There are no unit tests for the SessionManager, only a place holder. Also remember to initiate the auto_ptr/unique_ptr for MutexFactory and SecureMemoryRegistry if they are used by the code.

There is a segmentation violation when closing the softhsm2 library when it was opened dynamically using dlopen(). It happens when the library is initialized using C_Initialize(), but no C_Finalize is called prior unloading the library.

int
main(int argc, char** argv)
{
    int i;
    void* handle;
    void* symbol;
    CK_FUNCTION_LIST_PTR table;
    CK_SESSION_HANDLE session;
    handle = dlopen("/usr/local/lib/softhsm/libsofthsm2.so", RTLD_NOW | RTLD_LOCAL);
    symbol = dlsym(handle, "C_GetFunctionList");
    ((CK_C_GetFunctionList) symbol)(&table);
    table->C_Initialize(&InitArgs);
    return 0;
}

Note the dlclose is implicit here, but an explicit dlclose as the end results in about the same. It will result in

Program terminated with signal 11, Segmentation fault.
#0  0x00007f7cc62ad943 in SoftHSM::C_Finalize (this=0x11d5390, pReserved=0x0)
    at SoftHSM.cpp:513
513     if (handleManager != NULL) delete handleManager;

Simply because all the vptr is already gone. My personal take would be to remove the libcleanup() function alltogether, it is an attempt to close off properly when the calling program has not done so (which is the case above), but that won't always work properly.

I need CKM_AES_KEY_WRAP_PAD support, which version openssl is required?

it looks like only openssl 1.1.0 support EVP_aes_*_wrap_pad() which is called by softHSM. But 1.1.0 remove BN_init(), so softHSM configure fails.

Is there suggestion ?

There are changes in OpenSSL 1.1.0 that requires updated code in SoftHSM. Build, test and update the code so that we support both 1.0.0 and 1.1.0.

The include path for OpenSSL is not set correctly by the perl script.

I had to manually add the include path to the following modules:

• objstoretest
• p11test
• datamgrtest
• softhsm2
• slotmgrtest

Adding

 '@INCLUDEPATH@;@CUINCPATH@;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>' 

in all visual studio input files is fixing this in the Debug and Releaseconfiguration is fixing this.

Attached is a fix:

softhsm2.txt

Note: I was not using the path C:\build for building the library.

SoftHSMv2# sh autogen.sh
configure.ac:183: error: possibly undefined macro: AC_PROG_LIBTOOL
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
autoreconf: /usr/bin/autoconf failed with exit status: 1

Update SoftHSM to the latest PKCS#11 version. This requires new header files and updated source code.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-6

Hello,
is it possible to uninitialize a token? Like you initialize a token of a slot you should also be able to uninit it (like if you pull a real smartcard out of reader).

Thank you!

Is there any basic , sanity checking kind test code to verify the installation is successful ?
I cannot find it from source code, so just want to confirm.

The attribute CKA_ALWAYS_AUTHENTICATE is accepted by private key objects, but no action is made when this attribute is set to true.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-82

I've noticed that the .o files from the tests gets really large and the test program also. They currently take over 300meg extra disk space on the test platform nodes. That would mean that one pull request build will eat 400meg disk space and this will be a problem if many pull requests are built since the test platform nodes have limited amount of disk.

A simple strip of the .o files removed 95%.

Can someone look into why they are so big or maybe just strip them?

Other .o files are not striped and does not take much space, may be something wrong with the LDFLAGS.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-77

I cannot find that this behavior is defined in the PKCS#11 spec.In fact it is necessary to allow this to build key derivation functions (KDF) based on the hash of the key. I have not tried to use a C_DeriveKey with e.g. CKM_SHA1_KEY_DERIVATION because I do want to create a key on the token and my KDF is also using a salt in the beginning.

Neither in the function definition of C_DigestKey on page 148 nor on Page 92, V2.30:

CKR_KEY_INDIGESTIBLE: This error code can only be returned by C_DigestKey.
It indicates that the value of the specified key cannot be digested for some reason
(perhaps the key isn’t a secret key, or perhaps the token simply can’t digest this kind
of key).

The same is true for the CKA_SENSITIVE check which should be removed to be spec compliant.

