Hello guys,
I just release v2 version where you can use Nitrokey HSM 2 to encrypt/decrypt data remotely.
The utility tool integrates with Post Quantum Cryptography to secure request.
- Company
- News
- Products
- Solutions
- Support
- Shop
Appreciate sharing your code.
Here for context the link to the description from the github repo.
As here most people are quite interested in security, maybe please add description how to recreate your POC by building the code yourself. Or generate it in a GitHub Action so that people can inspect where the binaries in the repo come from and do not need to blindly trust them.
Thanks, I will likely reconsider releasing the source code as security is a sensitive topic. At the moment, the utility tool now supports both the Sign and Verify functions, which use RSA from the HSM device.
Hi guys,
I don’t seem to have an option to edit my previous post.
But here’s the update list:
- The repo has been updated, v1 no longer available as its web-based call, moving forward, request will be protected by PCQ and AES 256 via GRPC.
- The server executable has been upgraded to support NGROK, which means that, there’s no need to configure the device to have static IP, as it will use tunnelling mechanism. It can support TCP address (paid version), see config.xml.
- The client executable has been updated to have an option to forward cipherText on URL defined on config.xml. So technically, using workflow automation platform like Make, the request can be chained to add the cipherText to google sheet or other service.
The next update would likely to support the Raspberry PI 5 version, but it would be scheduled months from now as I don’t have Raspberry PI 5 yet.
Thanks,
Mark
As now only binaries are in the repo, I don’t think that anyone working with HSMs will execute them on their systems. Please provide the code so that people could inspect what the tool does and that they can compile it themselves.
Yes, only binaries for now. I’ve uploaded both the client and server for virus check. It’s clean.
client: VirusTotal
server: VirusTotal