HSM:使用 JAVA 应用程序与 HSM 的 Intraction
[英]HSM: Intraction with HSM using JAVA application
问题描述
HSM 服务器和客户端设置已经在我身边完成,我的问题是如何在没有 HSM 客户端的情况下与 HSM 服务器通信以通过 Java 应用程序访问 Luna 密钥库,是否有任何替代方法可以在没有客户端的情况下与 HSM 服务器进行通信。
4 个解决方案
解决方案1
2 2019-04-10 14:06:30
You can use safenet SDK to develop your crypto functions which can interact with HSM from java.
您可以使用 safenet SDK 开发您的加密功能,该功能可以从 Java 与 HSM 进行交互。 eg: Gemalto HSM provides JSP and JCProv API's as a part of SDK for java developers.例如:Gemalto HSM 为 Java 开发人员提供 JSP 和 JCProv API 作为 SDK 的一部分。
解决方案2
2 2019-04-24 10:27:25
You need a Luna client to an application to connect with the HSM to process crypto operations.您需要一个应用程序的 Luna 客户端才能与 HSM 连接以处理加密操作。 Luna client contains the libraries that are required for a client to talk to the HSM. Luna 客户端包含客户端与 HSM 对话所需的库。
解决方案3
0 2019-11-07 12:23:32
Following code show how to prepare and send a command to safenet HSM.以下代码显示了如何准备并向安全网 HSM 发送命令。
public static final String send(String command) {
try (Socket socket = new Socket(HSMIP, HSMPORT);
InputStream in = socket.getInputStream();
OutputStream os = socket.getOutputStream()) {
byte[] commandbytes = DatatypeConverter.parseHexBinary(command);
byte[] request = new byte[6 + commandbytes.length];
request[0] = 0x01; //constant as per setting during installation
request[1] = 0x01; //constant as per setting during installation
request[2] = 0x00; //constant as per setting during installation
request[3] = 0x00; //constant as per setting during installation
request[4] = (byte) (commandbytes.length / 256); //length of command
request[5] = (byte) (commandbytes.length % 256); //length of command
System.arraycopy(commandbytes, 0, request, 6, commandbytes.length);
//logger.info("request : " + DatatypeConverter.printHexBinary(request));
os.write(request);
os.flush();
byte[] header = new byte[6];
in.read(header);
logger.info("header : " + DatatypeConverter.printHexBinary(header));
int len = (header[4] & 0xFF) * 256 + (header[5] & 0xFF); //length of response
logger.info("len : " + len);
byte[] response = new byte[len];
in.read(response);
logger.info("response : " + DatatypeConverter.printHexBinary(response));
return DatatypeConverter.printHexBinary(response);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
解决方案4
0 2019-11-07 12:31:40
Following command show how to send command to Thales HSM.以下命令显示了如何向 Thales HSM 发送命令。
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.net.UnknownHostException;
public class ThalesHSMConnect2 {
//@formatter:off
public static final String send(final String command) throws UnknownHostException, IOException {
try(final Socket sc = new Socket(host, port);
final DataInputStream din = new DataInputStream(sc.getInputStream());
final DataOutputStream dos = new DataOutputStream(sc.getOutputStream())) {
sc.setSoTimeout(5000);
dos.writeUTF(command);
dos.flush();
final String response = din.readUTF();
return response;
}
}
public static final byte[] send(final byte[] command) throws Exception {
try(Socket sc = new Socket(host, port);
InputStream in = sc.getInputStream();
OutputStream os = sc.getOutputStream()) {
sc.setSoTimeout(5000);
command[0] = (byte) ((command.length-2)/256); //two byte command length
command[1] = (byte) ((command.length-2)%256); //two byte command length
os.write(command);
os.flush();
final byte b1 = (byte) in.read();
final byte b2 = (byte) in.read();
if(b1 < 0 || b2 < 0) throw new SocketTimeoutException("no response from hsm.");
final byte[] response = new byte[b1*256+b2];
in.read(response);
return response;
}
}
public static void main(String[] args) throws IOException {
final String cvvGenerationResponse = send("0000CWAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBB4484070020000310;2105000");
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.