Java API for HSMs

Hi,
Has any one tried interfacing with HSMs? I am Looking for Java API for HSM (Preferably Thales HSMs) or a software based simulator.

I found the following which I yet have to try my hands at:
ThalesSIM

Also any experiences with JPOS?

Thanks
Aryan

Hi Aryan,

Have you managed to get Java API for Thales HSM?

Thanks

Aryan Khan wrote:Hi,
Has any one tried interfacing with HSMs? I am Looking for Java API for HSM (Preferably Thales HSMs) or a software based simulator.

I found the following which I yet have to try my hands at:
ThalesSIM

Also any experiences with JPOS?

Thanks
Aryan

The HSM provider should give you the API to interact with the HSM.

I ended up using Txrx libraries since my requirements were simple and it did the job. Its not a PKCS 11 API/interface

But I came across this tool recently that might help you

https://www.opendnssec.org/download/

http://www.linkedin.com/news?viewArticle=&articleID=655687393&gid=38412&type=member&item=63224353&articleURL=http%3A%2F%2Ftrac.opendnssec.org%2Fwiki%2FSoftHSM&urlhash=8X1K&goback=.gde_38412_member_63224353

I "interface" with HSM's all the time.

If you want direct (much more functionality) access, you can use the free PKCS#11 wrapper from IAIK (which is also used internally by the Sun PKCS#11 provider).

If you want compatible (JCE/JCA provider) access you can put a PKCS#11 library under the Sun PKCS#11 provider. It's very X509 certificate (SSL) centered.

Some HSM's may also be available through the MS Windows crypto layer, for which in 1.6 there is also a provider.

And then there is the functionality provided by HSM providers (some of which may be outdated & utter crap, be warned).

If you've got some money, you can pay IAIK for their provider, which at least may offer some assurance regarding compatability with your HSM.