Visual Studio 14 CTP for Window 10 defines the C99 standard function snprintf and raises an error in stdio.h when already defined, so the usual redefine of snprintf into _snprintf must be disabled when _MSC_VER >= 1900.

Migrated from:
https://issues.opendnssec.org/browse/SUPPORT-144

I am not getting what I expected when using the GnuTLS generic utility p11tool for token initialisation (of an already existing token):

GNUTLS_PIN=1234 p11tool --provider /path/to/softhsm2.so --initialize 'pkcs11:yada;yada;yada'

This calls C_InitToken() on the slot holding the token found in the slot referenced by pkcs11:yada;yada;yada:

• https://gitlab.com/gnutls/gnutls/blob/gnutls_3_4_9/src/p11tool.c#L289
• https://gitlab.com/gnutls/gnutls/blob/gnutls_3_4_9/src/pkcs11.c#L886
• https://gitlab.com/gnutls/gnutls/blob/gnutls_3_4_9/lib/pkcs11_write.c#L1168
• https://gitlab.com/gnutls/gnutls/blob/gnutls_3_4_9/lib/pkcs11_int.c#L244

The C_InitToken() function requires the SO-PIN, but after entering it p11tool consistently fails. It seems that the token may be completely destroyed by the call, which is not what I would have expected. To be honest, I am confused what is really going on. My expectation was that the token would continue to exist, but with all private keys removed and the user PIN removed.

I am assuming that SoftHSMv2 is the problem, because tokens seem to be removed. But I cannot be completely certain, of course.

Related to:
#105
#124

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-123

The CKA_ALLOWED_MECHANISMS is not supported for key objects. If it is added, then correct checks in the different crypto operations must be implemented.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-81

The build environment compiles Botan using the script in testing/build-botan.sh

The performance of Botan can be improved by adding --with-gnump to the configure.py in Botan. Requires libgmp-dev

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-75

If I did it correctly, the SoftHSMv2 installs all PKCS #11 repositories in /var/lib/softhsm/tokens/, but it has difficulties being usable to users.

Have you considered:

• Granting more liberal access rights to /var/lib/softhsm/ and /var/lib/softhsm/tokens/
• Making token directories immobility with the sticky bit on /var/lib/softhsm/tokens/
• Making shared tokens stick to their initial owners with the setuid/setgid bits on /var/lib/softhsm/tokens/*/

I hope this helps. I could not create a PKCS #11 token as a humble user, which surprised me.

Francis Dupont:
Tentative support for Crypto++ library.
Works well but unfortunately Crypto++ doesn't support natively some options which are critical for users.
Note the FIPS version is WIN32 binary.
I can pull a request if wanted.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-53

Hello,

I'm unable to configure the master branch with openssl vs botan

Command:
./configure --with-objectstore-backend-db
--with-openssl=/usr/local/ssl
--with-sqlite3=/usr/local/sqlite

output:
configure: error: Missing the correct version of the Botan library

repeatable: 100%

does work with with zipfile source distribution: http://dist.opendnssec.org/source/testing/softhsm-2.0.0b3.tar.gz

Thank you!
~Gordon
[email protected]

Hallo

use softhsm version 2

I try to generate RSA signature, but already C_SignInit fails with CKR_GENERAL_ERROR :

CK_OBJECT_HANDLE uiKeyFnd;
CK_MECHANISM mechanism;
mechanism.mechanism = CKM_RSA_PKCS;
mechanism.pParameter = NULL;
mechanism.ulParameterLen = 0;

...
rv = C_SignInit(hSession, &mechanism, uiKeyFnd);

is it known issue, or am I doing something wrong

Thx M.M.

I am using C_DeriveKey() with CKM_DH_PKCS_DERIVE to perform a modexp operation with a private exponent:
https://github.com/arpa2/srp-pkcs11/blob/ce93a4b19fbe32a34dddd2a6d70e2234866916a7/srp11.c#L958

