aspose file tools*
The moose likes Security and the fly likes Java API for HSMs Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Java API for HSMs" Watch "Java API for HSMs" New topic
Author

Java API for HSMs

Aryan Khan
Ranch Hand

Joined: Sep 12, 2004
Posts: 290

Hi,
Has any one tried interfacing with HSMs? I am Looking for Java API for HSM (Preferably Thales HSMs) or a software based simulator.

I found the following which I yet have to try my hands at:
ThalesSIM

Also any experiences with JPOS?

Thanks
Aryan

OCP/MCP/SCJP/SCWCD/IBM XML/SCMAD/SCEA-1
Caeser smith
Greenhorn

Joined: May 10, 2011
Posts: 5
Hi Aryan,

Have you managed to get Java API for Thales HSM?

Thanks
Joe Harry
Ranch Hand

Joined: Sep 26, 2006
Posts: 9427
    
    2

Aryan Khan wrote:Hi,
Has any one tried interfacing with HSMs? I am Looking for Java API for HSM (Preferably Thales HSMs) or a software based simulator.

I found the following which I yet have to try my hands at:
ThalesSIM

Also any experiences with JPOS?

Thanks
Aryan


The HSM provider should give you the API to interact with the HSM.


SCJP 1.4, SCWCD 1.4 - Hints for you, Certified Scrum Master
Did a rm -R / to find out that I lost my entire Linux installation!
Ahmad Khan
Greenhorn

Joined: Mar 27, 2004
Posts: 7
I ended up using Txrx libraries since my requirements were simple and it did the job. Its not a PKCS 11 API/interface

But I came across this tool recently that might help you

https://www.opendnssec.org/download/

http://www.linkedin.com/news?viewArticle=&articleID=655687393&gid=38412&type=member&item=63224353&articleURL=http%3A%2F%2Ftrac.opendnssec.org%2Fwiki%2FSoftHSM&urlhash=8X1K&goback=.gde_38412_member_63224353


OCP, SCJP, SCWCD, MCP
Maarten Bodewes
Greenhorn

Joined: Aug 04, 2011
Posts: 14
I "interface" with HSM's all the time.

If you want direct (much more functionality) access, you can use the free PKCS#11 wrapper from IAIK (which is also used internally by the Sun PKCS#11 provider).

If you want compatible (JCE/JCA provider) access you can put a PKCS#11 library under the Sun PKCS#11 provider. It's very X509 certificate (SSL) centered.

Some HSM's may also be available through the MS Windows crypto layer, for which in 1.6 there is also a provider.

And then there is the functionality provided by HSM providers (some of which may be outdated & utter crap, be warned).

If you've got some money, you can pay IAIK for their provider, which at least may offer some assurance regarding compatability with your HSM.
 
Don't get me started about those stupid light bulbs.
 
subject: Java API for HSMs