Friday 5 May 2017

SoftHSM2 in java


Challenge:
how to work with softhsm2 in java ?

Solution:

1. Download  .msi installer from  softhsm2 windows installer.
2.  Execute below script to initialize Tokens .

 Microsoft Windows [Version 10.0.14393]
    (c) 2016 Microsoft Corporation. All rights reserved.

    C:\WINDOWS\system32>cd\

    C:\>cd SoftHSM2

    C:\SoftHSM2>cd bin

    C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
    === SO PIN (4-255 characters) ===
    Please enter SO PIN:
    ERROR: The length of the PIN is out of range.
    === SO PIN (4-255 characters) ===
    ^C
    C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
    === SO PIN (4-255 characters) ===
    Please enter SO PIN: ****
    Please reenter SO PIN: ****
    === User PIN (4-255 characters) ===
    Please enter user PIN: ****
    Please reenter user PIN: ****
    CKR_SLOT_ID_INVALID: Slot 0 does not exist.

    C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
    Available slots:
    Slot 1526831955
        Slot info:
            Description:      SoftHSM slot ID 0x5b019b53
            Manufacturer ID:  SoftHSM project
            Hardware version: 2.2
            Firmware version: 2.2
            Token present:    yes
        Token info:
            Manufacturer ID:  SoftHSM project
            Model:            SoftHSM v2
            Hardware version: 2.2
            Firmware version: 2.2
            Serial number:    cafa9efc5b019b53
            Initialized:      yes
            User PIN init.:   yes
            Label:            0 token
    Slot 1
        Slot info:
            Description:      SoftHSM slot ID 0x1
            Manufacturer ID:  SoftHSM project
            Hardware version: 2.2
            Firmware version: 2.2
            Token present:    yes
        Token info:
            Manufacturer ID:  SoftHSM project
            Model:            SoftHSM v2
            Hardware version: 2.2
            Firmware version: 2.2
            Serial number:
            Initialized:      no
            User PIN init.:   no
            Label:

    C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 1 --label "My token 1"
    === SO PIN (4-255 characters) ===
    Please enter SO PIN: ****
    Please reenter SO PIN: ****
    === User PIN (4-255 characters) ===
    Please enter user PIN: ****
    Please reenter user PIN: ****
    The token has been initialized.

    C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
    Available slots:
    Slot 1242738572
        Slot info:
            Description:      SoftHSM slot ID 0x4a12af8c
            Manufacturer ID:  SoftHSM project
            Hardware version: 2.2
            Firmware version: 2.2
            Token present:    yes
        Token info:
            Manufacturer ID:  SoftHSM project
            Model:            SoftHSM v2
            Hardware version: 2.2
            Firmware version: 2.2
            Serial number:    00fbfb20ca12af8c
            Initialized:      yes
            User PIN init.:   yes
            Label:            My token 1
    Slot 1526831955
        Slot info:
            Description:      SoftHSM slot ID 0x5b019b53
            Manufacturer ID:  SoftHSM project
            Hardware version: 2.2
            Firmware version: 2.2
            Token present:    yes
        Token info:
            Manufacturer ID:  SoftHSM project
            Model:            SoftHSM v2
            Hardware version: 2.2
            Firmware version: 2.2
            Serial number:    cafa9efc5b019b53
            Initialized:      yes
            User PIN init.:   yes
            Label:            0 token
    Slot 2
        Slot info:
            Description:      SoftHSM slot ID 0x2
            Manufacturer ID:  SoftHSM project
            Hardware version: 2.2
            Firmware version: 2.2
            Token present:    yes
        Token info:
            Manufacturer ID:  SoftHSM project
            Model:            SoftHSM v2
            Hardware version: 2.2
            Firmware version: 2.2
            Serial number:
            Initialized:      no
            User PIN init.:   no
            Label:

    C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 2 --label "My token 2"
    === SO PIN (4-255 characters) ===
    Please enter SO PIN: ****
    Please reenter SO PIN: ****
    === User PIN (4-255 characters) ===
    Please enter user PIN: ****
    Please reenter user PIN: ****
    The token has been initialized.

    C:\SoftHSM2\bin


Run the below Java Code to access hsm from java .
















 1



   import java.security.Key;
    import java.security.KeyStore;
    import java.security.Provider;
    import java.security.Security;

    import javax.crypto.spec.SecretKeySpec;

    import sun.security.pkcs11.SunPKCS11;

    public class TestClass {


         public static void main(String[] args) throws Exception {
                // Set up the Sun PKCS 11 provider
               // String configName = "Z:\\SOFTHSM_INSTALL\\etc\\softhsm2.conf";

             String configName = "softhsm2.cfg";

                Provider p = new SunPKCS11(configName);

                if (-1 == Security.addProvider(p)) {
                    throw new RuntimeException("could not add security provider");
                }

                // Load the key store
                char[] pin = "mypin".toCharArray();
                KeyStore keyStore = KeyStore.getInstance("PKCS11", p);
                keyStore.load(null, pin);

                // AES key
                SecretKeySpec secretKeySpec = new SecretKeySpec("0123456789ABCDEF".getBytes(), "AES");
                Key key = new SecretKeySpec(secretKeySpec.getEncoded(), "AES");

                keyStore.setKeyEntry("AA", key, "1234".toCharArray(), null);
                keyStore.store(null); //this gives me the exception.

         }

    }































Posted by



at





No comments:
  


















Labels:
,

















        

      









Subscribe to:
Posts (Atom)