SoftHSM2 java无法正常工作 [英] SoftHSM2 java not working
本文介绍了SoftHSM2 java无法正常工作的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试在SoftHSM 2上进行POC,但有些我如何得到以下问题。
线程中的异常主要的java.security.ProviderException:初始化失败
at sun.security.pkcs11.SunPKCS11。< init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11。< init> ;(SunPKCS11.java:103)SoftHSM.main的
(SoftHSM.java:50)
引起:sun.security.pkcs11.wrapper.PKCS11异常:sun.security的CKR_SLOT_ID_INVALID
。 pkcs11.wrapper.PKCS11.C_GetSlotInfo(原生方法)
at sun.security.pkcs11.SunPKCS11。< init>(SunPKCS11.java:365)
... 2 more
HSM配置文件:
#SoftHSM v2配置文件
name = SoftHSM2
library = C:\SoftHSM2 \lib \softhsm2-x64.dll
slot = 1
如果我评论slot = 1,那么我得到了
线程mainjava.security.ProviderException中的异常:sun.security.pkcs11.SunPKCS11初始化失败
。< init>( SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11。< init>(SunPKCS11.java:103)USB $ b at SoftHSM.main(SoftHSM.java:50)
引起作者:sun.security.pkcs11.wrapper.PKCS11Exception:CKR_TOKEN_NOT_RECOGNIZED
at sun.security.pkcs11.wrapper.PKCS11.C_OpenSession(Native Method)
at sun.security.pkcs11.SessionManager.openSession(SessionManager。 java:215)
at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:150)
at sun.security.pkcs11.Token。< init>(Token.java:151)
at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:858)
at sun.security.pkcs11.SunPKCS11。< init>(SunPKCS11.java:367)
.. 。更多
由于索姆是因为它没有得到充分利用。有没有人可以帮我运行Java。
我的电脑详情:
Winn 10:64 bit
我添加了VC ++ distributaable as来自softHSM的每个要求。
我附加了我的java源文件
import java.security.Key;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import sun.security.pkcs11.SunPKCS11;
公共类TestClass {
public static void main(String [] args)throws Exception {
//设置Sun PKCS 11提供程序
// String configName =Z:\\SOFTHSM_INSTALL \\etc\\softhsm2.conf;
String configName =softhsm2.cfg;
提供者p =新的SunPKCS11(configName);
if(-1 == Security.addProvider(p)){
抛出新的RuntimeException(无法添加安全提供程序);
}
//加载密钥库
char [] pin =mypin.toCharArray();
KeyStore keyStore = KeyStore.getInstance(PKCS11,p);
keyStore.load(null,pin);
// AES密钥
SecretKeySpec secretKeySpec = new SecretKeySpec(0123456789ABCDEF.getBytes(),AES);
Key key = new SecretKeySpec(secretKeySpec.getEncoded(),AES);
keyStore.setKeyEntry(AA,key,1234.toCharArray(),null);
keyStore.store(null); //这给了我一个例外。
}
}
请帮帮我伙计。
似乎我没有任何带有令牌初始化的插槽。所以尝试初始化令牌。但低于错误。有人可以帮我识别我做的错误。
C:\SoftHSM2 \bin> softhsm2-util.exe - show-slots
可用插槽:
插槽0
插槽信息:
描述:SoftHSM插槽ID 0x0
制造商ID:SoftHSM项目
硬件版本:2.2
固件版本:2.2
令牌存在:是
令牌信息:
制造商ID:SoftHSM项目
型号:SoftHSM v2
硬件版本:2.2
固件版本:2.2
序列号:
初始化:无
用户PIN初始值:no
标签:
C:\ SoftHSM2 \\ \\ bin> softhsm2-util.exe --init-token --slot 0 --label Kumar
=== SO PIN(4-255个字符)===
请输入SO PIN:** **
请重新输入SO PIN:****
===用户密码(4-255字符)===
请输入用户密码:****
请重新输入用户密码:****
错误30:无法初始化令牌。
解决方案:
我验证了Windows事件根据Jariq记录,它说应用程序已损坏。
我重新安装了windowssofthsm2.msi的应用程序。
并且执行脚本在这里以供参考像我这样的人。
Microsoft Windows [版本10.0.14393]
(c)2016 Microsoft Corporation。版权所有。
C:\ WINDOWS \ system32> cd \
C:\> cd SoftHSM2
C:\ SoftHSM2> cd bin
C:\SoftHSM2 \bin> softhsm2-util.exe --init-token --slot 0 --label我的令牌1
