Questions tagged [hsm]

Hardware Security Modules are devices designed to protect cryptographic key material and accelerate certain operations.

Hardware Security Modules are computer devices that provide a protected environment in which cryptographic keys can be generated, used and (in some cases) stored. Without using an HSM, cryptographic keys are exposed in RAM during their generation and use.

Some HSMs also contain special-purpose chips that offer acceleration for particular cryptographic operations, such as RSA signature generation or elliptic curve operations.

412 questions

votes

1 answer

Secure communication between two servers

I want to securely store private keys of my users on a separate server (lets call it B) and it's used to sign, decrypt information. B stores keys on a database (postgres). Server A (public) sends information to B. Ideally B needs to get the…

asked Aug 04 '16 at 22:20

user6227254

votes

1 answer

Communicating with HSM python

I'm attempting to establish a connection with a remote machine through this script. The script is being run on the remote machine attempting to open a session, which I believe I'm doing incorrectly. I'm trying to access slot zero in the library…

python smartcard pkcs#11 hsm

asked Jul 07 '16 at 12:40

DJ2

1,721
3
34
74

votes

0 answers

Sign PDF with HSM

I'm trying to implement the signature of a PDF document with a HSM but can not get me the valid signature , and no longer can be failing. I searched the various issues that exist on this but I do not see the problem with my code. I am using the…

pdf itext sign hsm

asked Jun 29 '16 at 11:40

Kike MC

votes

0 answers

HSM RNG - Compliance to FIPS 186-2

If the RNG of an HSM is said to be compliant to FIPS 140-2 (approved DRBG - SP 800-90 CTR mode) does also imply that it is compliant to FIPS 186-2 ? Thanks for your help.

security cryptography fips hsm

asked Jun 28 '16 at 20:51

Tarik GUELZIM

votes

1 answer

Oracle TDE cannot find new PKCS#11 library

I have previously used an Utimaco HSM with Oracle database, but I want to put pcks#11-spyorpkcs#11-logger` between the hsm. The Utimaco HSM library is working and I used this command: alter system set encryption key identified by…

oracle pkcs#11 hsm tde

asked Jun 07 '16 at 08:42

snorberhuis

3,108
2
22
29

votes

2 answers

Linking error for a C application using PKCS#11 API

I am trying to compile an example basic code that performs PKCS#11 initialization only but get following error; gcc pkcs11_example1.c -o pk -L /usr/lib64/pkcs11/opensc-pkcs11.so /tmp/cc8Dl0HE.o: In function…

smartcard pkcs#11 hsm opensc

asked May 10 '16 at 00:26

neutrino

votes

4 answers

EJBCA refuses to generate certificates with error : not allowed to use same key

We used a static value ‘usernameTest’ as username to request EJBCA to generate X.509 certifcates; after generating certificates using this satic username we changed it to a unique value identifiying uniquely each certificate (Since using a static…

certificate x509 hsm ejbca

asked Mar 25 '16 at 09:55

Ahmed MANSOUR

2,369
2
27
35

votes

1 answer

Pkcs11 x509 chain verification

I am currently implementing a secure channel setup with an HSM. The protocol is proprietary but uses standard crypto mechanisms (rsa sha) At a securre channel setup we receive a stack of certificates, with the last one the remote device personal…

x509 verify pkcs#11 hsm

asked Jan 31 '16 at 12:05

Rob Frohwein

votes

1 answer

Working with split secret key

I need to import splits of a secret key into a HSM device. A Key Encryption Key (KEK) 3DES key has been split for transport and need to be recombined in the destination HSM. How can this be done ? Are the splits actually being recombined in the…

hsm shared-secret

asked Jan 21 '16 at 09:35

BrJ

votes

1 answer

Thales Payshield command "JS"

Does anyone knows format of the "JS" command (ARQC Verification and/or ARPC Generation - CUP) in license HSM9-LIC031. The "JS" command is China Union Pay commands. I am using HSM, but i don't know the command format. The command looks like Command…

hsm

asked Jan 20 '16 at 10:30

taolinke

votes

1 answer

What does (118) Extract Object Option in the ckdemo utility do

I am using a Safenet Luna HSM 5.1. and I am trying to figure out if it is possible to extract a SecretKey from my HSM using ckdemo tools option #118 Extract Object. The whole point of the HSM is that it will be impossible to extract private keys…

secret-key hsm

asked Jan 18 '16 at 12:59

BrJ

votes

1 answer

Generate a ZMK Component only

I have seen the command that generates and also prints the ZMK component. The command is : Generate and Print a ZMK Component for which the Command Code is 'OC'. But I don't want it to be printed. But in 'OC' command it seems mandatory: Question: …

cryptography hsm

asked Dec 11 '15 at 07:08

Sadiq

votes

1 answer

Thales HSM - Windows cp 1252 succes / Linux UTF-8 Fail

I am working on TCP/IP Application with HSM Module Integration. My JAVA code was working fine in Windows 32 bit/JRE 32 Bit/IBM Websphere 7, When i upgrade to RedHat Linux-64 bit/JRE 64 bit/IBM webshere 8, If i sending below 127 length of the…

java linux utf-8 hsm

asked Oct 19 '15 at 08:28

user2372156

votes

1 answer

HSM KW command to validate ARQC

I am trying to send KW command to Thales HSM, the description for one of the field data is: ---------------------------------------------------------------- | PAN/PAN Sequence No | 8B | this field will be fixed at 8 bytes | …

encoding cryptography hex emv hsm

asked Oct 15 '15 at 03:52

Arnold Cristobal

votes

1 answer

Where to get the dcm4chee-hsm-s3.jar from?

I need to configure a near line storage for a dcm4chee server which contains some medical images. In order to do that It's required to have the dcm4chee-hsm-s3.jar file. It seems that this jar file has to be built out of the source. but I cannot…

amazon-s3 hsm dcm4che

asked Jul 17 '15 at 11:12

Asanga Dewaguru

1,058
2
16
31

Prev 1 2 3

…

27 28 Next