Basic Unix/Linux Installation

This section provides instructions for installing the SafeNet ProtectToolkit-C Runtime and SDK packages on a Unix/Linux-based operating system. It contains the following subsections:

>SafeNet ProtectToolkit-C Packages

>Unix/Linux Install Preparation

>Installation Procedure

SafeNet ProtectToolkit-C Packages

Two product packages are available for all supported Windows and Unix/Linux platforms. The latest versions of the client software and HSM firmware can be found on the Gemalto Technical Support Customer Portal. See Support Contacts for more information.

Runtime Package (PTKcprt)

The Runtime package provides all the necessary tools and interfaces for a SafeNet ProtectToolkit-C based Cryptoki service provider.

SDK Package (PTKcpsdk)

The SDK package is a software development platform. Header files are included, in addition to all the necessary tools and interfaces for a SafeNet ProtectToolkit-C based Cryptoki service provider.

Developers may work using an HSM installed locally (PCIe mode) or accessible across a network (network mode), to most closely approximate the operating environment. Software-only mode is also available.

Testing can easily be performed on any machine using software-only mode, without the need for an HSM. This may be useful when it is not feasible to make HSMs available to multiple developers.

CAUTION!   Software-only mode is not secure, since key files are located on the hard drive of the host computer system.

Different SafeNet ProtectToolkit-C Cryptoki provider files are required for software-only mode and operation with an HSM. The developer must specify the required Cryptoki provider during installation. Both Cryptoki provider files are installed and the specified one is made active. This selection can be switched if the developer wishes to change operating modes. See Changing the Cryptoki Provider for details.

Unix/Linux Install Preparation

Upgrading/Uninstallation

If you are upgrading SafeNet ProtectToolkit-C from an earlier version, you must first uninstall any currently-installed version.

The SafeNet ProtectToolkit-C uninstallation commands differ between the supported Unix/Linux platforms. The Unix Installation Utility is recommended for uninstalling previous versions, as it will automatically account for these differences. Simply select uninstall a SafeNet package from the Main Menu, and then select the appropriate package (see Using the Unix Installation Utility).

If you wish to enter platform-specific commands manually,use the commands given in Unix/Linux Command Reference.

NOTE   The Runtime and SDK packages cannot be installed concurrently. To switch from one package to the other, uninstall the package that is no longer required and then install the new one.

Preparation

1.Ensure that you have downloaded and installed the required version of the Java runtime. See System Requirements.

2.If you intend to operate SafeNet ProtectToolkit-C in PCI or Network mode, ensure you have installed the access provider software. See the SafeNet HSM Access Provider Installation Guide.

3.Ensure that you are the super-user on the host system.

Installation Procedure

The SafeNet ProtectToolkit-C installation commands differ between the supported Unix/Linux platforms. The Unix Installation Utility is recommended for installation, as it will automatically account for these differences. Simply select Install a Package from this CD from the Main Menu, and then select the appropriate package (see Using the Unix Installation Utility).

If you wish to enter platform-specific commands manually,use the commands given in Unix/Linux Command Reference.

Setting Up Your Environment

After installing the software on Linux platforms, you must run the SafeNet ProtectToolkit setvars.sh script to configure your environment for the SafeNet ProtectToolkit software. You cannot run the script directly, but instead you must source it or add it to a startup file (for example, .bashrc). If you source the script, your environment will be set for the current session only. If you add it to your startup file, your environment will be set each time you log in.

To set up your environment

1.Go to the SafeNet ProtectToolkit software installation directory:

cd /opt/safenet/protecttoolkit5/ptk

2.Source the setvars.sh script:

. ./setvars.sh

Once installed and configured, the software is ready to use under /opt/safenet.

Cryptoki Provider Selection (SDK Package Only)

The software-only Cryptoki provider is active by default on Unix/Linux systems. To change to the SafeNet HSM Cryptoki provider use the Unix/Linux Installation Utility. For more information, see Using the Unix Installation Utility.