Login
    Contenu x
    Authentication Suite Server SDK SEE machine for PowerPCSXF architecture
    • 23 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Authentication Suite Server SDK SEE machine for PowerPCSXF architecture

    • Mis à jour le 23 Jan 2025
    • 1 Minute à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    The signed Authentication Suite Server SDK SEE machine for former Entrust nShield HSMs and supporting both the SEE unrestricted and restricted activation features is part of the Authentication Suite Server SDK for Entrust nShield HSM package. It is located in INSTALL_DIR/hsm/ppc. This directory contains the signed SEE machine for the former Entrust nShield HSMs based on the former PowerPCSXF architecture (Entrust nShield Connect/Connect+/Solo/Solo+), the text file containing the hash of the SEE code signing key used by OneSpan to sign the SEE machine, the ADDER certificate corresponding to the SEE machine, and an example script to generate the signed user data:

    • seemach_ppc.sar: signed Authentication Suite Server SDK SEE machine for former PowerPCSXF Entrust nShield HSMs.
    • seemach_hash.txt: hash of the OneSpan SEE code signing key that signed the SEE machine.
    • seemach.cert: ADDER certificate necessary if using the signed SEE machine with the SEE restricted activation feature.
    • build_userdata: example script to generate a signed user data file, to copy the signed SEE machine in the nfast key management data directory and to copy the ADDER certificate in the nfast feature certificates directory.

    OneSpan provides the signed Authentication Suite Server SDK SEE machine (seemach_ppc.sar) allowing to support both the SEE unrestricted and restricted activation features since VACMAN Controller for Thales nShield HSM 3.17.0.0.

    OneSpan strongly recommends using this Authentication Suite Server SDK SEE machine signed by OneSpan.

    Previous versions prior to 3.17.0.0 were only providing an unsigned SEE machine (aal2sdk.sxf) not supporting the restricted activation feature. This unsigned SEE machine is still provided into the package for customers not expecting to use the Authentication Suite Server SDK SEE machine signed by OneSpan.

    To execute the build_userdata script, a customer’s SEE code signing key with key name “seesigningkey” will have to be created first (only once, see caution notice in Getting ready for using the Authentication Suite Server SDK SEE machine). You can use the KeySafe tool provided in the Entrust nShield software packages or the following command line:

    generatekey --generate seeinteg type=rsa size=2048 pubexp= recovery=yes nvram=no plainname=seesigningkey

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle