External Key Storage
SafeNet ProtectServer HSMs have 4 MB of available secure memory. This is the only limit to the number of keys (by type and size) that can be stored.
Applications whose secure memory requirements exceed this limitation can use the External Token Support Library (ExtToken). ExtToken manages secure, external token object storage to host applications transparently. Host applications can use standard PKCS#11 function calls to access and manipulate token objects as though the token objects were stored on the HSM.
The ExtToken library is available with SafeNet ProtectToolkit-C and is a part of the standard PTKcprt package installation. The ExtToken library is supported on Windows only.
Using ExtToken, externally stored token objects can be used for RSA signing, certificate checking, DES key exchange, DES encryption of transaction messages, and more. To reduce processing overhead, the HSM stores the most recently used token objects in its internal cache memory. The number of token objects stored in cache is configurable by the user.
SafeNet ProtectServer HSMs support the storage of token objects in secure external locations and user slots simultaneously.
This section contains the following subsections:
