SoftHSM2 java无法正常工作
我正在尝试在SoftHSM 2上进行POC,但有些我如何得到以下问题。
Exception in thread "main" java.security.ProviderException: Initialization failed at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:376) at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:103) at SoftHSM.main(SoftHSM.java:50) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SLOT_ID_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_GetSlotInfo(Native Method) at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:365) ... 2 more HSM配置文件:
# SoftHSM v2 configuration file name= SoftHSM2 library = C:\SoftHSM2\lib\softhsm2-x64.dll slot=1
如果我评论slot = 1,那么我得到了
Exception in thread "main" java.security.ProviderException: Initialization failed at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:376) at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:103) at SoftHSM.main(SoftHSM.java:50) Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_TOKEN_NOT_RECOGNIZED at sun.security.pkcs11.wrapper.PKCS11.C_OpenSession(Native Method) at sun.security.pkcs11.SessionManager.openSession(SessionManager.java:215) at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:150) at sun.security.pkcs11.Token.(Token.java:151) at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:858) at sun.security.pkcs11.SunPKCS11.(SunPKCS11.java:367) ... 2 more
由于某种原因,它没有得到充分利用。 有没有人可以帮助我让它运行Java。
我的电脑详细信息:Winn 10:64位我根据softHSM的要求添加了VC ++ distributaable。
我附加了我的java源文件
import java.security.Key; import java.security.KeyStore; import java.security.Provider; import java.security.Security; import javax.crypto.spec.SecretKeySpec; import sun.security.pkcs11.SunPKCS11; public class TestClass { public static void main(String[] args) throws Exception { // Set up the Sun PKCS 11 provider // String configName = "Z:\\SOFTHSM_INSTALL\\etc\\softhsm2.conf"; String configName = "softhsm2.cfg"; Provider p = new SunPKCS11(configName); if (-1 == Security.addProvider(p)) { throw new RuntimeException("could not add security provider"); } // Load the key store char[] pin = "mypin".toCharArray(); KeyStore keyStore = KeyStore.getInstance("PKCS11", p); keyStore.load(null, pin); // AES key SecretKeySpec secretKeySpec = new SecretKeySpec("0123456789ABCDEF".getBytes(), "AES"); Key key = new SecretKeySpec(secretKeySpec.getEncoded(), "AES"); keyStore.setKeyEntry("AA", key, "1234".toCharArray(), null); keyStore.store(null); //this gives me the exception. } }
请帮帮我们。
似乎是我没有任何带有令牌初始化的插槽。 所以尝试初始化令牌。 但低于错误。 有人可以帮助我找出我做的错误。
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots Available slots: Slot 0 Slot info: Description: SoftHSM slot ID 0x0 Manufacturer ID: SoftHSM project Hardware version: 2.2 Firmware version: 2.2 Token present: yes Token info: Manufacturer ID: SoftHSM project Model: SoftHSM v2 Hardware version: 2.2 Firmware version: 2.2 Serial number: Initialized: no User PIN init.: no Label: C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label Kumar === SO PIN (4-255 characters) === Please enter SO PIN: **** Please reenter SO PIN: **** === User PIN (4-255 characters) === Please enter user PIN: **** Please reenter user PIN: **** ERROR 30: Could not initialize the token.
解:
我根据Jariqvalidation了Windows事件日志,它说应用程序已损坏。 我确实重新安装了windows“softhsm2.msi”的应用程序。
并在此处执行脚本以供参考像我这样的人。
Microsoft Windows [Version 10.0.14393] (c) 2016 Microsoft Corporation. All rights reserved. C:\WINDOWS\system32>cd\ C:\>cd SoftHSM2 C:\SoftHSM2>cd bin C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1" === SO PIN (4-255 characters) === Please enter SO PIN: ERROR: The length of the PIN is out of range. === SO PIN (4-255 characters) === ^C C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1" === SO PIN (4-255 characters) === Please enter SO PIN: **** Please reenter SO PIN: **** === User PIN (4-255 characters) === Please enter user PIN: **** Please reenter user PIN: **** CKR_SLOT_ID_INVALID: Slot 0 does not exist. C:\SoftHSM2\bin>softhsm2-util.exe --show-slots Available slots: Slot 1526831955 Slot info: Description: SoftHSM slot ID 0x5b019b53 Manufacturer ID: SoftHSM project Hardware version: 2.2 Firmware version: 2.2 Token present: yes Token info: Manufacturer ID: SoftHSM project Model: SoftHSM v2 Hardware version: 2.2 Firmware version: 2.2 Serial number: cafa9efc5b019b53 Initialized: yes User PIN init.: yes Label: 0 token Slot 1 Slot info: Description: SoftHSM slot ID 0x1 Manufacturer ID: SoftHSM project Hardware version: 2.2 Firmware version: 2.2 Token present: yes Token info: Manufacturer ID: SoftHSM project Model: SoftHSM v2 Hardware version: 2.2 Firmware version: 2.2 Serial number: Initialized: no User PIN init.: no Label: C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 1 --label "My token 1" === SO PIN (4-255 characters) === Please enter SO PIN: **** Please reenter SO PIN: **** === User PIN (4-255 characters) === Please enter user PIN: **** Please reenter user PIN: **** The token has been initialized. C:\SoftHSM2\bin>softhsm2-util.exe --show-slots Available slots: Slot 1242738572 Slot info: Description: SoftHSM slot ID 0x4a12af8c Manufacturer ID: SoftHSM project Hardware version: 2.2 Firmware version: 2.2 Token present: yes Token info: Manufacturer ID: SoftHSM project Model: SoftHSM v2 Hardware version: 2.2 Firmware version: 2.2 Serial number: 00fbfb20ca12af8c Initialized: yes User PIN init.: yes Label: My token 1 Slot 1526831955 Slot info: Description: SoftHSM slot ID 0x5b019b53 Manufacturer ID: SoftHSM project Hardware version: 2.2 Firmware version: 2.2 Token present: yes Token info: Manufacturer ID: SoftHSM project Model: SoftHSM v2 Hardware version: 2.2 Firmware version: 2.2 Serial number: cafa9efc5b019b53 Initialized: yes User PIN init.: yes Label: 0 token Slot 2 Slot info: Description: SoftHSM slot ID 0x2 Manufacturer ID: SoftHSM project Hardware version: 2.2 Firmware version: 2.2 Token present: yes Token info: Manufacturer ID: SoftHSM project Model: SoftHSM v2 Hardware version: 2.2 Firmware version: 2.2 Serial number: Initialized: no User PIN init.: no Label: C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 2 --label "My token 2" === SO PIN (4-255 characters) === Please enter SO PIN: **** Please reenter SO PIN: **** === User PIN (4-255 characters) === Please enter user PIN: **** Please reenter user PIN: **** The token has been initialized. C:\SoftHSM2\bin>
在此之后,我有多个令牌被初始化。 非常感谢Jariq 。
如JDK 8 PKCS#11参考指南中所述,您需要在Sun PKCS#11 Provider配置文件中使用slotListIndex属性而不是slot属性。
使用您提供的测试应用程序,以下配置文件正常工作:
# Sun PKCS#11 provider configuration file for SoftHSMv2 name = SoftHSM2 library = d:\SoftHSM2\lib\softhsm2-x64.dll slotListIndex = 0
SoftHSMv2总是返回所有初始化的插槽/令牌……
…加上一个未初始化的附加内容,几乎每次PKCS#11调用都会返回CKR_TOKEN_NOT_RECOGNIZED错误…
…并且通过使用slotListIndex = 0您指示Sun PKCS#11 Provider仅使用第一个返回的插槽/令牌。