The derivation yields a CKO_SECRET_KEY with VALUE_LEN set to the prime/modulus size. I would have expected to find either leading 0x00 bytes or results that are reduced in size in 1 out of 256 cases, but I inserted a line
printf ("p11_mod_exp() returns %d bytes 0x%02x 0x%02x...\n", attr_outcome.ulValueLen, tmpkey [0], tmpkey [1]);
and started measuring:

shell$ grep 'p11_mod_exp() returns 512 bytes' /tmp/x | wc -l  
10000
shell$ grep 'p11_mod_exp() returns 511 bytes' /tmp/x | wc -l
0

shell$  for firstbyte in 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 0x08 0x09 0x0a 0x0b 0x0c 0x0d 0x0e 0x0f; do echo -n "Occurrences of $firstbyte: " ; grep "p11_mod_exp() returns 512 bytes $firstbyte" /tmp/x | wc -l ; done
Occurrences of 0x00: 0
Occurrences of 0x01: 40
Occurrences of 0x02: 40
Occurrences of 0x03: 41
Occurrences of 0x04: 41
Occurrences of 0x05: 46
Occurrences of 0x06: 43
Occurrences of 0x07: 27
Occurrences of 0x08: 44
Occurrences of 0x09: 45
Occurrences of 0x0a: 35
Occurrences of 0x0b: 32
Occurrences of 0x0c: 35
Occurrences of 0x0d: 34
Occurrences of 0x0e: 45
Occurrences of 0x0f: 45

It is consistent to not get the 0x00 initial byte or a reduced length in 1 out of 256 cases. As a matter of fact, what I do get from my program is an outcome that is 256x too high in 1 out of 256 cases :-)

I cannot find it in the SoftHSMv2 code (I've looked) but it seems clear to me that there is something going on with removal of initial zero bytes that do not report back properly in the form of the length of the object stored and/or reported back through GetAttributeValues(); otherwise I should have had a proper result from

https://github.com/arpa2/srp-pkcs11/blob/ce93a4b19fbe32a34dddd2a6d70e2234866916a7/srp11.c#L1004

I'm sorry I can't be more helpful than reporting from the outside alone.

Trying to use SoftHSMv2 (commit b6ac6ef from develop branch) as openssl (1.0.2d 9 Jul 2015 in Ubuntu 15.10) engine but it crashes during initialization:

% openssl engine -t dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/local/lib/softhsm/libsofthsm2.so
(dynamic) Dynamic engine loading support
[Success]: SO_PATH:/usr/lib/engines/engine_pkcs11.so
[Success]: ID:pkcs11
[Success]: LIST_ADD:1
[Success]: LOAD
[Success]: MODULE_PATH:/usr/local/lib/softhsm/libsofthsm2.so
Loaded: (pkcs11) pkcs11 engine
zsh: segmentation fault (core dumped)  openssl engine -t dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre

The problem seems to be that during the initialization in C_Initialize softhsm uses RAND_bytes [1] from openssl which then tries to use the engine and it ends up in C_Initialize again, ad infinitum...

[1] https://github.com/opendnssec/SoftHSMv2/blob/develop/src/lib/crypto/OSSLRNG.cpp#L44

Here is the stack trace what is happening:

% gdb openssl -ex 'run engine -t dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/local/lib/softhsm/libsofthsm2.so'

