Stack Overflow
Stack Overflow

Questions tagged [softhsm]

SoftHSM is software that emulates a PKCS11 Hardware Security Module for development and testing.

An HSM or Hardware Security Module is a PKCS11 compliant and tamper-proof hardware component for the management and storage of cryptographic assets such as keys and certificates, and for offloading cryptographic operations.

SoftHSM is a software emulation of a PKCS11 compliant HSM for purposes of development, training and testing. This provides a cost-effective alternative to purchasing dedicated hardware components for non-Production use. It is being developed as a part of the OpenDNSSEC project.

68 questions
1
vote
1 answer

Why Cryptoki.C_OpenSession disconnect from HSM sometimes

I' created a web service isAlive to check if I can create session with the HSM soft using the Cryptoki ,I automated the execution of my web service using SoapUI so I execute my service in a loop each 40s ,it work well but after a number of call I…
e2rabi
  • 4,728
  • 9
  • 42
  • 69
1
vote
1 answer

SoftHSM cannot get certificate

In SoftHsm (v2.4.0) I noticed that you cannot extract a self-signed certificate if you don't have its corresponding private key in the same token. I generated the certificate with OpenSSL, and then imported it using softhsm2-util --import. I am…
V. Nieutin
  • 13
  • 4
1
vote
1 answer

Session.GetOperationState() method is throwing exception "Method C_GetOperationState returned CKR_FUNCTION_NOT_SUPPORTED in SoftHSM"

We are using SoftHSM in our application. We have generated tokens and imported keys in it. Now we have created one job which monitors if our SoftHSM is Up and running. For that, It seems that the Session.GetOperationState() method should be able to…
Kumar
  • 63
  • 1
  • 10
1
vote
2 answers

Symmetric encryption keys with HSM

I want to use an HSM to encrypt/decrypt sensitive data I will be storing in my database. The HSM device / server can create symmetric and asymmetric keys. I want to store data with highest possible security. So I have two approaches: 1) Make HSM…
GMXBikeRider
  • 21
  • 1
  • 2
1
vote
1 answer

java complains on loading pkcs dll from softhsm

I am trying to use softhsm for my project using java 1.8-64bit. I am trying with m first sample java class given here Connecting to SoftHSM java code I was able to install softhsm softhsm2-windows installer. And Also able to create token usng…
Slok
  • 576
  • 1
  • 12
  • 27
1
vote
0 answers

Configuring the Spring Boot with HTTPS using HSM provided keystore results in an error

A standard configuration to enable Java to use the PKCS#11 HSM based keystore is not to configure anything to keystore path (keep it null) and configure the java security to get the PKCS 11 security provider. More information (with Sun/Oracle JVM)…
vjkumar
  • 171
  • 1
  • 3
  • 10
0
votes
1 answer

Error showed: "Can't find OpenSSL headers" while configuring SoftHSMv2 with for Hyperledger Fabric environment on macOS

I'm trying to create development environment for Hyperledger fabric v2.5 on my macOSX. While installing necessary tools and dependencies, I had to come after SoftHSM. As per the SoftHSM documentation, I've already installed (with homebrew): openssl…
Abu Saleh Md. Boni Momin
  • 1
0
votes
1 answer

Connect to remote HSM with PKCS11interop

I'm just practising about Safenet soft HSM and PKCS11interop library. I am curios about how the librar decides to connect which HSM? I think the cryptoki library created in my local is configured to use local soft HSM. But I couldn't find any…
EyezBerg
  • 1
  • 2
0
votes
1 answer

Extract public key from PKCS11 keystore to do signature verification

I'm generating a keypair in a softHSM keystore, and uses it to sign a software. Now I need to extract the public key and move it to my target. I can sign and verify with pkcs11-tool, but I have not succeeded with using openssl verifying. All I get…
Kjeld Flarup
  • 1,471
  • 10
  • 15
0
votes
1 answer

Error in pkcs11_generate:1355: PKCS #11 user error

I'm trying to generate a public/private keypair in softHSM, for this I have installed a provider in openssl. Using these commands I end up in a "user error" + softhsm2-util --init-token --free --label token-label --so-pin mysopin1 --pin…
Kjeld Flarup
  • 1,471
  • 10
  • 15
0
votes
1 answer

How to parse certifcate/privateKey pair by using Crypto11

I have a pkcs11 token that only contains the private key object. I want to use crypto11 package to retrieve the private key. When I try to parse the x509 key pair by inputting the certificate file and the secret key object. I received the error. var…
JayRain
  • 61
  • 4
0
votes
0 answers

Decrpyting using pkcs#11 tool

I'm trying too encrypt and decrypt using pkcs#11-tool echo 'Hello word !' | openssl pkeyutl -encrypt -pubin \ -inkey pub.pem \ -pkeyopt…
Jonathan Layduhur
  • 93
  • 7
0
votes
1 answer

How can I make multiple clients connect to multiple slots in SoftHSM by Java code

I'm doing a task about SoftHSM. I have built an application in Java as a server. So, I config the connection in a softhsm.cfg file library = F:\SoftHSM2\lib\softhsm2-x64.dll slot = 767671965 attributes(generate, *, *) = { CKA_TOKEN =…
Việt Nguyễn Hoàng
  • 11
  • 1
0
votes
1 answer

SoftHSMv2 - How to make created objects survive between sessions?

I open a session I create an AES key with a label by using C_CreateObject I can lookup the created object by label by using C_FindObjects. I close the session. I open a new session. I can no longer lookup the created object by label using…
user1804394
  • 41
  • 7
0
votes
1 answer

sun.security.pkcs11 is not visible

Error: SoftHSM.java:8: error: package sun.security.pkcs11 is not visible import sun.security.pkcs11.*; ^ (package sun.security.pkcs11 is declared in module jdk.crypto.cryptoki, which is not in the module graph) Unable to run…
Sanskriti Pattanayak
  • 1
  • 1
  • 1
1 2
3
4 5