pkcs11Module…
TEngineer
  • 95
  • 1
  • 18
0
votes
2 answers

Unable to access key in HSM for sh256 signing but can for sha1 signing

How can I enable access to key in HSM when signing as sha256? When I sign as sha1 sign tool properly pulls the cert key out of the HSM but if I change to "/fd sha256" the key can't be found within the container. I'm sure signtool can access the…
Eva Brigid
  • 123
  • 14
0
votes
1 answer

Encrypting a message with HSM Thales

There is a task to encrypt a message with a key stored in HSM (LMK I suppose) to save the encrypted message in database. And decrypt later as well. The commands I find are M0/M2. As I could see both commands require my own key in addition. I may…
Roman
  • 25
  • 6
0
votes
2 answers

How to encrypt/decrypt data using public/private keys located at Safenet HSM Luna SA device in java

I need to encrypt the data using public key located in Safenet HSM Luna SA device and also need to decrypt the data using private key which also located in HSM device in JAVA. I'm completely new to the HSM device. I have encrypted/ decrypted data…
pooja
  • 1
  • 1
  • 3
0
votes
1 answer

Pkcs#11 Session.encrypt CKR_OPERATION_NOT_INITIALIZED using NCryptoki

I'm using Pkcs#11 with the NCryptoki dll to use our HSM and manage the keys. Why is this code giving me, sometimes, the error 145 (CKR_OPERATION_NOT_INITIALIZED)? I'm trying to avoid it, but I am still missing something... This error happens…
Piero Alberto
  • 3,823
  • 6
  • 56
  • 108
0
votes
0 answers

How to create PKCS#11 keystore

I have an activated partition on Luna HSM and configured the HSM. My server can talk to HSM, cert are exchanged and vtl verify works. Installed OpenDJ(Directory server, or Could be any application) then I wanted to use an existing certificate on…
Karthik tv
  • 109
  • 1
  • 2
  • 7
0
votes
1 answer

Ncrytoki Error n 48 & 224

I have wcf web service that signs pdf documents when there is a request from my website. Everything works fine locally trying to sign few documents while development. Once my code was deployed to production environment, it was working fine for few…
user1754675
  • 887
  • 13
  • 32
1 2 3
27 28