=== SO PIN (4-255个字符)===
请输入SO PIN:
错误:PIN的长度超出范围。
=== SO PIN(4-255个字符)===
^ C
C:\ SoftHSM2 \bin> softhsm2-util.exe --init-token --slot 0 - 标签我的令牌1
=== SO PIN(4-255个字符)===
请输入SO PIN:****
请重新输入SO PIN:* ***
===用户密码(4-255个字符)===
请输入用户密码:****
请重新输入用户密码:****
CKR_SLOT_ID_INVALID:插槽0不存在。
C:\SoftHSM2 \bin> softhsm2-util.exe - 显示插槽
可用插槽:
插槽1526831955
插槽信息:
描述:SoftHSM插槽ID 0x5b019b53
制造商ID:SoftHSM项目
硬件版本:2.2
固件版本:2.2
令牌存在:是
令牌信息:
制造商ID:SoftHSM项目
型号:SoftHSM v2
硬件版本:2.2
固件版本:2.2
序列号:cafa9efc5b019b53
初始化:是
用户PIN初始值:是
标签:0令牌
插槽1
插槽信息:
描述:SoftHSM插槽ID 0x1
制造商ID:SoftHSM项目
硬件版本:2.2
固件版本:2.2
令牌现在:是
令牌信息:
制造商ID:SoftHSM项目
型号:SoftHSM v2
硬件版本:2.2
固件版本:2.2
序列号:
初始化:无
用户PIN初始值:no
标签:
C:\SoftHSM2 \bin> softhsm2-util.exe --init-token --slot 1 - 标签我的令牌1
=== SO PIN(4-255个字符)===
请输入SO PIN:****
请重新输入SO密码:****
===用户密码(4-255个字符)===
请输入用户密码:****
请重新输入用户密码:****
令牌已初始化。
C:\ SoftHSM2 \bin> softhsm2-util.exe - 显示插槽
可用插槽:
插槽1242738572
插槽信息:
描述:SoftHSM插槽ID 0x4a12af8c
制造商ID:SoftHSM项目
硬件版本:2.2
固件版本:2.2
令牌存在:是
令牌信息:
制造商ID:SoftHSM项目
型号:SoftHSM v2
硬件版本:2.2
固件版本:2.2
序列号:00fbfb20ca12af8c
初始化:是
用户PIN初始值:是
标签:我的令牌1
插槽1526831955
插槽信息:
描述:SoftHSM插槽ID 0x5b019b53
制造商ID:SoftHSM项目
硬件版本:2.2
固件版本:2.2
令牌存在:是
令牌信息:
制造商ID:SoftHSM项目
型号:SoftHSM v2
硬件版本:2.2
固件版本:2.2
序列号:cafa9efc5b019b53
初始化:是
用户PIN初始化:是
标签:0令牌
插槽2
插槽信息:
描述:SoftHSM插槽ID 0x2
制造商ID:SoftHSM项目
硬件版本:2.2
固件版本:2.2
令牌存在:是
令牌信息:
制造商ID:SoftHSM项目
型号:SoftHSM v2
硬件版本:2.2
固件版本:2.2
序列号:
初始化:无
用户PIN初始值:no
拉贝l:
C:\SoftHSM2 \bin> softhsm2-util.exe --init-token --slot 2 --label我的令牌2
=== SO PIN (4-255个字符)===
请输入SO PIN:****
请重新输入SO PIN:****
===用户PIN码(4-255个字符) ===
请输入用户密码:****
请重新输入用户密码:****
令牌已初始化。
C:\ SoftHSM2 \ bin>
此后我初始化了多个令牌。非常感谢你 Jariq 。
解决方案
如
...加上一个未初始化的附加内容,并且几乎每次PKCS#11调用都会返回 CKR_TOKEN_NOT_RECOGNIZED 错误...
...并使用 slotListIndex = 0 您正在指示Sun PKCS#11 Provider仅使用第一个返回的插槽/令牌。
I am trying to do POC on SoftHSM 2 , but some how I am getting below issue .
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at SoftHSM.main(SoftHSM.java:50)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SLOT_ID_INVALID
at sun.security.pkcs11.wrapper.PKCS11.C_GetSlotInfo(Native Method)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:365)
... 2 more
HSM Config File :
# SoftHSM v2 configuration file
name= SoftHSM2
library = C:\SoftHSM2\lib\softhsm2-x64.dll
slot=1
If I comment slot=1 , then I am getting
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at SoftHSM.main(SoftHSM.java:50)
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_TOKEN_NOT_RECOGNIZED
at sun.security.pkcs11.wrapper.PKCS11.C_OpenSession(Native Method)
at sun.security.pkcs11.SessionManager.openSession(SessionManager.java:215)
at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:150)
at sun.security.pkcs11.Token.<init>(Token.java:151)
at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:858)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:367)
... 2 more
due to some reason it is not getting intizlized. Does anybody can help me on get it running with Java .
