Login
    Contenu x
    Authentication Suite Server SDK SEE machine for PowerPCELF architecture
    • 23 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Authentication Suite Server SDK SEE machine for PowerPCELF architecture

    • Mis à jour le 23 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Since version 3.18.1.0, the Windows 64-bit and Linux 64-bit versions of Authentication Suite Server SDK for Entrust nShield HSM support the new Entrust nShield XC HSMs (Entrust nShield Connect XC/Solo XC).

    The signed Authentication Suite Server SDK SEE machine for new Entrust nShield XC HSMs and supporting both the SEE unrestricted and restricted activation features is part of the Authentication Suite Server SDK for Entrust nShield HSM package (Windows 64-bit and Linux 64-bit versions only). It is located in INSTALL_DIR/hsm/ppc-xc. This directory contains the signed SEE machine for the new Entrust nShield XC HSMs based on the new PowerPCELF architecture (Entrust nShield Connect XC/Solo XC), the text file containing hash of the SEE Code signing key used by OneSpan to sign the SEE machine, the ADDER certificate corresponding to the SEE machine, and an example script to generate the signed user data:

    • seemach_ppc-xc.sar: signed Authentication Suite Server SDK SEE machine for new PowerPCELF Entrust nShield XC HSMs.
    • seemach_hash.txt: hash of the OneSpan SEE code signing key that signed the SEE machine.
    • seemach.cert: ADDER certificate necessary if using the signed SEE machine with the SEE restricted activation feature.
    • build_userdata: example script to generate a signed user data file, to copy the signed SEE machine in the nfast key management data directory and to copy the ADDER certificate in the nfast feature certificates directory.

    OneSpan provides the signed Authentication Suite Server SDK SEE machine (seemach_ppc-xc.sar) allowing to support both the SEE unrestricted and restricted activation features.

    OneSpan strongly recommends using this Authentication Suite Server SDK SEE machine signed by OneSpan.

    The unsigned Authentication Suite Server SDK SEE machine (aal2sdk.elf) is also provided for customers not expecting to use the Authentication Suite Server SDK SEE machine already signed by OneSpan.

    To execute the build_userdata script, a customer’s SEE code signing key with key name “seesigningkey” will have to be created first (only once, see caution notice in Getting ready for using the Authentication Suite Server SDK SEE machine). You can use the KeySafe tool provided in the Entrust nShield software packages or the following command line:

    generatekey --generate seeinteg type=rsa size=2048 pubexp= recovery=yes nvram=no plainname=seesigningkey

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle