[英]SoftHSM2 java not working
我正在嘗試在 SoftHSM 2 上進行 POC,但是我遇到了一些問題。
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at SoftHSM.main(SoftHSM.java:50)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SLOT_ID_INVALID
at sun.security.pkcs11.wrapper.PKCS11.C_GetSlotInfo(Native Method)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:365)
... 2 more
HSM 配置文件:
# SoftHSM v2 configuration file
name= SoftHSM2
library = C:\SoftHSM2\lib\softhsm2-x64.dll
slot=1
如果我評論 slot=1 ,那么我得到
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at SoftHSM.main(SoftHSM.java:50)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_TOKEN_NOT_RECOGNIZED
at sun.security.pkcs11.wrapper.PKCS11.C_OpenSession(Native Method)
at sun.security.pkcs11.SessionManager.openSession(SessionManager.java:215)
at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:150)
at sun.security.pkcs11.Token.<init>(Token.java:151)
at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:858)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:367)
... 2 more
由於某種原因,它沒有被intizlized。 有沒有人可以幫助我讓它與 Java 一起運行。
我的 PC 詳細信息:Winn 10:64 位我已根據 softHSM 的要求添加了 VC++ 可分發。
我附上了我的java源文件
import java.security.Key;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import sun.security.pkcs11.SunPKCS11;
public class TestClass {
public static void main(String[] args) throws Exception {
// Set up the Sun PKCS 11 provider
// String configName = "Z:\\SOFTHSM_INSTALL\\etc\\softhsm2.conf";
String configName = "softhsm2.cfg";
Provider p = new SunPKCS11(configName);
if (-1 == Security.addProvider(p)) {
throw new RuntimeException("could not add security provider");
}
// Load the key store
char[] pin = "mypin".toCharArray();
KeyStore keyStore = KeyStore.getInstance("PKCS11", p);
keyStore.load(null, pin);
// AES key
SecretKeySpec secretKeySpec = new SecretKeySpec("0123456789ABCDEF".getBytes(), "AES");
Key key = new SecretKeySpec(secretKeySpec.getEncoded(), "AES");
keyStore.setKeyEntry("AA", key, "1234".toCharArray(), null);
keyStore.store(null); //this gives me the exception.
}
}
請幫幫我。
似乎我沒有任何帶有令牌初始化的插槽。 所以試圖初始化令牌。 但低於錯誤。 有人可以幫我找出我做的錯誤。
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 0
Slot info:
Description: SoftHSM slot ID 0x0
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label Kumar
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
ERROR 30: Could not initialize the token.
解決方案:
我按照 Jariq 驗證了 Windows 事件日志,它說應用程序已損壞。 我確實為 Windows“softhsm2.msi”重新安裝了該應用程序。
和執行的腳本在這里供像我這樣的人參考。
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>cd\
C:\>cd SoftHSM2
C:\SoftHSM2>cd bin
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN:
ERROR: The length of the PIN is out of range.
=== SO PIN (4-255 characters) ===
^C
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
CKR_SLOT_ID_INVALID: Slot 0 does not exist.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 1526831955
Slot info:
Description: SoftHSM slot ID 0x5b019b53
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: cafa9efc5b019b53
Initialized: yes
User PIN init.: yes
Label: 0 token
Slot 1
Slot info:
Description: SoftHSM slot ID 0x1
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 1 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 1242738572
Slot info:
Description: SoftHSM slot ID 0x4a12af8c
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: 00fbfb20ca12af8c
Initialized: yes
User PIN init.: yes
Label: My token 1
Slot 1526831955
Slot info:
Description: SoftHSM slot ID 0x5b019b53
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: cafa9efc5b019b53
Initialized: yes
User PIN init.: yes
Label: 0 token
Slot 2
Slot info:
Description: SoftHSM slot ID 0x2
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 2 --label "My token 2"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized.
C:\SoftHSM2\bin>
在此之后,我初始化了不止一個令牌。 非常感謝賈里克。
如JDK 8 PKCS#11 參考指南中所述,您需要在 Sun PKCS#11 Provider 配置文件中使用slotListIndex
屬性而不是slot
屬性。
您提供的測試應用程序對我來說,以下配置文件可以正常工作:
# Sun PKCS#11 provider configuration file for SoftHSMv2
name = SoftHSM2
library = d:\SoftHSM2\lib\softhsm2-x64.dll
slotListIndex = 0
SoftHSMv2 始終返回所有已初始化的插槽/令牌...
...加上一個額外的未初始化並且幾乎每次調用 PKCS#11 都會返回CKR_TOKEN_NOT_RECOGNIZED
錯誤...
...並通過使用slotListIndex = 0
指示 Sun PKCS#11 Provider 僅使用第一個返回的插槽/令牌。
默認的Softhsm2配置文件應該是這樣的
# SoftHSM v2 configuration file
directories.tokendir = C:\SoftHSM2\var\softhsm2\tokens\
objectstore.backend = file
log.level = INFO
slots.removable = false
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.