hsm

I bought a NitroKey HSM and manged to create an EC on it. Now I want to derive a shared secret. I found Pkcs11Interop , which seems to be the right tool for the job, but the handling is unclear. A code snipplet or link to a working project would be very appreciated. You can take a look at Pkcs11Admin application for a real world sample using Pkcs11Interop library. As far as I remember NitroKey HSM should be used with OpenSC middleware so your unmanaged library implementing PKCS#11 API will be opensc-pkcs11.dll . I believe these resources might be helpful for you: Getting started with

Our application needs to interact with SafeNet HSM through Luna JSP api using java. We tried the following and were able to connect LunaSlotManager slotManager = LunaSlotManager.getInstance(); slotManager.login(password); But my question is that in my program I didn't give any IP Address of the HSM device. Then how does it detect and connect? Any API calls to the Safenet Luna API will interact with the Safenet client software which is installed on your local machine. This client software handles the actual network connection to the HSM. The details for which HSM(s) the client software can

This question was migrated from Information Security Stack Exchange because it can be answered on Stack Overflow. Migrated 8 years ago . Hei, The question is not really about Ncryptoki but i didnt know anywhere else to ask.. so if anybody can help please help me. Im tryng to generate AES key and heres the code what i have right now: CK_MECHANISM keyGenMech = new CK_MECHANISM(CKM.AES_KEY_GEN); CK_ATTRIBUTE[] template = { new CK_ATTRIBUTE(CKA.CLASS, CKO.SECRET_KEY), new CK_ATTRIBUTE(CKA.TOKEN, CK_BBOOL.TRUE), new CK_ATTRIBUTE(CKA.SENSITIVE, CK_BBOOL.TRUE), new CK_ATTRIBUTE(CKA.VALUE_LEN, 32),

I have a client-server architecture in my application that uses SSL. Currently, the private key is stored in CAPI's key store location. For security reasons, I'd like to store the key in a safer place, ideally a hardware signing module (HSM) that is built for this purpose. Unfortunately, with the private key stored on such a device, I can't figure out how to use it in my application. On the server, I am simply using the SslStream class and the AuthenticateAsServer(...) call. This method takes an X509Certificate object that has its private key loaded, but since the private key is stored in a

I'm looking for a framework that provides execution of hierarchical state machines (HSMs). These are the requirements for the framework: Conforms to UML state machine semantics (as much as possible) Supports at least run-to-completion semantics hierarchical states entry and exit actions transition actions guards events with custom parameters Is object-oriented or does at least not prohibit OO designs The target platform is an medium- to large-sized embedded system with an OS. Do you know a framework that fulfills the above requirements? What are the pros and cons of your framework? Check out

I often use openssl to generate RSA key and certificate. But now i encounter a problem. openssl x509 -req require private key as input. But now we're using HSM to protect private key and I'll never be able to touch the private key. In this way how do i suppose to generate a x509 certificate? I've seen some HSMs come with their own support programs ready to use for a variety of things including key generation and cert or CSR creation, or make them available (for example on the vendor website); did you check for that? Assuming that isn't a (good) option: You don't identify your HSM; there are