Giter VIP home page Giter VIP logo

docker-softhsm's Introduction

SoftHSM2 Docker Image

Build and run the image

With the default version of SoftHSM

  1. Build the image

    $ docker build --tag softhsm2:2.5.0 .

  2. Run the image

    $ docker run -ti --rm softhsm2:2.5.0 sh -l

With a specific version of SoftHSM

  1. Build the image

    $ VERSION=2.6.1 && docker build --build-arg SOFTHSM2_VERSION=$VERSION --tag softhsm2:$VERSION .

  2. Run the image

    $ docker run -ti --rm softhsm2:2.6.1 sh -l

Test it

Run the following commands within a running container.

  1. Initialise a new token

    $ softhsm2-util --init-token --slot 0 --label "My First Token"
=== SO PIN (4-255 characters) ===
Please enter SO PIN: ****
Please reenter SO PIN: ****
=== User PIN (4-255 characters) ===
Please enter user PIN: ****
Please reenter user PIN: ****
The token has been initialized and is reassigned to slot 384541823

  2. Test the module

    $ pkcs11-tool --module /usr/local/lib/softhsm/libsofthsm2.so -l -t
Using slot 0 with a present token (0x16eba47f)
Logging in to "My First Token".
Please enter User PIN: 
C_SeedRandom() and C_GenerateRandom():
  seems to be OK
Digests:
  all 4 digest functions seem to work
  MD5: OK
  SHA-1: OK
Signatures: not implemented
Verify (currently only for RSA)
  No private key found for testing
Unwrap: not implemented
Decryption (currently only for RSA)
No errors

  3. Generate a new RSA keypair

    $ pkcs11-tool --module /usr/local/lib/softhsm/libsofthsm2.so -l --keypairgen --key-type rsa:2048 --id 100 --label mykey
Using slot 0 with a present token (0x16eba47f)
Logging in to "My First Token".
Please enter User PIN: 
Key pair generated:
Private Key Object; RSA 
  label:      mykey
  ID:         0100
  Usage:      decrypt, sign, unwrap
Public Key Object; RSA 2048 bits
  label:      mykey
  ID:         0100
  Usage:      encrypt, verify, wrap

  4. Sign a file

    # create data to sign
$ echo "Data to sign" > data.txt

# apply signature
$ pkcs11-tool --module /usr/local/lib/softhsm/libsofthsm2.so --id 100 -s -m RSA-PKCS --input-file data.txt --output-file data.sig
Using slot 0 with a present token (0x16eba47f)
Logging in to "My First Token".
Please enter User PIN: 
Using signature algorithm RSA-PKCS

  5. Verify signature

    # extract pubkey
$ pkcs11-tool --module /usr/local/lib/softhsm/libsofthsm2.so -r --id 100 --type pubkey > pubkey.der
Using slot 0 with a present token (0x16eba47f)

# convert pubkey to PEM
$ openssl rsa -inform DER -outform PEM -in pubkey.der -pubin > pubkey.pem
writing RSA key

# verify signature
$ openssl rsautl -verify -inkey pubkey.pem -in data.sig -pubin
Data to sign

References

docker-softhsm's People

Contributors

psmiraglia avatar dennisgove avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.