SoftHSM2 java not working

匿名 (未验证) 提交于 2019-12-03 02:29:01

问题:

I am trying to do POC on SoftHSM 2 , but some how I am getting below issue .

        Exception in thread "main" java.security.ProviderException: Initialization failed             at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)             at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)             at SoftHSM.main(SoftHSM.java:50)         Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_SLOT_ID_INVALID             at sun.security.pkcs11.wrapper.PKCS11.C_GetSlotInfo(Native Method)             at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:365)             ... 2 more

HSM Config File :

    # SoftHSM v2 configuration file     name= SoftHSM2     library = C:\SoftHSM2\lib\softhsm2-x64.dll     slot=1

If I comment slot=1 , then I am getting 

        Exception in thread "main" java.security.ProviderException: Initialization failed             at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)             at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)             at SoftHSM.main(SoftHSM.java:50)         Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_TOKEN_NOT_RECOGNIZED             at sun.security.pkcs11.wrapper.PKCS11.C_OpenSession(Native Method)             at sun.security.pkcs11.SessionManager.openSession(SessionManager.java:215)             at sun.security.pkcs11.SessionManager.getOpSession(SessionManager.java:150)             at sun.security.pkcs11.Token.<init>(Token.java:151)             at sun.security.pkcs11.SunPKCS11.initToken(SunPKCS11.java:858)             at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:367)             ... 2 more

due to some reason it is not getting intizlized. Does anybody can help me on get it running with Java .

My PC Details : Winn 10: 64 bit I have added VC++ distributaable as per requirement from softHSM.

I am attaching my java Source file 

    import java.security.Key;     import java.security.KeyStore;     import java.security.Provider;     import java.security.Security;      import javax.crypto.spec.SecretKeySpec;      import sun.security.pkcs11.SunPKCS11;      public class TestClass {            public static void main(String[] args) throws Exception {                 // Set up the Sun PKCS 11 provider                // String configName = "Z:\\SOFTHSM_INSTALL\\etc\\softhsm2.conf";               String configName = "softhsm2.cfg";                  Provider p = new SunPKCS11(configName);                  if (-1 == Security.addProvider(p)) {                     throw new RuntimeException("could not add security provider");                 }                  // Load the key store                 char[] pin = "mypin".toCharArray();                 KeyStore keyStore = KeyStore.getInstance("PKCS11", p);                 keyStore.load(null, pin);                  // AES key                 SecretKeySpec secretKeySpec = new SecretKeySpec("0123456789ABCDEF".getBytes(), "AES");                 Key key = new SecretKeySpec(secretKeySpec.getEncoded(), "AES");                  keyStore.setKeyEntry("AA", key, "1234".toCharArray(), null);                 keyStore.store(null); //this gives me the exception.           }      }

Please help me guys.

Seems to be I dont have any slots with token initialized. So trying to initialize the token. but getting below error. Can someone help me to identify mistake I did.

    C:\SoftHSM2\bin>softhsm2-util.exe --show-slots     Available slots:     Slot 0         Slot info:             Description:      SoftHSM slot ID 0x0             Manufacturer ID:  SoftHSM project             Hardware version: 2.2             Firmware version: 2.2             Token present:    yes         Token info:             Manufacturer ID:  SoftHSM project             Model:            SoftHSM v2             Hardware version: 2.2             Firmware version: 2.2             Serial number:             Initialized:      no             User PIN init.:   no             Label:      C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label Kumar     === SO PIN (4-255 characters) ===     Please enter SO PIN: ****     Please reenter SO PIN: ****     === User PIN (4-255 characters) ===     Please enter user PIN: ****     Please reenter user PIN: ****     ERROR 30: Could not initialize the token.

Solution:

I verified Windows Event Log as per Jariq, it says application corrupted. I did re-install the app for windows "softhsm2.msi".

and executed script is below here for Reference to people like me .

