Skip to main content
782 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
0 answers
18 views

I want to create a CSR and later a certificate, and both must be signed by a private key stored in an HSM, accessed through PKCS#11 using the python-pkcs11 library. from cryptography import x509 from ...
Hyfo36z's user avatar
  • 49
0 votes
1 answer
69 views

I'm developing SOAP envelope signing code in a Java environment. My code running properly when I use the RSA_SHA256 signature algorithm with proper smart card based pkcs11. I have another smart card ...
Cemil Bozlagan's user avatar
  • 11
0 votes
0 answers
87 views

When I try to execute PKCS#11 functions (with python-pkcs11 and ykcs11) inside a Docker container, it fails in decrypt with DeviceError. This is the code: with get_pkcs11_token().open(user_pin=pin) as ...
Viatorus's user avatar
  • 1,903
1 vote
1 answer
120 views

I'm trying to create an app where the user will fill a form and a PDF template will be filled with that info, then get digitally signed and sent via e-mail. I have been trying to sign with PyHanko, ...
Javiooli's user avatar
  • 21
0 votes
0 answers
81 views

I'm trying to improve my document signing process using PKCS11, but I'm having a problem. No matter how many attempts I made, I could not resolve the relevant error. Net.Pkcs11Interop.Common....
Halil İbrahim AYHAN's user avatar
  • 11
4 votes
3 answers
221 views

As a long-time user of Install4J, I appreciate its robust, direct implementation of code signing since version 5.1, which leverages open standards and eliminates the need for external tools like ...
HeatZync's user avatar
  • 379
0 votes
0 answers
62 views

I tried to sign PDF with nodejs using pkcs11js connect to HSM for signing. The result of certificate show as picture and has been transcribed as follows: This file claims compliance with the PDF/A ...
beolloed's user avatar
  • 1
1 vote
1 answer
87 views

The question is about where session objects are created and stored - on a token or in RAM of an application that uses a pkcs11 library? It seems that pkcs11 specification does not differentiate them ...
user77777777's user avatar
  • 29
0 votes
0 answers
82 views

I am working on a project that uses OpenIdDict für user authentication, thus, generating and validating JWTs (Java web tokens, HTTP header "Bearer"). Currently, the prototype relies on a ...
Ingmar's user avatar
  • 2,728
-2 votes
1 answer
87 views

public static byte[] DoSignXML_old(string inputfile, HSMProperties pro, ref ISession session) { try { // Load the XML document XmlDocument XDoc = new XmlDocument(); ...
nits_tech's user avatar
  • 1
2 votes
1 answer
544 views

I would like to create and store my own root certificate on a smart card using the P-256 ECDSA encryption algorithm (secp256r1). I managed to open access to the certificates created so far on the card ...
Marogo's user avatar
  • 45
0 votes
0 answers
43 views

I am writing a demo to generate and store key pair in tpm device on linux (ubuntu) by nss and pkcs#11. I've added the tpm2-pkcs11 module to nssdb, like: time@PF2CMPHV:~$ modutil -list -dbdir sql:/home/...
yanran's user avatar
  • 63
0 votes
0 answers
76 views

I am writing an application for digital signature using PKCS#11. The Certum token works on JRE 1.8.0_333 (32-bit) and JRE 1.8.0_441 (32-bit). The CenCertum token works on JRE 1.8.0_333 (32-bit), but ...
Mateusz's user avatar
  • 83
0 votes
0 answers
217 views

I have a dotnet8 console app that works fine with SoftHsmv2 on windows. I then dockerised the console app with softhsm installed & intialised during docker build as below: #noble tag for Ubuntu 24....
user1912383's user avatar
  • 379
0 votes
1 answer
246 views

I want to sign a PDF file using a digital signature from a USB token (containing the private and public keys). When I try to achieve this using PKCS11.dll, the system detects an error and throws a '...
Sethu Raman's user avatar
  • 1
0 votes
2 answers
625 views

Connecting to Luna Cloud HSM I am able to add a RSA private key to the HSM (either by cmu importkey or by cmu gen) and the command-line tool cmu list displays this key from the server. I am connecting ...
wi2ard's user avatar
  • 1,595
1 vote
1 answer
549 views

I would like modify a software which was written in Java. The software should be able to create public and private keys on a HSM and also be able to delete them. I would like to do these tasks by ...
Bill's user avatar
  • 11.9k
0 votes
2 answers
460 views