My PC Details : Winn 10: 64 bit I have added VC++ distributaable as per requirement from softHSM.
I am attaching my java Source file
import java.security.Key;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import javax.crypto.spec.SecretKeySpec;
import sun.security.pkcs11.SunPKCS11;
public class TestClass {
public static void main(String[] args) throws Exception {
// Set up the Sun PKCS 11 provider
// String configName = "Z:\\SOFTHSM_INSTALL\\etc\\softhsm2.conf";
String configName = "softhsm2.cfg";
Provider p = new SunPKCS11(configName);
if (-1 == Security.addProvider(p)) {
throw new RuntimeException("could not add security provider");
}
// Load the key store
char[] pin = "mypin".toCharArray();
KeyStore keyStore = KeyStore.getInstance("PKCS11", p);
keyStore.load(null, pin);
// AES key
SecretKeySpec secretKeySpec = new SecretKeySpec("0123456789ABCDEF".getBytes(), "AES");
Key key = new SecretKeySpec(secretKeySpec.getEncoded(), "AES");
keyStore.setKeyEntry("AA", key, "1234".toCharArray(), null);
keyStore.store(null); //this gives me the exception.
}
}
Please help me guys.
Seems to be I dont have any slots with token initialized. So trying to initialize the token. but getting below error. Can someone help me to identify mistake I did.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 0
Slot info:
Description: SoftHSM slot ID 0x0
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label Kumar
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
ERROR 30: Could not initialize the token.
Solution:
I verified Windows Event Log as per Jariq, it says application corrupted. I did re-install the app for windows "softhsm2.msi".
and executed script is below here for Reference to people like me .
Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.
C:\WINDOWS\system32>cd\
C:\>cd SoftHSM2
C:\SoftHSM2>cd bin
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN:
ERROR: The length of the PIN is out of range.
=== SO PIN (4-255 characters) ===
^C
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
CKR_SLOT_ID_INVALID: Slot 0 does not exist.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 1526831955
Slot info:
Description: SoftHSM slot ID 0x5b019b53
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: cafa9efc5b019b53
Initialized: yes
User PIN init.: yes
Label: 0 token
Slot 1
Slot info:
Description: SoftHSM slot ID 0x1
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 1 --label "My token 1"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized.
C:\SoftHSM2\bin>softhsm2-util.exe --show-slots
Available slots:
Slot 1242738572
Slot info:
Description: SoftHSM slot ID 0x4a12af8c
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: 00fbfb20ca12af8c
Initialized: yes
User PIN init.: yes
Label: My token 1
Slot 1526831955
Slot info:
Description: SoftHSM slot ID 0x5b019b53
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number: cafa9efc5b019b53
Initialized: yes
User PIN init.: yes
Label: 0 token
Slot 2
Slot info:
Description: SoftHSM slot ID 0x2
Manufacturer ID: SoftHSM project
Hardware version: 2.2
Firmware version: 2.2
Token present: yes
Token info:
Manufacturer ID: SoftHSM project
Model: SoftHSM v2
Hardware version: 2.2
Firmware version: 2.2
Serial number:
Initialized: no
User PIN init.: no
Label:
C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 2 --label "My token 2"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized.
C:\SoftHSM2\bin>
After this I have more than one token initialized . Thanks you verymuch Jariq.
解决方案
As documented in JDK 8 PKCS#11 Reference Guide you need to use slotListIndex attribute instead of slot attribute in the Sun PKCS#11 Provider configuration file.
Following configuration file is working fine for me with the test application you have provided:
# Sun PKCS#11 provider configuration file for SoftHSMv2
name = SoftHSM2
library = d:\SoftHSM2\lib\softhsm2-x64.dll
slotListIndex = 0
SoftHSMv2 always returns all initialized slots/tokens...
...plus one additional which is not initialized and which returns CKR_TOKEN_NOT_RECOGNIZED error for almost every PKCS#11 call...
...and by using slotListIndex = 0 you are instructing Sun PKCS#11 Provider to use only the first returned slot/token.
这篇关于SoftHSM2 java无法正常工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
