harrison314 / bouncyhsm Goto Github PK
View Code? Open in Web Editor NEWBouncy Hsm is a software simulator of HSM and smartcard simulator with HTML UI, REST API and PKCS#11 interface.
License: BSD 3-Clause "New" or "Revised" License
Bouncy Hsm is a software simulator of HSM and smartcard simulator with HTML UI, REST API and PKCS#11 interface.
License: BSD 3-Clause "New" or "Revised" License
Migrate to .Net 8 and release new version.
For deployment scenarios with deploy to URL with base path eg. https://myproject.com/Hsm/
set BasePath
in configuration.
(in index.htm
must by replaced <base href="/" />
)
First off - love this package. It has been great for experimenting with PKCS11 and having some visibility into what I'm creating on the HSM. Definitely prefer it over softHSM. But I did run into one issue:
If I try to grab attribute values from keys stored in the HSM, the pkcs11.GetAttributeValue works fine unless the attribute is boolean, in which case it fails. Hard to know exactly where it fails but the function works fine with softHSM so pretty sure its on the HSM side. Here is the function I'm running.
`func ListObjects(lib string, pin string, slot uint) {
p, session := activateToken(lib, pin, slot) //helper function to set up connection
defer deactivateToken(p, session) //helper function to tear down connection
listattr := []*pkcs11.Attribute{
pkcs11.NewAttribute(pkcs11.CKA_LABEL, nil),
pkcs11.NewAttribute(pkcs11.CKA_ID, nil),
pkcs11.NewAttribute(pkcs11.CKA_CLASS, nil),
pkcs11.NewAttribute(pkcs11.CKA_KEY_TYPE, nil),
pkcs11.NewAttribute(pkcs11.CKA_EXTRACTABLE, nil),
}
p.FindObjectsInit(session, []*pkcs11.Attribute{pkcs11.NewAttribute(pkcs11.CKA_PRIVATE, true)})
handles, _, _ := p.FindObjects(session, 5)
for _, handle := range handles {
values, err := p.GetAttributeValue(session, handle, listattr)
if err != nil {
fmt.Printf("An error occurred retrieving the key attribute values. Error: %s", err.Error())
}
cls := keyClassToString(values[2].Value) // converts []byte to class string
ts := keyTypeToString(values[3].Value) // converts []byte to key type string
ex := keyBytetoBool(values[4].Value) //converts []byte to boolean
fmt.Println("---------------------------------------------------------------")
fmt.Printf("The found key has handle: %d with the following properties:\n", handle)
fmt.Printf("KeyClass: %s\nKeytype: %s\nLabel: %s\nID: %s\nExportable: %t\n", cls, ts, values[0].Value, values[1].Value, ex)
}
}`
Are additional storages desired?
Is LiteDb not enough, or is remote/shared storage required?
Example MySQL storage: MySqlPersistentRepository.zip
Add metadata (key-value pairs) to slot storage for future or customer specific extensions (eg. multi-card authentification with custom native functions).
Or add metadata to objects (eg. for atestation).
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.