Liunx Softhsm2的安装和使用
白丁雨
若需要windows版本,请使用下面两种安装方式
win下有两种方式:msi安装方式,压缩包安装方式。github传送门
安装所需的依赖包
yum -y install automake
yum -y install autoconf
yum -y install libtool
yum -y install gcc gcc-c++ kernel-devel
yum -y install openssl openssl-devel下载安装包
wget https://dist.opendnssec.org/source/softhsm-2.3.0.tar.gz解压缩
tar -xzf softhsm-2.3.0.tar.gz开始编译阶段
./configure --disable-gost
编译源代码
make
安装库
sudo make install初始化您的令牌
访问目录:
./src/bin/util执行命令
./softhsm2-util --init-token --slot 0 --label "My token 1" --pin 12345 --so-pin 12345
生成的slot 需要记下来 cfg配置文件需要这个值
The token has been initialized and is reassigned to slot 462451351查看token
./softhsm2-util --show-slots以下为java方式使用softhsm
softhsm2.cfg 配置文件:
name = SoftHSM
library = /usr/local/lib/softhsm/libsofthsm2.so
slot = 462451351
attributes(generate, *, *) = {
CKA_TOKEN = true
}
attributes(generate, CKO_CERTIFICATE, *) = {
CKA_PRIVATE = false
}
attributes(generate, CKO_PUBLIC_KEY, *) = {
CKA_PRIVATE = false
}代码:
public class App {
public static void main(String[] args) throws Exception {
InputStream configName = App.class.getClassLoader().getResourceAsStream("softhsm2.cfg");
// Set up the Sun PKCS 11 provider
Provider p = new SunPKCS11(configName);
// Java 9+
// Provider p = Security.getProvider("SunPKCS11");
// p = p.configure(configName);
// Load the key store
char[] pin = "12345".toCharArray();
KeyStore keyStore = KeyStore.getInstance("PKCS11", p);
keyStore.load(null, pin);
}
}参考链接:
https://wiki.opendnssec.org/display/SoftHSMDOCS/SoftHSM+Documentation+v2
类似资料: