个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
28
4
我正在尝试在 SoftHSM 2 上进行 POC,但我遇到了以下问题。
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at SoftHSM.main(SoftHSM.java:50)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SLOT_ID_INVALID
at sun.security.pkcs11.wrapper.PKCS11.C_GetSlotInfo(Native Method)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:365)
... 2 more
HSM 配置文件:
# SoftHSM v2 configuration file
name= SoftHSM2
library = C:\SoftHSM2\lib\softhsm2-x64.dll
slot=1
如果我评论 slot=1 ,那么我就会得到
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at SoftHSM.main(SoftHSM.java:50)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_TOKEN_NOT_RECOGNIZED
at sun.security.pkcs11.wrapper.PKCS11.C_OpenSession(Native Method)
at sun.security.pkcs11.SessionManager.openSession(SessionManager.java:215)
at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:150)
at sun.security.pkcs11.Token.<init>(Token.java:151)
at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:858)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:367)
... 2 more
由于某种原因,它没有得到 intizlized。有谁可以帮我让它用 Java 运行吗?
我的电脑详细信息:温恩10:64位我已根据 softHSM 的要求添加了 VC++ 可分发版本。
我正在附加我的 java 源文件
import java.security.Key;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import sun.security.pkcs11.SunPKCS11;
public class TestClass {
public static void main(String[] args) throws Exception {
// Set up the Sun PKCS 11 provider
// String configName = "Z:\\SOFTHSM_INSTALL\\etc\\softhsm2.conf";
String configName = "softhsm2.cfg";
Provider p = new SunPKCS11(configName);
if (-1 == Security.addProvider(p)) {
throw new RuntimeException("could not add security provider");
}
// Load the key store
char[] pin = "mypin".toCharArray();
KeyStore keyStore = KeyStore.getInstance("PKCS11", p);
keyStore.load(null, pin);
// AES key
SecretKeySpec secretKeySpec = new SecretKeySpec("0123456789ABCDEF".getBytes(), "AES");
Key key = new SecretKeySpec(secretKeySpec.getEncoded(), "AES");
keyStore.setKeyEntry("AA", key, "1234".toCharArray(), null);
keyStore.store(null); //this gives me the exception.
}
}
请大家帮帮我。
似乎我没有任何已初始化 token 的插槽。因此尝试初始化 token 。但低于错误。有人可以帮我找出我犯的错误吗?
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 0
Slot info:
Description: SoftHSM slot ID 0x0
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label Kumar
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
ERROR 30: Could not initialize the token.
解决方案:
我按照 Jariq 验证了 Windows 事件日志,它表示应用程序已损坏。我确实重新安装了适用于 Windows 的应用程序“softhsm2.msi”。
执行的脚本如下,供像我这样的人引用。
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>cd\
C:\>cd SoftHSM2
C:\SoftHSM2>cd bin
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN:
ERROR: The length of the PIN is out of range.
=== SO PIN (4-255 characters) ===
^C
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
CKR_SLOT_ID_INVALID: Slot 0 does not exist.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 1526831955
Slot info:
Description: SoftHSM slot ID 0x5b019b53
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: cafa9efc5b019b53
Initialized: yes
User PIN init.: yes
Label: 0 token
Slot 1
Slot info:
Description: SoftHSM slot ID 0x1
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 1 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 1242738572
Slot info:
Description: SoftHSM slot ID 0x4a12af8c
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: 00fbfb20ca12af8c
Initialized: yes
User PIN init.: yes
Label: My token 1
Slot 1526831955
Slot info:
Description: SoftHSM slot ID 0x5b019b53
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: cafa9efc5b019b53
Initialized: yes
User PIN init.: yes
Label: 0 token
Slot 2
Slot info:
Description: SoftHSM slot ID 0x2
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 2 --label "My token 2"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized.
C:\SoftHSM2\bin>
在此之后,我初始化了多个 token 。非常感谢您Jariq。
最佳答案
如 JDK 8 PKCS#11 Reference Guide 中所述您需要在 Sun PKCS#11 Provider 配置文件中使用 slotListIndex 属性而不是 slot 属性。
以下配置文件对我来说可以很好地使用您提供的测试应用程序:
# Sun PKCS#11 provider configuration file for SoftHSMv2
name = SoftHSM2
library = d:\SoftHSM2\lib\softhsm2-x64.dll
slotListIndex = 0
SoftHSMv2 始终返回所有初始化的插槽/ token ...
...加上一个未初始化的附加项,几乎每次 PKCS#11 调用都会返回 CKR_TOKEN_NOT_RECOGNIZED 错误...
...并且通过使用 slotListIndex = 0,您将指示 Sun PKCS#11 Provider 仅使用第一个返回的槽/ token 。
关于java - SoftHSM2 java 不工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43673782/
28
4
0
在 SoftHsm(v2.4.0)中,我注意到如果您在同一 token 中没有相应的私钥,则无法提取自签名证书。我使用 OpenSSL 生成了证书,然后使用 softhsm2-util --impor
我目前正在尝试让 SoftHSM 运行(在 Windows 平台上)。目标是在客户端和 HSM 服务器之间建立通信 channel ,以便可以在服务器端加密一些数据并将其发送回调用客户端。 我从这个网
代码: String pkcs11cfg = "pkcs11.cfg"; Provider p = new SunPKCS11(pkcs11cfg); Security.addProvider(p);
我找到了这个线程:Connecting to SoftHSM java,它在存储私钥时有效,就像示例一样。 但是我需要存储 key ,比如AES。 这是我的代码: import java.securi
我正在尝试使用 java 1.8-64 位在我的项目中使用 softhsm。 我正在尝试使用此处给出的第一个示例java类Connecting to SoftHSM java code 我能够安装so
我正在尝试使用 Pkcs11Interop .net 库对 Pdf 文档进行签名。我需要使用 ECDSA 加密 算法和 SHA256 哈希算法。我正在使用 SoftHSM 2.2.0 来存储私钥。 我
我是一名优秀的程序员,十分优秀!