Client Package Contents
Tip
Luna Cloud HSM Services provisioned through the Thales Data Protection on Demand marketplace user interfaces refer to a service client. Luna Cloud HSM Services provisioned through external marketplaces user interfaces refer to a partition client. The documentation refers to these components as the client.
The client is a configurable software used to bind to and communicate with a Luna Cloud HSM Service partition over the internet. The client package is a .zip file that contains system information for a bound HSM partition that is generated on the DPoD server when you create a Luna Cloud HSM Service.
Note
The client downloaded from the Luna Cloud HSM Service is a minimal client package. It does not contain Luna Universal Client utilities such as the Luna Software Development Kit (SDK), or pscp. To use these tools with the Luna Cloud HSM Service you must complete the Luna HSM Client Software Installation and configure the client to communicate with the Luna Cloud HSM service as describe in Adding a Luna Cloud HSM Service.
The client
The client includes a client archive file containing a set of cryptoki library and binary files, along with pre-configured configuration files for each operating system. The Chrystoki.conf file is for Linux and the crystoki-template.ini file is a template for Windows' crystoki.ini file. The following items are included in the client zip:
Contents of the client zip
- Chrystoki.conf
- crystoki-template.ini
- cvclient-min.tar
- cvclient-min.zip
- EULA.zip
- lch-support-linux-64bit
- lch-support-win-64bit.exe
- partition-ca-certificate.pem
- partition-certificate.pem
- server-certificate.pem
The client cvclient-min.x compressed folder has separate components depending on the operating system.
The cvclient-min.zip contains the necessary components for the Windows client installation.
Contents of the client ZIP (cvclient-min.zip)
| Directory/File | Description |
|---|---|
| .\csp | Contains required CSP file(s). |
| .\csp\keymap.exe | Executable to migrate to MS CSP and retain keys held on the HSM. |
| .\csp\LunaCSP.dll | Executable to migrate keys between Luna HSM and Luna Cloud HSM Service. |
| .\csp\ms2luna.exe | Executable to migrate keys from an MS CSP already existing on the Windows system to the HSM. |
| .\csp\register.exe | Executable to register the CSP library with the Windows system. |
| .\ksp\kspcmd.exe | A command-line utility to configure KSP. |
| .\ksp\KspConfig.exe | A GUI utility to configure KSP. |
| .\ksp\ksputil.exe | A command-line utility to make keys available to other clients. |
| .\ksp\ms2Luna.exe | A utility to migrate software keys to the HSM using SafeNet KSP. |
| .\plugins\dpod.plugin | Service plugin. |
| .\ckdemo.exe | Tool to do cryptographic operations. |
| .\cmu.exe | Certificate Management Utility. |
| .\cryptoki.dll | File required for cryptographic applications. |
| .\LunaAPI.dll | Library file to go with the executable JSP jar file (LunaProvider). |
| .\lunacm.exe | Tool for partition administration. |
| .\LunaProvider.jar | jar file containing Luna specific class. |
| .\multitoken.exe | Cryptographic performance testing tool. |
| .\openssl.cnf | OpenSSL configuration file. |
| .\SafeNetKSP.dll | The KSP library. |
| .\setenv | Utility script to set the ChrystokiConfigurationPath to point to the current directory (this environment variable needs to be the path that includes crystoki-template.ini). |
| .\setenv.ps1 | Setenv utility script for PowerShell. |
The cvclient-min.tar file contains the components for Linux client installations. The cvclient-min.tar contains:
| Directory/File | Description |
|---|---|
| ./bin/64 | Contains all library files. |
| ./bin/64/ckdemo | Tool to perform cryptographic operations. |
| ./bin/64/lunacm | Tool for partition administration. |
| ./bin/64/multitoken | Cryptographic performance testing tool. |
| ./bin/64/cmu | Certificate Management Utility. |
| ./bin/64/vtl | Virtual Token Library. |
| ./etc/openssl.cnf | OpenSSL configuration file. |
| ./jsp/LunaProvider.jar | jar file containing Luna specific class. |
| ./jsp/64/libLunaAPI.so | Respective library file to go with the executable jar file. |
| ./libs/64/libCryptoki2.so | File required for cryptographic applications. |
| ./libs/64/plugins/libdpod.plugin | Service plugin. |
| ./setenv | Utility script to set the ChrystokiConfigurationPath environment variable to point to the current directory, which is required for the client to locate the configuration file, Chrystoki.conf/crystoki.ini. The setenv script also creates a crystoki.ini file from the included crystoki-template.ini file. |
