Stack Overflow
Stack Overflow

Questions tagged [hsm]

Hardware Security Modules are devices designed to protect cryptographic key material and accelerate certain operations.

Hardware Security Modules are computer devices that provide a protected environment in which cryptographic keys can be generated, used and (in some cases) stored. Without using an HSM, cryptographic keys are exposed in RAM during their generation and use.

Some HSMs also contain special-purpose chips that offer acceleration for particular cryptographic operations, such as RSA signature generation or elliptic curve operations.

412 questions
0
votes
1 answer

While privateKey of a usb token is not accessible then Why we use keystore.getKey() in Java for digitally sign a pdf

As per all readings I have found that, while using USB Token(HSM) we are unable to fetch private key from USB Token, Then Why we call KeyStore.getKey(alias,password) in java code. I have done something like this where ks is my KeyStore…
Bijay Kumar Rai
  • 77
  • 1
  • 10
0
votes
0 answers

How to send Hash to USB token for encryption while signing pdf

I am Implementing Digital Signature in PDF using usb token. Now According to the digital Signature implementation through usbToken contains following steps. Hash of a PDF is generated and pass to the USB token. That hash will be encrypted by…
Bijay Kumar Rai
  • 77
  • 1
  • 10
0
votes
1 answer

Set up SSL in Elastic Beanstalk using cloudHSM

I'm familiar with creating a CSR (via openssl) on a webserver and submitting it to a CA to purchase an SSL cert. A site we're building (using Elastic Beanstalk) has a requirement that certificates are managed via a HSM. I think AWS CloudHSM is the…
Wintermute
  • 2,973
  • 4
  • 32
  • 52
0
votes
0 answers

PKCS11 - SHA1HMAC yields a different SHA1HMAC result

I am following the below steps to compute the HMAC using SHA1 algorithm using two different API and both the outputs are not matching. 1) I first compute HMAC for a given data and key using SHA1 algorithm through BouncyCastle API. 2) We compute…
Venkat
  • 19
  • 2
0
votes
1 answer

Safenet HSM doesn't response to the message

I'm new to HSM, I'm using TCP connection to communicate with 'safenet ProtectHost EFT' HSM. So as for a beginning i tried to call 'HSM_STATUS' method by sending following message. full message (with header) : 0000 0001 0000 0001 0001 1001 1011…
Chathura Wijeweera
  • 289
  • 1
  • 2
  • 9
0
votes
1 answer

ZPK Encryption ISO format 9594-1 Format 0

I need to integrate our IVR with ATM switch. In this case IVR needs to send pin block formed in ISO format 9594-1 Format 0 only (Zone pin key – Pin encryption). WE have Clear component - 1 ,2, & 3 & ZMK - Key check value. I need to know steps to…
Dnyati
  • 135
  • 1
  • 11
0
votes
2 answers

Where do i get BDK for DUKPT decryption

I have generated a BDK Type3 key for DUKPT in Thales HSM. I have sent this BDK which is encrypted under the LMK of the HSM to the terminal manufacturer to generate the IPEK key and inject it into the terminal. When I receive the encrypted data I…
psh
  • 9
  • 1
  • 3
0
votes
1 answer

How to change public exponent attribute to be a byte array

I am working on Luna G5 HSM, and need to generate key pair. I have the code as follows, but there is an error said I need to change the public exponent attribute to be a byte array, but I don't know how to modify this part, any help would be really…
ccy
  • 341
  • 6
  • 18
0
votes
0 answers

Cannot configure OpenSSL on Windows properly

I want to use KDSoap, which uses Qt, which uses OpenSSL, to consume a web service, that requires a secure connection, established by using a key stored in a USB HSM (SmartCard + Reader basically, called an Athena IDProtect Key v2.0). I've installed…
Paul-Sebastian Manole
  • 2,538
  • 1
  • 32
  • 33
0
votes
1 answer

Pkcs#11 with NCryptoki error N. 145

I'm using the NCryptoki dll to manage the acccess to our HSMs. I use a C# windows service. This service is a socket: it listens for requests and it access to the HSMs, doing stuff. Using my code to acccess HSM, I randomly get this…
Piero Alberto
  • 3,823
  • 6
  • 56
  • 108
0
votes
0 answers

PKCS11Exception: CKR_TOKEN_NOT_RECOGNIZED

I installed Softhsm v 2.2 and Started working with PkCS#11 Java API that on Operations: 1.Slot Creation Token Creation Key Generation Encryption Signing Key Retrieving I am getting below exception : Exception in thread "main"…
Slok
  • 576
  • 1
  • 12
  • 27
0
votes
1 answer

How does the hsm intervene in the encryption of a transaction with a termianl?

I'm trying to understand how the hsm and keys are linked to the transaction using a terminal. I'm supposed to develop a authentication server that receives transactions from terminals and parse them to get different data. But what I fail to…
YGouddi
  • 341
  • 2
  • 14
0
votes
2 answers

communicate with remote safenet hsm using TCP connection

I am new to the HSM, i have to connect to remote safenet HSM using TCP connection ? how should i communicate ? whats the TPK,TMK and how it works ? please share some links or documents.
Shailesh
  • 657
  • 2
  • 13
  • 27
0
votes
1 answer

java interact with payshield 9000

Is it possible to build java application that can be used to verified pin based on its pan, and change the pin if the customer need it. My company use thales payshield 9000..? I can only connect through the hsm via ip and port private String…
nayla gema
  • 1
  • 2
0
votes
1 answer

GK command on Thales Payshield 9000 HSM

Right now we are integrating our software with Thales Payshield 9000 HSM and have following problem: We are having difficulties using GK (Export Key under RSA public key) command. We successfully generate DEK key using A0 command. We also…
JonasJnz
  • 33
  • 2
  • 6
1 2 3
27 28