如何在 java 中使用 pkcs#11 和 softhsm2 进行 ssl 握手。我在使用存储在 softhsm2 中的密钥实现 ssl 上下文工厂时遇到问题。请提供我可以使用的样本。
问问题
842 次
1 回答
1
这是 pkcs#11 for ssl handshake in java 的解决方案。
System.setProperty("javax.net.debug", "ssl");
try {
String configName = "softhsm2.cfg";
Provider p = new SunPKCS11(configName);
System.out.println(p.getName());
Security.addProvider(p);
// Load the key store
char[] pin = "5678".toCharArray();
KeyStore ks = KeyStore.getInstance("PKCS11", p);
ks.load(null, pin);
System.out.println(ks.size());
Enumeration<String> aliases = ks.aliases();
for(;aliases.hasMoreElements();)
{
System.out.println(aliases.nextElement());
}
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
//Add to keystore to key manager
keyManagerFactory.init(ks, pin);
//Create the context
SSLContext context = SSLContext.getInstance("TLS");
context.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
//Create a socket factory
SSLServerSocketFactory ssf = context.getServerSocketFactory();
//SSLSocketFactory sf = context.getSocketFactory();
//Create the socket
SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(8888);
printServerSocketInfo(s);
SSLSocket c = (SSLSocket) s.accept();
于 2017-05-18T07:36:43.333 回答