Release Notes


These release notes apply to version 3.2.0 of the nShield Web Services Option pack for Security World. They contain information specific to this release such as new features, defect fixes, and known issues.

Features of nShield Web Service Option Pack 3.2.0

New configuration option

  • New Security world configuration:

    WSOP now accesses the Security world files, like the module and world files, from the database instead of the kmdata directory. There is a new HKNSO configuration option for the hash value which must be set before starting WSOP.

    See Configure the Web Services Option Pack in the User Guide for more information.

New Algorithm support

Support for following encryption and decryption algorithms has been added:

  • RSA-OAEP-384

  • RSA-OAEP-512

RSA-OAEP Label support added

As defined in RFC 8017, support has been added for a label L input for encryption and decryption operations with RSA-OAEP.

Please refer to the REST API section of the User Documentation for more information.

New PKCS #11 migration support

PKCS #11 object migration support for the following key types has been added to the DBMT:





New PKCS #11 functionality

  • Support for message digesting and random number generation functions:

    • C_DigestInit

    • C_Digest

    • C_DigestUpdate

    • C_DigestFinal

    • C_GenerateRandom

  • New mechanisms for message digest:

    • CKM_SHA_1

    • CKM_SHA224

    • CKM_SHA256

    • CKM_SHA384

    • CKM_SHA512

    • CKM_SHA3_224

    • CKM_SHA3_256

    • CKM_SHA3_384

    • CKM_SHA3_512

  • Generation of RSA keys with C_GenerateKeyPair:

    • CKK_RSA key types generated using CKM_RSA_PKCS_KEY_PAIR_GEN

  • New RSA mechanisms for encrypt and decrypt:


    • CKM_RSA_PKCS_OAEP which is supported when used with a CK_RSA_PKCS_MGF_TYPE value that is one of the following:

      • CKG_MGF1_SHA1

      • CKG_MGF1_SHA256

      • CKG_MGF1_SHA384

      • CKG_MGF1_SHA512

  • New RSA mechanisms for sign and verify:







  • New AES mechanism for encrypt and decrypt:

    • CKM_AES_GCM (not supported with Security Worlds conforming to FIPS 140 Level 3)

PKCS #11 v3.0 compliance.

This release is compliant with PKCS #11 Version 3.0 ( Support for the following has been added:

  • CKO_PROFILE objects.

  • CKP_BASELINE_PROVIDER conforming to the Baseline Provider Clause defined in section 3.3 of PKCS #11 Cryptographic Token Interface Profiles Version 3.0 (

  • Cancellation of active operations by calling C_EncryptInit, C_DecryptInit, C_SignInit, C_VerifyInit, or C_DigestInit with pMechanism set to NULL_PTR.

  • CKA_UNIQUE_ID. This attribute can also be used for objects created in earlier versions of the WSOP PKCS #11 library.

  • C_GetInterface and C_GetInterfaceList. Interface versions 2.40 and 3.0 are supported.


Supported MongoDB versions

This release has been tested against MongoDB version 5.0.18.

Supported hardware

This release is targeted at deployments with any of the following nShield HSMs:

  • nShield Solo PCI Express (500+, and 6000+)

  • nShield Solo XC (Base, Mid, High)

  • nShield nShield 5S (Base, Mid, High)

  • nShield Connect (500+, 1500+, and 6000+)

  • nShield Connect XC (Base, Mid, High, Serial Console)

  • nShield nShield 5C (Base, Mid, High, Serial Console)

Supported operating systems

This release has been tested for compatibility with the following operating systems:

  • Red Hat Enterprise Linux Server 7 x64

  • Red Hat Enterprise Linux Server 8 x64

  • Red Hat Enterprise Linux Server 9 x64

  • SUSE Enterprise Linux 12 x64

  • SUSE Enterprise Linux 15 x64

  • Oracle Enterprise Linux 7.6 x64

  • Oracle Enterprise Linux 8 x64

Additionally the PKCS #11 library has been tested for compatibility with the following operating systems:

  • Windows Server 2019 x64

  • Windows Server 2022 x64

  • Windows 10 x64

  • Windows 11 x64

Supported Security World versions

This release can be used with the following nShield Security World Software installations:

  • Security World v12.80

  • Security World v13.3+ and v13.4+

Security World v12.8x is required in order to migrate kmdata files using the Database Management Tool.