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff73abc3e in _IO_vfprintf_internal (s=s@entry=0x7fffff7ff210,
    format=format@entry=0x7ffff691cde8 "%s/.config/softhsm2/softhsm2.conf", ap=ap@entry=0x7fffff7ff388)
    at vfprintf.c:257
257     vfprintf.c: No such file or directory.
(gdb) bt
#0  0x00007ffff73abc3e in _IO_vfprintf_internal (s=s@entry=0x7fffff7ff210, format=format@entry=0x7ffff691cde8 "%s/.config/softhsm2/softhsm2.conf",
    ap=ap@entry=0x7fffff7ff388) at vfprintf.c:257
#1  0x00007ffff7478556 in ___vsnprintf_chk (s=0x7fffff7ff4a0 "", maxlen=<optimized out>, flags=1, slen=<optimized out>,
        format=0x7ffff691cde8 "%s/.config/softhsm2/softhsm2.conf", args=args@entry=0x7fffff7ff388) at vsnprintf_chk.c:63
#2  0x00007ffff74784b8 in ___snprintf_chk (s=s@entry=0x7fffff7ff4a0 "", maxlen=maxlen@entry=256, flags=flags@entry=1, slen=slen@entry=256,
            format=format@entry=0x7ffff691cde8 "%s/.config/softhsm2/softhsm2.conf") at snprintf_chk.c:34
#3  0x00007ffff68e5733 in snprintf (__fmt=<optimized out>, __n=<optimized out>, __s=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/stdio2.h:65
#4  get_user_path () at SimpleConfigLoader.cpp:229
#5  0x00007ffff68e59ad in SimpleConfigLoader::getConfigPath (this=<optimized out>) at SimpleConfigLoader.cpp:249
#6  0x00007ffff68e5acb in SimpleConfigLoader::loadConfiguration (this=0x6c7790) at SimpleConfigLoader.cpp:78
#7  0x00007ffff68e2755 in Configuration::reload (this=0x6c77b0) at Configuration.cpp:156
#8  0x00007ffff68e279c in Configuration::reload (this=<optimized out>, inConfigLoader=inConfigLoader@entry=0x6c7790) at Configuration.cpp:171
#9  0x00007ffff68c21aa in SoftHSM::C_Initialize (this=0x6b1200, pInitArgs=<optimized out>) at SoftHSM.cpp:453
#10 0x00007ffff68a8354 in C_Initialize (pInitArgs=0x7fffff7ffe10) at main.cpp:126
#11 0x00007ffff6d5338a in PKCS11_CTX_load () from /usr/lib/x86_64-linux-gnu/libp11.so.2
#12 0x00007ffff6f5b45c in ?? () from /usr/lib/engines/engine_pkcs11.so
#13 0x00007ffff7837e69 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#14 0x00007ffff7838d8b in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#15 0x00007ffff7847ae6 in RAND_get_rand_method () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#16 0x00007ffff7847c60 in RAND_bytes () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#17 0x00007ffff68fb095 in OSSLRNG::generateRandom (this=<optimized out>, data=..., len=32) at OSSLRNG.cpp:44
#18 0x00007ffff6902500 in SecureDataManager::initObject (this=this@entry=0x1f26190) at SecureDataManager.cpp:63
#19 0x00007ffff6902702 in SecureDataManager::SecureDataManager (this=0x1f26190, soPINBlob=..., userPINBlob=...) at SecureDataManager.cpp:85
#20 0x00007ffff6918dda in Token::Token (this=0x1f22810, inToken=<optimized out>) at Token.cpp:63
#21 0x00007ffff69186a9 in Slot::Slot (this=0x1f23b00, inObjectStore=<optimized out>, inSlotID=<optimized out>, inToken=0x1f25a00) at Slot.cpp:50
#22 0x00007ffff6917898 in SlotManager::insertToken (this=0x1f24cc0, objectStore=0x1f24a00, slotID=169247132, pToken=0x1f25a00) at SlotManager.cpp:73
#23 0x00007ffff6917f0d in SlotManager::SlotManager (this=0x1f24cc0, objectStore=0x1f24a00) at SlotManager.cpp:65
#24 0x00007ffff68c2532 in SoftHSM::C_Initialize (this=0x6b1200, pInitArgs=<optimized out>) at SoftHSM.cpp:487
#25 0x00007ffff68a8354 in C_Initialize (pInitArgs=0x7fffff800400) at main.cpp:126
#26 0x00007ffff6d5338a in PKCS11_CTX_load () from /usr/lib/x86_64-linux-gnu/libp11.so.2
#27 0x00007ffff6f5b45c in ?? () from /usr/lib/engines/engine_pkcs11.so
#28 0x00007ffff7837e69 in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#29 0x00007ffff7838d8b in ?? () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#30 0x00007ffff7847ae6 in RAND_get_rand_method () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#31 0x00007ffff7847c60 in RAND_bytes () from /lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#32 0x00007ffff68fb095 in OSSLRNG::generateRandom (this=<optimized out>, data=..., len=32) at OSSLRNG.cpp:44
#33 0x00007ffff6902500 in SecureDataManager::initObject (this=this@entry=0x1f24fa0) at SecureDataManager.cpp:63
[ ... and so on ... ]

GnuMP is not available on WIN32 but its MPIR fork is and provides a compatible API. At the other hand Botan is a bit slow when compiled without GnuMP.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-106

I would like to use SoftHSM for the automatic testing of the SSSD Smartcard authentication feature. We use the CKF_REMOVABLE_DEVICE flag to filter the available slots to make it easier to identify a suitable slot for authentication.

