The integration tests show:
- Successful SunPKCS11 login to SoftHSM2 and list existing keys
- Successful AES keygen, encrypt, decrypt
- Successful HMAC mac, verify
- Failed HMAC keygen (because SunPKCS11 does not support GENERIC-SECRET-KEY-GEN mechanism yet)
- Windows 10
- JDK 8u265+: https://adoptopenjdk.net/releases.html?variant=openjdk8&jvmVariant=hotspot
- Maven 3.6.3+: https://maven.apache.org/download.cgi
- SoftHSM v2.5.0+: https://github.com/disig/SoftHSM2-for-Windows/releases
- OpenSC v0.21+: https://github.com/OpenSC/OpenSC/releases
- "C:\SoftHSM2\bin\softhsm2-util.exe" --delete-token --token Token-0 --so-pin 0000
- "C:\SoftHSM2\bin\softhsm2-util.exe" --init-token --slot 0 --label Token-0 --pin 0000 --so-pin 0000
- "C:\SoftHSM2\bin\softhsm2-util.exe" --show-slots
- "C:\Program Files\OpenSC Project\OpenSC\tools\pkcs11-tool.exe" --module C:\SoftHSM2\lib\softhsm2-x64.dll --show-info --list-slots --list-token-slots --list-mechanisms --test
- "C:\Program Files\OpenSC Project\OpenSC\tools\pkcs11-tool.exe" --module C:\SoftHSM2\lib\softhsm2-x64.dll --slot-index 0 --pin 0000 --login --label hmacSha256 --keygen --key-type generic:125 --mechanism GENERIC-SECRET-KEY-GEN
export JAVA_HOME=C:\JDK8
set SOFTHSM2_CONF=C:\SoftHSM2\etc\softhsm2.conf
mvn clean verify
- Provider only: -Djava.security.debug=sunpkcs11
- Keystore only: -Djava.security.debug=pkcs11keystore
- All: -Djava.security.debug=all
- Edit log.level in the config file.
- Logs can be viewed in Windows event viewer.
SOFTHSM2_CONF = C:\SoftHSM2\etc\softhsm2.conf
directories.tokendir = C:\SoftHSM2\var\softhsm2\tokens\
objectstore.backend = file
log.level = INFO
Example generated SunPKCS11 file (C:\Users\winuser\AppData\Local\Temp\softhsm2-3360678726848364409.cfg
name=SoftHSM2
library=C:\SoftHSM2\lib\softhsm2-x64.dll
slotListIndex=0