How to install safenet HSM drivers and software

HowtTos / December 16, 2019 / By:

This KB describes how to install SafeNet HSM driver and software for Red Hat 6.HSM is a crypto processor that is designed for the protection of the crypto key lifecycle. HSM stands for Hardware Security Module. You can check this link for HSM drivers.

Step 1: Download software and driver which is suitable for your HSM.

Step 2:Install packages

  • Kernel-devel
  • Kernel-Header
  • Gcc
  • Make

Step 3:Copy binary files and extract them

#unzip /tmp/SDKs.zip

[shell]# ls -ld *
drwxr-xr-x. 11 root root 4096 Jul 13 09:21 Linux
drwxr-xr-x. 11 root root 4096 Jul 13 09:22 Linux64
-rwx------. 1 root root 51656 Nov 6 2014 safeNet-install.sh
drwxr-xr-x. 11 root root 4096 Jul 13 09:22 Win32
drwxr-xr-x. 11 root root 4096 Jul 13 09:22 Win64 [/shell]

#chmod +x /tmp/safeNet-install.sh

Step 4:Run SafeNet script to start installation

#./safeNet-install.sh

IMPORTANT: The terms and conditions of use outlined in the software
license agreement shipped with the product ("License") constitute
a legal agreement between you and SafeNet Inc.
Please read the License contained in the packaging of this
product in its entirety before installing this product.

Do you agree to the License contained in the product packaging?

If you select 'yes' or 'y' you agree to be bound by all the terms
and conditions set out in the License.

If you select 'no' or 'n', this product will not be installed.

(y/n)
y

SafeNet Unix Installation Utility (version 5.0.0):
Hostname: TEST (Linux64 2.6.32-573.el6.x86_64)

Base for installation is /opt/safenet/protecttoolkit5

scanning CD ... please wait ... done
scanning system for installed packages ... please wait ... done
Checking links ... please wait ... done
SafeNet Unix Installation Utility (version 5.0.0):
Hostname: TEST (Linux64 2.6.32-573.el6.x86_64)
Main menu

1 list SafeNet packages already installed
2 list packages on CD
3 install a package from this CD
4 uninstall a SafeNet package
5 Set the default cryptoki and/or hsm link

q quit the utility

Select "3" for install binary and compile them.[

Main menu >> Install Menu

1 5.0.0 SafeNet ProtectToolkit FM SDK
2 1.0.0 SafeNet PPC FM Toolchain
3 5.0.0 SafeNet HSM Net Server
4 5.0.0 SafeNet Network HSM Access Provider
5 5.0.0 SafeNet PSI-E2 HSM Access Provider
6 5.0.0 SafeNet ProtectToolkit C Runtime
7 5.0.0 SafeNet ProtectToolkit C SDK
8 5.0.0 SafeNet ProtectToolkit J Runtime
9 5.0.0 SafeNet ProtectToolkit J SDK

Select "5" for start installation "PSI-E2 HSM Access Provider"

Install:
5.0.0 : SafeNet PSI-E2 HSM Access Provider
Any extra options for the installation program?
eg. --nodeps --noscripts []
installing ... please wait
Now running the following command:
rpm -U pci_hsm_access_provider/PTKpcihsm2-5.0.0-8.x86_64.rpm
Running post-install script ... please wait
Building VKD driver 6.1.0-1 ...

VKD: Loading Driver:
VKD: creating device files

Installation of the Luna PCI 6.1.0-1 vkd driver completed.

... done
Success!

After installation finished for Acces Provider start installation for "SDK"

Install:
5.0.0 : SafeNet ProtectToolkit C SDK
Any extra options for the installation program?
eg. --nodeps --noscripts []
installing ... please wait
Now running the following command:
rpm -U ptkc_sdk/PTKcpsdk-5.0.0-8.x86_64.rpm
Success!
scanning system for installed packages ... please wait ... done
SafeNet Unix Installation Utility (version 5.0.0):
Hostname: TEST (Linux64 2.6.32-573.el6.x86_64)
Main menu >> Install Menu

After install package create library.

Step 5:Create library file with sembolic links

for i in $(ls -ld /opt/safenet/protecttoolkit5/ptk/lib/*|awk '{print $9}'|cut -d '/' -f 7,7|grep lib); do ln -s /opt/safenet/protecttoolkit5/ptk/lib/$i /usr/lib64/$i; done

and also you need to unlic and re-create

If you install  HSM provider  version 5 and  SDK  version 3  you need to  link  this  one :

For  SDK  3:

# pwd
/opt/safenet/protecttoolkit5/ptk/lib
# unlink libcryptoki.so
# ln -sf /opt/safenet/protecttoolkit5/cpsdk/lib/linux-x86_64/libcthsm.so libcryptoki.so
#export  LD_LIBRARY_PATH=/opt/safenet/protecttoolkit5/ptk/lib/:/usr/local/lib:/usr/lib64:/opt/ETcpsdk/lib/linux-x86_64:/opt/ETcpsdk/lib/:/opt/Eracom/lib/

For  SDK 5:

# pwd
/opt/safenet/protecttoolkit5/ptk/lib
# unlink libcryptoki.so
# ln -sf /opt/safenet/protecttoolkit5/cpsdk/lib/linux-x86_64/libcthsm.so libcryptoki.so

Step 6:Check hsmstate and also config

# ./hsmstate
HSM device 0: HSM in NORMAL MODE. RESPONDING. Usage Level=0%

# pwd
/opt/safenet/protecttoolkit5/ptk/bin
[root@TEST bin]# ./ctconf

ProtectToolkit C Configuration Utility 5.0.0
Copyright (c) Safenet, Inc. 2009-2014

Current Adapter Configuration for Device 0:

Model : PSI-E2:PL1500
Batch : 0000
Manufacturing date: 19/03/2015 08:16:47
Serial Number : 488254
Adapter Clock : 13/11/2015 14:50:27 (+2:00)
Board Revision : 6.00
Firmware Version : 5.00.02
Cprov Version : 5.0
Hardware Status : BATTERY OK PCB v0 FPGA v0 EXT PINS 0
Free Memory : 90198016
SM Size Free/Total: 4077536/4091776
Temperature : 38 Deg C
Security Mode : Default (No flags set)
Transport Mode : None
FM Support : Enabled
FM Status : No FM downloaded yet
Open Session Count: 0
Number of Slots : 1
RTC Adjustment Access Control: Disabled

 

Tagged In:

I'm a IT Infrastructure and Operations Architect with extensive experience and administration skills and works for Turk Telekom. I provide hardware and software support for the IT Infrastructure and Operations tasks.

205 Total Posts
Follow Me

Related Post

How to Install safenet Software HSM ?
November 30, 2019

How to Install safenet Software HSM ?

How to install safenet driver on Red Hat linux
December 09, 2019

How to install safenet driver on Red Hat linux

How to install safenet HSM drivers and software
December 16, 2019

How to install safenet HSM drivers and software