I am getting CKR_TEMPLATE_INCONSISTENT error while trying to create a key on the hsm. I am using PKCS11 C# wrapper. public void GenerateKeyByName(ISession session, string keyName, string keyContent,...
Usama Alam's user avatar
  • 23
2 votes
0 answers
145 views

Error: SSL_do_handshake() failed (SSL: error:41800082:PKCS#11 module::Object handle invalid error:0A080006:SSL routines::EVP lib) while SSL handshaking, client: 127.0.0.1, server: 0.0.0.0:10001 I am ...
Hyfo36z's user avatar
  • 49
0 votes
1 answer
237 views

I am trying to sign a byte string using the c_sign function from pkcs and I am trying to verify it using RSA.verify() function in ASP.net, but for some reason its failing. I am using 2048 bit RSA keys ...
Ajith Nair's user avatar
  • 3
0 votes
1 answer
227 views

I am using AWS HSM. Followed the AWS HSM Setup guide foor FIPS Mode HSM. Installed CloudHSM Command Line Interface (CLI), Created a user called crypto-user by By logging in to HHSM using CloudHSM CLI. ...
Shruthi Mohanan's user avatar
  • 1
0 votes
1 answer
192 views

I have developed a worker service in C# Core that signs files using a certificate stored in a USB token with PKCS11Interop. The service creates two Tasks, each intended to sign files with a different ...
Fatih POLAT's user avatar
  • 25
-1 votes
1 answer
120 views

I try to open new session to softhsm2. let pkcs11 = Pkcs11::new( env::var("PKCS11_SOFTHSM2_MODULE") .unwrap_or_else(|_| "/usr/lib/softhsm/libsofthsm2.so"....
Hyfo36z's user avatar
  • 49
5 votes
1 answer
915 views

I am relatively newbie to these technologies and I am a bit lost about what to do with the error message I currently face. To put things right, I have an embedded system running Linux 5.10 on which I ...
Zapoux's user avatar
  • 177
0 votes
2 answers
399 views

I am trying to configure SSL in nginx.conf, and it needs to load the key from softhsm instead of file. Here is the file /etc/nginx/nginx.conf user nginx; worker_processes 1; error_log /var/log/...
Hyfo36z's user avatar
  • 49
1 vote
1 answer
942 views

There are several objects in the softhsm as bellow. $ sudo pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --list-objects -l Using slot 0 with a present token (0x74a6136e) Logging in to "...
Hyfo36z's user avatar
  • 49
0 votes
1 answer
348 views

I want to use a Hardware Security Module (HSM) to sign a string. Specifically, I am using the ePass3003Auto to do so. I have stored the certificate in the HSM, which I have it's private key. Using the ...
Ahmad Badkoubehei's user avatar
  • 412
1 vote
0 answers
82 views

I am using the pkcs11interop to create the session for a token and force the "Digital Signature PIN logon" popup to appear for user. but wrong popup shows "Token logon": but this ...
Csaba Farkas's user avatar
  • 11
0 votes
0 answers
73 views

Anyone knows how to link a PKCS#11 interface specific SoftHSM - https://github.com/Zeno-sole/softhsm2/blob/master/README.md in CMakeList.txt. Basically, I want to build my application (which needs ...
Shreenivas C Boodi's user avatar
  • 1
2 votes
1 answer
2k views

My problem: I try to use an RSA key via pkcs11 uri, stored into external sql file created by tpm2_ptool. My goal is to create an Certificate-Sign-Request (CSR). I get the follow error message: Could ...
TR-eenet's user avatar
  • 31
1 vote
0 answers
515 views

What we try to do: We try to use curl to create an https connection to backend by using TPM2 with internal key. The only way sems to use an PKCS11-URI like "pkcs11:model=SLB9670%00;manufacturer=...
TR-eenet's user avatar
  • 31
-1 votes
1 answer
354 views

I am successfully using Pkcs11Interop 5.1.2 library for digital signing using PKCS#11 Driver Library acospkcs11.dll. But when using the ChilkatDnCore 9.50.97 library (License purchased), when I call ...
Victor Tucan's user avatar
  • 1
0 votes
1 answer
288 views

I have a Nitrokey HSM 2 which I am using python-pkcs11 to interface with via a Python3 program. I have an object of class type pkcs11.ObjectClass.DATA on the HSM whose Attribute.VALUE I would like to ...
btaz's user avatar
  • 117
1 vote
1 answer
130 views

