Back to articles
Back to Index

Posted on 18 June 2019 by in payShield HSM

 

Product Release: Luna EFT Payment HSM version 2.3.1

Gemalto is pleased to announce the release of version 2.3.1 of the Luna EFT Payment HSM.

This release of Luna EFT Payment HSM introduces key features expanding the HSM’s capabilities in terms of backup, key handling and support of the latest payment standards. This includes:

Keys Backup/Restore using eToken
Backup/Restore HSM keys/key components using eTokens in addition to smartcards.
Refer to the “eToken Key Transfer” section in the Console Guide for details.

KCV View on Luna EFT Web Console
Added functionality to view the Key Checksum Value (KCV) of the keys stored in the HSM on the Luna EFT Web Console.
Please refer to the “KCV View” section in the Luna EFT Payment HSM Administration Console Guide for details.

RSASSA-PSS Algorithm
The following host functions are enhanced to support RSASSA-PSS algorithm:

  • SIGN-DATA (EE9005)
  • VERIFY-SIGNED-DATA (EE9006)

RSA OAEP and PKCS#1.5 Algorithm
The functions are enhanced to support OAEP and PKCS#1.5 algorithm:

  • PUBLIC-KEY-OPERATIONS (EE9009)
  • PRIVATE-KEY-OPERATIONS (EE9010)

Updated Host Functions
4096 bit RSA Keys
The following host functions are updated to support 4096 bit RSA keys:

  • GENERATE-RSA-KEY-PAIR (EE9001)
  • IMPORT-PUBLIC-KEY (EE9003)
  • SIGN-DATA (EE9005)
  • VERIFY-SIGNED-DATA (EE9006)
  • PUBLIC-KEY-OPERATIONS (EE9009)
  • PRIVATE-KEY-OPERATIONS (EE9010)
  • IMPORT-RSA-PRIVATE-KEY (EE9013)

Host function EE9013 is updated to support key type Sign and Certificate. This host function is also enhanced to support key length from 512 to 2048 bits.

FPE-CRYPTO-SET (EA000D)
Host function EA000D is updated to support the following alphabets:

  • Alphabet Index 2 (Base 15)
  • Alphabet Index 3 (Track 1)
  • Alphabet Index 4 (Track 1 FPE alphabet name)

Backup/Restore RSA Key Pair and Certificate for SSL
SSL key pair and certificate can be backed up using Smart card or eToken.

Host Stored RSA Key Generation extended up to 4096 bit Keys
Host stored RSA keys can be generated up to modulus length of 4096 bit keys using the Lush console.

Please go to the SafeNet Support Portal* to download the EFT 2.3.1 Software Release and the Customer Release Notes (use Document Number: KB0019300).

*Log in required.  Contact CustomerPortalSupport@Gemalto.com for assistance.