Back to articles
Back to Index

Posted on 04 December 2018 by in ProtectServer HSM

 

ProtectServer ProtectToolkit 5.7 Released

Gemalto is very pleased to announce the release of ProtectToolkit 5.7. This release, compatible with all ProtectServer 2 models, provides the following new features and enhancements:

Multifactor Authentication

SafeNet ProtectToolkit 5.7 now supports multifactor authentication using the SafeNet 110 OTP (One- Time Password) Token. This authentication scheme adds another layer of security by requiring both the memorized token PIN and a 6- digit number randomly generated by the SafeNet 110 OTP Token.

USB API Support for FMs

On Linux clients, you can now use the USB API to write applications that can interact with the HSM via the card USB port. This functionality can include:

  • Wrapping of PKCS objects and storing them on a USB flash memory drive
  • Backup of SMFS stored key (non- PKCS keys)

The USB API works with your custom FM to enable the desired functionality.

Secure Package Updates

On SafeNet ProtectServer Network HSM and Network HSM Plus shipped with SafeNet ProtectToolkit 5.7, you can now update the appliance software image to future releases by applying a secure package provided by Gemalto.

Ed25519 Curve Support

The ed25519 curve has been added to SafeNet ProtectToolkit 5.7 for sign/verify operations. Ed25519 uses a new key type, CKK_ EC_ EDWARDS , and the set of new EDDSA sign/verify mechanisms.

AES CCM Support

SafeNet ProtectToolkit 5.7 introduces the AES_ CCM mechanism, described at https://tools.ietf.org/html/rfc3610.

OpenSSL Library Supporting Big Numbers

The FM- SDK now includes a pre- compiled OpenSSL library ( libfmbn ), which allows support for Big Numbers in FMs. Use the FM sample ssldemo as a reference to use this library with your FMs. OpenSSL documentation can be found at https://www.openssl.org/ .

New in Firmware 5.04.00

Along with supporting the above new features, the following new mechanisms are available in firmware 5.04.00:

  • CKM_ AES_ CCM
  • CKM_ EC_ EDWARDS_ KEY_ PAIR_ GEN
  • CKM_ EDDSA 
  • CKM_ SHA1_ EDDSA
  • CKM_ SHA3_ 256_ EDDSA
  • CKM_ SHA3_ 384_ EDDSA
  • CKM_ SHA3_ 512_ EDDSA
  • CKM_ SHA224_ EDDSA
  • CKM_ SHA256_ EDDSA
  • CKM_ SHA384_ EDDSA
  • CKM_ SHA512_ EDDSA

Firmware 5.04.00 also contains all of the fixes from version 5.03.01.

Please go to the SafeNet Support Portal**to download the release notes – details as follows:

  • Release notes – Knowledge Base Article KB0018272
  • PTK 5.7 Software (PTK-C;PTK-J;PTK-M) – Doc ID: KB0018273 / DOW0003317
  • PTK 5.7 Documentation – Doc ID: KB0018274 / DOW0003318
  • Firmware Version 5.04.00 – Doc ID: KB0018276 / DOW0003320

**Log in required.  Contact CustomerPortalSupport@Gemalto.com for assistance.