Stack Overflow
Stack Overflow

Questions tagged [safenet]

30 questions
0
votes
0 answers

Signature verification returns C0(CKR_SIGNATURE_INVALID)

I am trying to generate key pair using safenet sdk. Then I tried to sign the certificate informations with private key and verify using public key. But, the verification says signature is invalid. I checked whether generated public key and public…
ahad alam
  • 69
  • 7
0
votes
0 answers

Can we create certificate sign request (CSR) using HSM(Safenet) in Objective C or Swift?

I am trying to create csr in swift, given that i am creating key-pair in safenet dongle using their sdk. I am trying to do the csr generation in native code.In my sdk source code, some of the mechanisms are missing(for example PKCS_ENCODE_10,…
ahad alam
  • 69
  • 7
0
votes
0 answers

Signature is invalid when it is added to csr. signature is created using safenet's sdk

We have generated public key and private key using below code. Then tried to sign the certificate information using the signn method to create the signature of csr. In sign method, generateKeyPairUtil method is called only to get the private key…
ahad alam
  • 69
  • 7
0
votes
0 answers

Which approach i should follow to save private key in USB dongle(Safenet Dongle)

My goal is to store private key in USB Dongle and then sign csr using this private key. I can follow 2 ways: Firstly, i can generate key pair and store them in mac's keychain. Then I will export the private key to Dongle. Meanwhile, I can also…
ahad alam
  • 69
  • 7
0
votes
1 answer

Establish SSL/TLS Connection using Certificate present in Thales Luna HSM

I am trying to setup a Netty Server with HTTPS enabled. In order to establish the SSL/TLS connections, I need to fetch the certificiate from Safenet Luna Network HSM and pass that Cert to Netty's SSL Context. I have generated a keypair in the Luna…
Akash Maharana
  • 1
  • 1
0
votes
0 answers

Wrapping key for Import to Google KSM for HSM EV code signing

Google states the advantage of using their Key Management System (KMS) to deliver hardware key security with HSM is that you can use an EV code signing certificate in CI (for example, in GitHub actions). When importing a code signing key to Google…
T Mack
  • 950
  • 3
  • 12
  • 27
0
votes
0 answers

Export an EV code signing certificate from eToken as .pem

In order to use an EV certificate for CI, GitHub actions offers this action: https://github.com/marketplace/actions/authenticode-cloud-signer This takes advantage of Googles Key Management System (KMS) to deliver hardware key security with HSM. The…
T Mack
  • 950
  • 3
  • 12
  • 27
0
votes
1 answer

Unable to use Private Key from HSM to decrypt message

I am trying to decrypt a message that has been encrypted with our public key, using Private Key stored on Luna HSM as under: Connecting To HSM: private void connectToHSM() throws Exception { try { ks = KeyStore.getInstance("Luna"); …
swapnill
  • 1
  • 2
0
votes
2 answers

PKCS#11: Encryption of multiple plaintext

I want to encrypt a large number of plaintext using PKCS#11 and SafeNet HSM devices. It will take a long time when I encrypt each plaintext one by one. So It came to my mind if there are any methods in PKCS#11 which can encrypt several data at…
VSB
  • 9,825
  • 16
  • 72
  • 145
0
votes
0 answers

How to read Data Object with IAIK wrapper 1.6.2

my issue is I was using following versions of IAIK with Tokens Provider : 1.5 Wrapper :1.4 JCE : 5.25 Safenet PKCS11 drivers : 10.2 Now I wpould like to use latest version : Provider : 1.6.2 Wrapper :1.7 JCE : 5.62 Safenet PKCS11 drivers : 10.8…
Sofiane
  • 908
  • 4
  • 19
  • 45
0
votes
0 answers

Hyperledger fabric peer connection with HSM fails randomly after running for a while

Good day, We have an integration between an HSM Luna 6.3 and Hyperledger Fabric, we use Luna to store the private keys of peers and orderers. The integration works fine but after a while running we are getting this error in the peers: [34m2021-04-26…
Ana Franco
  • 1,611
  • 3
  • 24
  • 43
0
votes
0 answers

PKCS11 translate ciphertext under different key

I'm using PKCS11 network HSM (Safenet). I have data which is encrypted under key #1. I want to use HSM to protect it securely under key #2 without ever exposing data in plaintext outside HSM. Both key #1 and key #2 are available to me as handles…
jozols
  • 560
  • 7
  • 22
0
votes
1 answer

Configure Safenet Luna EFT HSM to allow ISO-0 to ISO-1 pin translation

As the title states I need to be able to convert an ISO-0 formatted encrypted pin block to ISO-1 format using a Safenet(Gemalto) Luna EFT. I am connecting over TCP/IP and sending commands formatted per programmer's guide. I am using PIN-TRANSLATE-2…
Alwyn Schoeman
  • 467
  • 7
  • 13
0
votes
0 answers

generate RSA key in pkcs11 hsm

I use Safenet HSM in my software for generate and keep the the key. After each time run the software generate key in HSM but after each time the key is same. The HSM generate same key for Infinite run the software. Why? I use this attribute for HSM…
Sarah
  • 21
  • 1
0
votes
2 answers

Windows 10 EV code signing no longer works on electron app

I have an electron app. Pretty basic app. It doesn't use ffmpeg for anything it does play an mp3 chime from time to time. I build my app with electron-forge using squirrel format. I then sign it using the SafeNet Authentication app. It's always…
SoOhNo
  • 41
  • 4
1
2