Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 13 May 2012 08:39:07 +0100
From:      Matthew Seaman <matthew@FreeBSD.org>
To:        mahdieh salamat <mahdieh.salamat@gmail.com>
Cc:        freebsd-security@FreeBSD.org
Subject:   Re: HSM in FreeBSD
Message-ID:  <4FAF651B.6090407@FreeBSD.org>
In-Reply-To: <CAL5m1BvySGzf8PR9=WYxssyPysvzbFTMtu4v1HU1wN_DNyC=AA@mail.gmail.com>
References:  <CAL5m1BvySGzf8PR9=WYxssyPysvzbFTMtu4v1HU1wN_DNyC=AA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig349BC7187B4CE06D4540DF8B
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 13/05/2012 06:58, mahdieh salamat wrote:
> Hi all. I want to use a HSM pc card for security in my system. Can I us=
e it
> in FreeBSD? FreeBSD support this cards?

I take it you mean a 'Hardware Security Module' and not 'Hierarchical
Storage Management' ?

You'ld have to tell us the make and model number of the card (ideally
with pointers to the manufacturers website showing technical specs if
you can.)  Hardware is not generally supported by specific function, but
per manufacturer or per chipset.  Also, there's no guarantee that all
the functions of a particular card are supported, but once we've pinned
down what drivers etc. will be used for that hardware, the documentation
should cover that.

Having said that, I believe that OpenSSL provides an API for accessing
many of these sorts of devices, so if OpenSSL supports it, then you're
probably in luck.  A keyword here is 'cryptoki' (meaning cryptographic
token interface) -- that's the standard that OpenSSL implements.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey



--------------enig349BC7187B4CE06D4540DF8B
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+vZSMACgkQ8Mjk52CukIxhJwCeKULVn35F/zJoVgrFTkv+7Egs
DjMAniRzQdZjUawS7+XayM7S1KKfLWsS
=dyDz
-----END PGP SIGNATURE-----

--------------enig349BC7187B4CE06D4540DF8B--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FAF651B.6090407>