Firmware versions supported by the 12.60 release are also supported by WSOP. See the nShield 12.80 Security World Software release notes for further details.

API version

The nShield Web Service Option Pack REST API version has been increased to v1.4.0.

Defect Fixes

Reference Description in v3.1 Fix in v3.2


When operating close to the active Protection Domain capacity limit, attempts to activate further domains can sometimes be blocked and available capacity in the cache lost.

Cache behaviour for Protection Domain activations has been improved.



Fixed an issue in the Web Services PKCS#11 library where setting CKA_WRAP or CKA_UNWRAP in a key generation template could override values of CKA_SIGN and CKA_VERIFY.



It is now possible to create a CKO_CERTIFICATE object with CKA_TRUSTED = CK_FALSE using the Web Services PKCS#11 library.



Fixed an issue where corecrypto error messages could be truncated when recorded in the Web Services PKCS#11 library log file.



Improved accuracy of log messages for ulCount in C_GenerateKey and C_CreateObject in the Web Services PKCS#11 library log file.



The correct version information is now reported back by the DBMT.



The branding of the release notes documentation has been corrected.



Fixed the issue where the DBMT required a combined certificate and key file for the TLS connection instead of individual files as specified in the configuration file.



The command line interface of the DBMT has been improved for usability regarding migrating an individual key via the appname and keyident values.



Fixed an issue in the PKCS#11 library where conflicting entries for the same attribute in the template supplied to C_FindObjects could result in invalid search results.



Fixed an issue in the PKCS#11 library where C_FindObjects can fail to return matching objects when the template includes a value for CKA_OBJECT_ID that contains NUL bytes.



Fixed an issue in the PKCS#11 library where parallel calls to C_Logout on the same session could result in function failure.



Fixed an issue which prevented the WSOP server from using an HSM protected private key for TLS.



Improvements have been made to key record data for future compatibility.



Fixed a DBMT issue which could cause an error when attempting to upgrade a very large quantity of keys.



Fixed an issue in the Web Services PKCS#11 library that would cause C_GetSlotList to return 0 slots if the library had to retry the web request.

Known Issues

Reference Description


The Web Services PKCS#11 library has a dependency on a third party called cpprestsdk which has an internal threadpool limit of 40. There is a potential issue in the PKCS#11 library which means that if an application is running more than 40 threads and encounters a large number of persistent errors from the WSOP corecrypto service then the threads can become blocked and an application restart would be necessary. This issue can be mitigated by using fewer threads, and by making use of the config file options MAXRETRIES and RETRYDELAY. Increasing the value of RETRYDELAY introduces a delay between retries of failed WSOP requests.


String fields such as CKA_LABEL and CKA_APPLICATION should not contain any HTML character for example <, > or & as this can result in those values becoming corrupted when they are retrieved later.


The WSOP server can temporarily become unresponsive if a large number of time intensive requests are sent concurrently. This will cease when the requests are completed.


An incorrect HTTP response status code of 422 is returned (instead of 400) when a key generation request is rejected because the key ident parameter contains non-alphanumeric characters.


Key records from previous releases may be incompatible with future releases of WSOP and be limited in future functionality. It is recommended that a new database is used for this release to ensure maximum future compatibility.


The offset filter option is not supported by the protectiondomains endpoint. If needed, offset can be used with the groups endpoint in order to identify and retrieve the desired protection domain.


WSOP will not self recover if the connection to the MongoDB server is interrupted enough for the periodic health check to fail. If this happens, the WSOP service will need to be restarted before the system can resume operation.


When a CRL is processed, invalid certificates can be ignored silently. However, a successfully revoked certificate is reported correctly in the logs.