The flags are currently hardcoded to CKF_TOKEN_PRESENT in Slot::getSlotInfo() and we have a special code in SSSD which detects if the PKCS#11 module is softhsm2 and drops the CKF_REMOVABLE_DEVICE check in this case.

It would be nice if softhsm2-util would offer a --slot-flags (or similar) option which would allow to set CKF_REMOVABLE_DEVICE on a given slot and store it together with the other slot specific data like PIN and SO-PIN.

(originally posted as https://issues.opendnssec.org/browse/SUPPORT-178)

I was testing SoftHSMv2 through PKCS#11 and I found it is working fine for ECDSA algorithms ES256 and ES384 but it is not working for the algorithm ES512 (curve P-521)

Are there any plans for ECDSA with EC P-521 support?

Reported by Bryan G. Olson in https://issues.opendnssec.org/browse/SUPPORT-179:

In OSSLEVPSymmetricAlgorithm.cpp the member functions encryptUpdate() and decryptUpdate() both set the required output buffer size for the calls to the OpenSSL functions EVP_EncryptUpdate() and EVP_DecryptUpdate() with code like:

data.resize(incommingData.size() + getBlockSize() - 1);

That is correct for the call EVP_EncryptUpdate, but one byte too short for the call to EVP_DecryptUpdate. The OpenSSL doc https://www.openssl.org/docs/manmaster/crypto/EVP_EncryptInit.html first describes EVP_EncryptUpdate:

The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1) so out should contain sufficient room.

Then describes the decryption version as almost the same:

The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer out passed to EVP_DecryptUpdate() should have sufficient room for (inl + cipher_block_size) bytes unless the cipher block size is 1 in which case inl bytes is sufficient.

Note the one-byte difference in the required output buffer size. Obviously the fix is to remove the "- 1" from the argument to data.resize() in decryptUpdate().

Nikos Mavrogiannopoulos:
If one runs "softhsm2-util --init-token --slot xx", there is no way to stop that process from that point on. Pressing CTRL+C or CTRL+D during the password prompts brings:
SO PIN (4-255 characters) ***
Please enter SO PIN: ERROR: The length of the PIN is out of range.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-118
https://issues.opendnssec.org/browse/SUPPORT-161

Compile SoftHSMv2 on Windows and see that it still builds/works.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-64

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-74

Hello,

Going through C_DeriveKey, I was a bit surprised about the use of the CK_RV values in the subject; I would often expect them to be used the other way around in relation to CKA_VALUE / CKA_VALUE_LEN:
_INCOMPLETE when CKA_VALUE_LEN is missing
_INCONSISTENT when the values are wrong in combination with other places

Maybe this is worth some attention; it almost appears as though a too-automatic search & replace has confused the two. Let me know if you want concrete places.

-Rick

Hi.
I am following the "Building SoftHSM2 for Windows" guide and have encountered issues.
Visual Studio 2015 community is failing to build with the following errors:
Severity Code Description Project File Category Source Error
LNK2001 unresolved external symbol "public: virtual class ByteString __thiscall AESKey::getKeyCheckValue(void)const " (?getKeyCheckValue@AESKey@@UBE?AVByteString@@XZ) datamgrtest C:\build\src\softhsm-2.1.0\win32\datamgrtest\convarch.lib(RFC4880.obj) Build

This error repeats for the majority of the projects.

Any thoughts on what I should do to resolve it?

Attached are all the vs2015 errors and output of the Configuration script.
softhsm2problems.txt

regards
Charles Luotsinen

It seems that guys from Cryptosense were performing PKCS#11 compliance tests with SoftHSM2 and published report with one critical issue. According to their report it seems that SoftHSM2 does not set CKA_NEVER_EXTRACTABLE attribute to CK_FALSE on objects created with C_CreateObject function. I don't have enough time to verify if this is true but I wanted to let you know of their finding.

It would be great to have further mechanisms implemented for DeriveKey (like the CKM_XOR_BASE_AND_DATA mechanisms).

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-122

With some OpenSSL builts the link can failed because the SAFESEH option didn't exist or was disabled in the OpenSSL library.

The suggested fix is to check for this condition and raise an error during the Configure phase (because SAFESEH is an important security feature and this issue is only one of the possible trouble from a runtime/linker option mismatch).

