To install the Quantum Protect module on the cHSM, do the following:
-
Download the Quantum Protect Software from the Utimaco Support Portal.
-
Ensure you have a running cHSM with the SecurityServer-SDK Template
gladm -d <IP> -p <PORT> -u admin -k :cs2:auto:USB0 chsm-list-slots
1: c0747ffb-592f-4f78-bae6-cad316343129 SecurityServer [regular] - running
2: 1c6837b7-20b4-430f-83c6-ea97226ae853 SecurityServer-SDK [regular] - running
3:
4:
-
Ensure there are no VDM-using modules (BRICKS, OSCCA, or other third-party modules).
csadm Dev=PORT@IP logonSign=ADMIN,:cs2:auto:USB0 ListFirmware
ID name type version initialization level
----------------------------------------------------------
0 SMOS A32 6.2.0.0 INIT_OK
4 POST A32 6.2.0.0 INIT_OK
a HCE A32 6.2.0.0 INIT_OK
68 CXI A32 6.2.0.0 INIT_OK
81 VDES A32 6.2.0.0 INIT_OK
82 PP A32 6.2.0.0 INIT_OK
83 CMDS A32 6.2.0.0 INIT_OK
84 VRSA A32 6.2.0.0 INIT_OK
85 SC A32 6.2.0.0 INIT_OK
86 UTIL A32 6.2.0.0 INIT_OK
87 ADM A32 6.2.0.0 INIT_OK
88 DB A32 6.2.0.0 INIT_OK
89 HASH A32 6.2.0.0 INIT_OK
8a STUN A32 6.2.0.0 INIT_OK
8b AES A32 6.2.0.0 INIT_OK
8d DSA A32 6.2.0.0 INIT_OK
8e LNA A32 6.2.0.0 INIT_OK
8f ECA A32 6.2.0.0 INIT_OK
91 ASN1 A32 6.2.0.0 INIT_OK
96 MBK A32 6.2.0.0 INIT_OK
9c ECDSA A32 6.2.0.0 INIT_OK
9f CRYPT A32 6.2.0.0 INIT_OK
This command must be executed for the port of the cHSM, not the host. The default port is 4000 + cHSM number.
-
If there is any VDM-using module, uninstall it.
csadm Dev=PORT@IP logonSign=ADMIN,:cs2:auto:USB0 DeleteFile=oscca.msc Restart
-
Go to the folder containing the firmware modules and install them.
cd linux\firmware\<version>\uta
csadm Dev=PORT@IP logonSign=ADMIN,:cs2:auto:USB0 \
LoadFile=hbs_uta.mtc LoadFile=ml_uta.mtc LoadFile=pqmi_uta.mtc Restart