Stack Overflow
Stack Overflow

Questions tagged [amazon-cloudhsm]

Amazon Web Service's (AWS) CloudHSM is a cloud-based hardware security module (HSM) that enables easy generation and use of encryption keys on the AWS Cloud. CloudHSM can manage encryption keys using FIPS 140-2 Level 3 validated HSMs. CloudHSM offers the flexibility to integrate with applications using industry-standard APIs, such as PKCS#11, Java Cryptography Extensions (JCE), and Microsoft CryptoNG (CNG) libraries.

28 questions
4
votes
0 answers

How to access AWS cloudHSM from node.js application?

I want to access cloudHSM cluster from my VPC network via node.js application. My main usage is to manage crypto keys. I can't find APIs to manage keys in CloudHSM with node.js. I can only find these APIs to manage the CloudHSH…
Pupsik
  • 741
  • 3
  • 8
  • 25
2
votes
1 answer

AWS CloudHSM error on Windows Server: Certificate Request Processor: Provider type not defined. 0x80090017 (-2146893801 NTE_PROV_TYPE_NOT_DEF)

When generating a CSR on Windows Server using the AWS CloudHSM service, I obtain the following error: certreq.exe -new my-request.inf my-request.csr Certificate Request Processor: Provider type not defined. 0x80090017 (-2146893801…
Thomas BDX
  • 2,632
  • 2
  • 27
  • 31
2
votes
1 answer

AWS CloudHSM PKCS#11 with PKCS11Interop giving error for Wrap operation CKR_ARGUMENTS_BAD

I am using latest AWS cloud HSM and there PKCS vendor libraries with PKCS11Interop c# library. Trying to simulate there sample code for CKM.CKM_RSA_AES_KEY_WRAP from AWS PKCS Samples Gives below error while wrapping AES 256 Secret key. …
Pravin
  • 810
  • 1
  • 10
  • 17
1
vote
1 answer

Storing digital certificate in AWS Cloud HSM

My use case is to store digital certificate (issued by some certificate authority) in AWS Cloud HSM. I know we can store private key that signs the certificate. But is it possible to store full digital certificate itself? Can someone please share…
user12634860
1
vote
2 answers

EV code signing certificate along with cloud HSM

this sounds like a duplicate question but still I couldn't find a correct solution. Maybe a lack of knowledge in this domain. Anyway, I am using the EV code signing certificate along with a USB device from the COMODO provider, working fine. But just…
Abhishek Sharma
  • 23
  • 4
1
vote
0 answers

How to use cloudhsm java library

In the Amazon CloudHSM command line tools there is the command findKey which can take a bunch of different parameters to search for keys by type, class, label etc. The equivalent in the Java library would appear to be the…
Beeb84
  • 11
  • 1
1
vote
1 answer

com.cavium.provider.CaviumProvider error, I would need help to connect from my software in java to my aws hsm

i would like in my Java software to connect to my HSM (I have already configured the certificates on my aws linux interface and I managed to connect to it with the java -classpath "/opt/cloudhsm/java/*" org.junit.runner.JUnitCore…
Bilel Bouzeboudja
  • 31
  • 5
1
vote
2 answers

Is the Sunpkcs11 provider compatible with the AWS CloudHSM?

I am trying to work with an HSM (hardware security module) to store keys and to do cryptographic operations. I want to operate the HSM inside a java application. For this I need to use a compatible java JCE provider as a mapping layer between the…
Ooooof
  • 23
  • 1
  • 5
1
vote
1 answer

Unable to store secp256k1 generated private key using Amazoun CloudHSM Java Library

When I try to import a secp256k1 private key into my CloudHSM instance, I get the error "java.security.InvalidKeyException: The key is an instance of CaviumKey and cannot be imported." Importing a secp256r1 private key works fine. I'm using the…
John Quiwa
  • 11
  • 1
1
vote
3 answers

mage.exe manifest signing with certificate stored in AWS CloudHSM

I am attempting to sign a manifest using mage.exe with a certificate that is stored in Amazon CloudHSM. I have the Amazon CloudHSM Windows Client installed which adds the Cavium Key Storage Provider and the Cavium CNG Provider providers. I can sign…
MikeJansen
  • 3,336
  • 3
  • 26
  • 37
0
votes
0 answers

Using AWS CloudHSM on EC2 Github Runner

I have a Windows EC2 instance that is configured correctly to use CloudHSM. We can use signtool.exe on this machine without issue. I am now trying to automate some of our signing process with a github action. The machine is configured correctly as a…
Dave Conley
  • 1
0
votes
0 answers

Failed to create RSA keyPair in AWS CloudHSM

I am trying to create an asymmetric RSA 2048 keypair in AWS cloudHSM using 5.8.0 JCE provider. Initially the key was generated and failing to get publicKey getEncoded bytes. After generating couple of key with different key alias failed to generate…
Sajid Hussain
  • 400
  • 3
  • 10
0
votes
0 answers

How Can I create a ALT id for AWS cloudhsm?

how to create alt id parameter used here? Unable to figure out how to create ALT id parameter used in AWS cloudhsm
Chetan Agrawal
  • 1
0
votes
0 answers

Why the AWS local keystore file has symmetric and asymmetric keys?

I generated a keypair in Cloud HSM by giving a keystore file. I downloaded the keystore file and opened it in keystore explorer and I see symmetric and asymmetric key entries. As per AWS documentation, only the certificate corresponding to keypair…
arjunballa
  • 25
  • 3
0
votes
0 answers

How to sync AWS Cloud HSM keystore file across application on different aws instances?

Requirement: We have an application running on more than one instance in a cluster that uses key pairs, certificates, and symmetric keys which are preloaded in AWS Cloud HSM. What is the best way to provide the local keystore file which is created…
arjunballa
  • 25
  • 3
1
2