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-105

p11test.exe
..................F.........................................

!!!FAILURES!!!
Test Results:
Run: 59 Failures: 1 Errors: 0

1. test: InfoTests::testGetSlotInfoAlt (F) line: 209 ....\src\lib\test\InfoTest
   s.cpp
   assertion failed

• Expression: rv == CKR_OK

Hi,

As the title, i want to write a CSP library for logon, sign, web authentication...on Windows. Can i do that based on SoftHSM? Has somebody can give me some hints?

There is currently no data integrity checks for SoftHSM objects, something that would be useful in order to protect against accidental or malicious data corruption. One possible way to implement this would be to add an encrypted checksum to each stored object, validating this checksum before the object is used.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-60

We may consider adding a 1-key cache or similar to improve the performance:

Comment from SOFTHSM-10:
I made a quick and dirty 1-key cache. Just to test the concept (nothing that should be pushed to the general repository). Saving the key handle and private key in the session. The performance in SoftHSMv2+OpenSSL was improved with 34.6% and SoftHSMv2+Botan was improved with a whopping 247.6%.

SoftHSMv2 OpenSSL (1-key cache):
ods-hsmspeed -r SoftHSM -i 50000 -s 1024 -t 4
2281.72 sig/s

SoftHSMv2 Botan (--with-gnump) (1-key cache):
ods-hsmspeed -r SoftHSM -i 50000 -s 1024 -t 4
3698.57 sig/s

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-65

Initializing an empty token will probably change the slot order, so the user should not use the slot number for other commands than for initialization.

Update the command utils to use the label or serial to find the token and its slot number.

This crashes other code that also uses libcrypto. See OpenSC/libp11#51 (comment) for details.

We should perhaps consider also supporting OSX/iOS Cryptographic Services, https://developer.apple.com/library/mac/documentation/security/conceptual/cryptoservices/GeneralPurposeCrypto/GeneralPurposeCrypto.html

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-47

Nikos Mavrogiannopoulos:
While softhsm2-util --init-token --slot XX can be used to add more tokens in different slots in the soft token, there is no other option in softhsm2-util which allow to delete slots.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-117
https://issues.opendnssec.org/browse/SUPPORT-162

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-40

The CKA_CHECK_VALUE is accepted from the users, but we do not calculate it. The attribute is available for the certificates and the symmetric keys.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-46

Use valgrind to find memory leaks.
Found today:
missing #else in the SecureAllocator (fix pull)
Botan mutex (not fixable because of global dealloc order)
(not yet but expected) per thread OpenSSL ERR_STATE
(very hard to fix at the DSO level, BTW ERR_remove_state() was phased out so can free only the local thread ERR_STATE...)

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-59

Trying to write a certificate in a softhsm db with CKA_CERTIFICATE_CATEGORY fails with: CKR_ATTRIBUTE_READ_ONLY

How reproducible:

1. cat >config
   directories.tokendir = db
   objectstore.backend = file
2. export SOFTHSM2_CONF=config
3. mkdir db
4. softhsm2-util --init-token --slot 0 --label test --so-pin 1234 --pin 1234
5. p11tool --provider /usr/lib64/pkcs11/libsofthsm2.so --write --mark-ca --load-certificate any-cert.pem --label test --so-login

Output:
Error writing certificate: PKCS #11 error in attribute

Expected Output:
Success.

Writing the same certificate without the mark-ca flag works fine.

The PKCS#11 Spy output is at:
https://bugzilla.redhat.com/show_bug.cgi?id=1272453

David Fine:
It would be great to see AES GCM and CTR modes supported in SoftHSMv2. OpenSSL already supports these modes.

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-116
https://issues.opendnssec.org/browse/SUPPORT-158

PIV standard (NIST 800-73) says that SIGN key (9C) should have the attribute "PIN Always" set. I.e., every operation on this private key should be immediately preceded by PIN authentication.

I'd like to see this behavior supported.

Thanks!

The functions were implemented in SOFTHSM-54, but there are some minor things to improve.

TODO:

• add GOST support (what is its PKCS#8 format? is it correctly implemented in OpenSSL & Botan?)
• add a known vector (the only way to check OpenSSL vs Botan compatibility)
• factorise common code

Migrated from:
https://issues.opendnssec.org/browse/SOFTHSM-63