I am using iaikPkcs11Wrapper_1.6.2.jar to encrypt/decrypt using Utimaco HSM. Operations are working fine but after some idle time, when I request for encrypt/decrypt then I am getting TokenException ...
Manjunath Kotagi's user avatar
  • 11
-1 votes
1 answer
358 views

I am trying to create a websocket client in my c++ project. i was trying to use libwebsockets library to implement the same. websocket server is ssl enabled. I got this working by hard coding the ssl ...
Manu Nair's user avatar
  • 1
1 vote
0 answers
165 views

I am trying to sign my OCSP builder to create a valid OCSP response for client use. However I'm receiving this error when I try to sign my response builder: 'ERROR': "PKCS#11 Error: Unknown ...
Harry Lubbe's user avatar
  • 11
0 votes
1 answer
645 views

I have used public static void signContent(String cfgFilePath , String alias ,String tokenPassword , String inputFile , String outputFile){ try { CMSSignedDataGenerator ...
Karthick S's user avatar
  • 1
1 vote
2 answers
162 views

I am getting familiar with PKCS11 and using PKCSInterop. For now, I only want to check the tokens I created on my OS (arch linux) with softhsm2-util. I installed PKCS11Interop through Nuget, which I ...
DaniWein's user avatar
  • 95
0 votes
0 answers
598 views

I'm trying to create a function in nodejs for digital signature from smart card for signing pdf documents in pades format. I used the pkcs11js library to retrieve the certificate and private key. I ...
Carmine's user avatar
  • 155
0 votes
1 answer
289 views

I want to use Python to connect to the ePass3003 token to sign a string or data from JSON and sign it (everything I want to sign, I said JSON as an example) I know that it is not possible to extract ...
aisha's user avatar
  • 1
0 votes
1 answer
339 views

I'm making a CGO code that uses PKCS11 and after enabling CGO and some errors, tests and corrections I've found a new error that I never seen. It doesn't matter if I use "go build" or "...
VictorFM's user avatar
  • 29
1 vote
1 answer
546 views

I'm trying to use this package using Golang but doesn't matter what I do I always receive the same Undefined errors in New, Mechanism and NewMechanism. I've already checked the environment variables ...
VictorFM's user avatar
  • 29
2 votes
3 answers
3k views

I am able to sign my Windows EXEs on Windows using SAC and singtool.exe. But this requires a Windows machine which I don't have readily available access to. I primarily work on Linux and the Sectigo ...
nicorellius's user avatar
  • 4,163
2 votes
1 answer
1k views

I want to write a python script that lists to the user all the certificates that are on the PKCS11 USB token. When the user selects the desired certificate, the script needs to sign the input pdf ...
xenax's user avatar
  • 69
0 votes
0 answers
843 views

I am writing a java program that needs to read a USB Token Flash Private Key to do something, but I got stuck in the first phase of this program and it throws Error like this: Exception in thread &...
Farshid's user avatar
  • 9
1 vote
2 answers
1k views

I'm trying to sign EXE files with osslsigncode, my cert and key are on a Safenet Hardware token which the system is able to read : :~# pkcs11-tool --module /usr/lib/pkcs11/libeToken.so --login --list-...
Ben74's user avatar
  • 61
1 vote
0 answers
139 views

I have an application running on Linux which needs to generate derived key with ECDH. I get ephemeral public key and KDF parameter and need to return derived key data. This will be matched against ...
chailatte's user avatar
  • 11
1 vote
1 answer
232 views

I'm trying to get greengrass working with a SLB9670 tpm, and can't seem to get it working no matter what I try. All documentation online seems incorrect or deprecated in relation to this process. This ...
Joshua S's user avatar
  • 9
0 votes
0 answers
143 views

Session logic implemented with IAIK seems to be on top of token, but in case of Virtual Slot (like Luna HSM High Availability) where there is no token present how to obtain a session via the IAIK Java ...
Venkat's user avatar
  • 19
4 votes
0 answers
4k views

I'm trying to run openssl in combination with a PKCS#11 hardware security module (currently trying with Yubikey 5). All documentation and tutorials I find tell me that I have to use OpenSC as "...
Georg P.'s user avatar
  • 3,274

1
2 3 4 5
16