pkcs11wrapper
v1.4.10
Original Readme.txt
This project is deprecated, please use xipki/ipkcs11wrapper(preferred) or xipki/jpkcs11wrapper instead.
JRE / JDK 8 (build 162+) or above
Maven
<dependency> <groupId>org.xipki.iaik</groupId> <artifactId>sunpkcs11-wrapper</artifactId> <version>1.4.10</version> </dependency>
Or copy the following jar file to your classpath:
sunpkcs11-wrapper-1.4.7.jar
To use pkcs11wrapper in JDK 17 or above, please add the following java option:
--add-exports=jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED
Configure the library and PIN of your HSM module in the file example/data/pkcs11.properties.
mvn test
To activate the speed tests use -PspeedTests
By default the speed test will run with 2 threads, you can change the
value via the Java property speed.threads, e.g.-Dspeed.threads=5 to use 5 threads.
By default the speed test will take 3 seconds, you can change the
value via the Java property speed.duration, e.g.-Dspeed.duration=10s for 10 seconds.
No external library is required
Require OpenJDK or Oracle Java Runtime 1.8 or higher
Support PKCS#11 version 2.40
Support EdDSA Ed25519 (Signature and Keypair generation)
Port from mikma/pkcs11wrapper to this project
For *SecretKey, please use the constructor ValuedSecretKey(long keyType) instead, e.g. use new ValuedSecretKey(PKCS11Constants.CKK_AES) for AES SecretKey.
For ECDSAPrivateKey and ECDSAPublicKey, please use ECPrivateKey and ECPublicKey instead.
iaik.pkcs.pkcs11.objects.Object is renamed to iaik.pkcs.pkcs11.objects.PKCS11Object.
Token.closeAllSession() cannot be supported, since it is not supported in the underlying JNI (JDK's SunPKCS11 provider). Please manage your session by yourself. You can close a single session by Session.closeSession().
Unlike the original PKCS#11 wrapper, we only call Module.initialize() once per native .so/.dll. Once Module.finalize(Object) has been called, the module cannot be initialized anymore.