    Microsoft Windows [Version 10.0.14393]     (c) 2016 Microsoft Corporation. All rights reserved.      C:\WINDOWS\system32>cd\      C:\>cd SoftHSM2      C:\SoftHSM2>cd bin      C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"     === SO PIN (4-255 characters) ===     Please enter SO PIN:     ERROR: The length of the PIN is out of range.     === SO PIN (4-255 characters) ===     ^C     C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 0 --label "My token 1"     === SO PIN (4-255 characters) ===     Please enter SO PIN: ****     Please reenter SO PIN: ****     === User PIN (4-255 characters) ===     Please enter user PIN: ****     Please reenter user PIN: ****     CKR_SLOT_ID_INVALID: Slot 0 does not exist.      C:\SoftHSM2\bin>softhsm2-util.exe --show-slots     Available slots:     Slot 1526831955         Slot info:             Description:      SoftHSM slot ID 0x5b019b53             Manufacturer ID:  SoftHSM project             Hardware version: 2.2             Firmware version: 2.2             Token present:    yes         Token info:             Manufacturer ID:  SoftHSM project             Model:            SoftHSM v2             Hardware version: 2.2             Firmware version: 2.2             Serial number:    cafa9efc5b019b53             Initialized:      yes             User PIN init.:   yes             Label:            0 token     Slot 1         Slot info:             Description:      SoftHSM slot ID 0x1             Manufacturer ID:  SoftHSM project             Hardware version: 2.2             Firmware version: 2.2             Token present:    yes         Token info:             Manufacturer ID:  SoftHSM project             Model:            SoftHSM v2             Hardware version: 2.2             Firmware version: 2.2             Serial number:             Initialized:      no             User PIN init.:   no             Label:      C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 1 --label "My token 1"     === SO PIN (4-255 characters) ===     Please enter SO PIN: ****     Please reenter SO PIN: ****     === User PIN (4-255 characters) ===     Please enter user PIN: ****     Please reenter user PIN: ****     The token has been initialized.      C:\SoftHSM2\bin>softhsm2-util.exe --show-slots     Available slots:     Slot 1242738572         Slot info:             Description:      SoftHSM slot ID 0x4a12af8c             Manufacturer ID:  SoftHSM project             Hardware version: 2.2             Firmware version: 2.2             Token present:    yes         Token info:             Manufacturer ID:  SoftHSM project             Model:            SoftHSM v2             Hardware version: 2.2             Firmware version: 2.2             Serial number:    00fbfb20ca12af8c             Initialized:      yes             User PIN init.:   yes             Label:            My token 1     Slot 1526831955         Slot info:             Description:      SoftHSM slot ID 0x5b019b53             Manufacturer ID:  SoftHSM project             Hardware version: 2.2             Firmware version: 2.2             Token present:    yes         Token info:             Manufacturer ID:  SoftHSM project             Model:            SoftHSM v2             Hardware version: 2.2             Firmware version: 2.2             Serial number:    cafa9efc5b019b53             Initialized:      yes             User PIN init.:   yes             Label:            0 token     Slot 2         Slot info:             Description:      SoftHSM slot ID 0x2             Manufacturer ID:  SoftHSM project             Hardware version: 2.2             Firmware version: 2.2             Token present:    yes         Token info:             Manufacturer ID:  SoftHSM project             Model:            SoftHSM v2             Hardware version: 2.2             Firmware version: 2.2             Serial number:             Initialized:      no             User PIN init.:   no             Label:      C:\SoftHSM2\bin>softhsm2-util.exe --init-token --slot 2 --label "My token 2"     === SO PIN (4-255 characters) ===     Please enter SO PIN: ****     Please reenter SO PIN: ****     === User PIN (4-255 characters) ===     Please enter user PIN: ****     Please reenter user PIN: ****     The token has been initialized.      C:\SoftHSM2\bin>

After this I have more than one token initialized . Thanks you verymuch Jariq.

回答1:

As documented in JDK 8 PKCS#11 Reference Guide you need to use slotListIndex attribute instead of slot attribute in the Sun PKCS#11 Provider configuration file.

Following configuration file is working fine for me with the test application you have provided:

# Sun PKCS#11 provider configuration file for SoftHSMv2 name = SoftHSM2 library = d:\SoftHSM2\lib\softhsm2-x64.dll  slotListIndex = 0

SoftHSMv2 always returns all initialized slots/tokens...

...plus one additional which is not initialized and which returns CKR_TOKEN_NOT_RECOGNIZED error for almost every PKCS#11 call...

...and by using slotListIndex = 0 you are instructing Sun PKCS#11 Provider to use only the first returned slot/token.



标签
token
info
pin
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!