Windows version installation:
There are two ways under win: one is msi installation, the other is compressed package.
The method is very simple, please refer to the Github address for details
SoftHSM2 for Windows
====================
SoftHSM is an implementation of a cryptographic store accessible through
a PKCS#11 interface. You can use it to explore PKCS#11 without having
a Hardware Security Module. It is being developed as a part of the OpenDNSSEC
project:
https://www.opendnssec.org/softhsm/
This package includes both 32-bit and 64-bit build of SoftHSM 2.5.0 statically
linked to OpenSSL 1.1.1. Latest version of SoftHSM2 for Windows can be
downloaded from:
https://github.com/disig/SoftHSM2-for-Windows
SoftHSM2 searches for its configuration file in the following locations:
1. Path specified by SOFTHSM2_CONF environment variable
2. User specific path %HOMEDRIVE%%HOMEPATH%\softhsm2.conf
3. File softhsm2.conf in the current working directory
Following modifications of environment variables are required before using
portable (not installed from MSI) version extracted in C:\SoftHSM2\ directory:
set SOFTHSM2_CONF=C:\SoftHSM2\etc\softhsm2.conf
set PATH=%PATH%;C:\SoftHSM2\lib\
First token can be initialized with PKCS#11 function C_InitToken or with
the following command:
softhsm2-util.exe --init-token --slot 0 --label "My token 1"
Don't forget to configure the environment variable SOFTHSM2_CONF. When using it, find softhsm2-util.exe. Run on the command line.
Ubuntu version installation
The download address of this version is: here
The installation process is as follows:
Need some dependency packages automake, autoconf, libtool to install
The main code is as follows:
curl -OL http://ftpmirror.gnu.org/automake/automake-1.14.tar.gz
tar -xzf automake-1.14.tar.gz
cd automake-1.14
./configure && make && sudo make install
curl -OL http://ftpmirror.gnu.org/libtool/libtool-2.4.2.tar.gz
tar -xzf libtool-2.4.2.tar.gz
cd libtool-2.4.2
./configure && make && sudo make install
Automake installation is a bit more complicated
curl -OL http://ftpmirror.gnu.org/autoconf/autoconf-2.69.tar.gz
tar -xzf autoconf-2.69.tar.gz
cd autoconf-2.69
./configure && make && sudo make install
possible problems:
help2man :dan't get '--help' info from automake-1.14
Try '-no-discard-stderr' if option ouyputs to stderr
Makefile:3707:recipe for target 'doc/automake-1.14.1'failed
make:***[doc/qutomake-1.14.1]Error 255
Solution:
Add at line 3707 of Makefile, -no-discard-stderr as shown in the following code
doc/aclocal-$(APIVERSION).1: $(aclocal_script) lib/Automake/Config.pm
$(update_mans) aclocal-$(APIVERSION)
doc/automake-$(APIVERSION).1: $(automake_script) lib/Automake/Config.pm
$(update_mans) automake-$(APIVERSION) --no-discard-stderr
Run make&&sudo make install to compile.
Reminder (do not use configure)
Step into the theme below to install softhsm
1. Download the installation package:
wget https://dist.opendnssec.org/source/softhsm-2.3.0.tar.gz
2. Unzip
tar -xzf softhsm-2.3.0.tar.gz
3.
./configure
Some questions may be prompted:
例如:configure:error:OpenSSL library has no GOST support
The solution to this problem is simple:
./configure --disable-gost
sudo make install
4.
sudo apt-get install openssl
Then install:
sudo apt-get install libssl-dev
The installation of this may be due to the version number, inconsistent with the problem.
The following packages have unsatisfied dependencies:
libssl-dev: Dependencies: libssl1.0.0 (= 1.0.1f-1ubuntu2.18) but 1.0.1f-1ubuntu9.8 is about to be installed
Recommended: libssl-doc but it will not Will be installed
E: The error cannot be corrected because you require certain packages to maintain the status quo, that is, they break the dependencies between the packages.
The solution is as follows:
原因:
已安装的libssl1.0.0版本太高, 无法支持
-----(查看当前libssl-dev版本情况)
richer@ubuntu1804:~$ dpkg -l *libssl*
期望状态=未知(u)/安装(i)/删除(r)/清除(p)/保持(h)
| 状态=未安装(n)/已安装(i)/仅存配置(c)/仅解压缩(U)/配置失败(F)/不完全安装(H)/触发器等待(W)/触发器未决(T)
|/ 错误?=(无)/须重装(R) (状态,错误:大写=故障)
||/ 名称 版本 架构: 描述
+++-==============-============-============-=================================
ii libssl1.0.0:am 1.0.1f-1ubun amd64 Secure Sockets Layer toolkit - sh
=============解决方案(注意选项)============
1.( 安装aptitude )使用aptitude软件包管理器
richer@ubuntu1804:~$ sudo apt-get install aptitude
2. 使用aptitude安装 libssl-dev包, 采用建议的解决方案(将libssl1.0.0版本降级)
richer@ubuntu1804:~$ sudo aptitude install libssl-dev
下列“新”软件包将被安装。
libssl-dev{b} libssl-doc{a}
0 个软件包被升级,新安装 2 个, 0 个将被删除, 同时 74 个将不升级。
需要获取 2,036 kB 的存档。 解包后将要使用 7,819 kB。
下列软件包存在未满足的依赖关系:
libssl-dev : 依赖: libssl1.0.0 (= 1.0.1f-1ubuntu2.18) 但是 1.0.1f-1ubuntu9.8 已安装。
下列动作将解决这些依赖关系:
保持 下列软件包于其当前版本:
1) libssl-dev [未安装的]
是否接受该解决方案?[Y/n/q/?] n
下列动作将解决这些依赖关系:
降级 下列软件包:
1) libssl1.0.0 [1.0.1f-1ubuntu9.8 (now) -> 1.0.1f-1ubuntu2.18 (trusty-securi
是否接受该解决方案?[Y/n/q/?] y
下列软件包将被“降级”:
libssl1.0.0
下列“新”软件包将被安装。
libssl-dev libssl-doc{a}
0 个软件包被升级,新安装 2 个, 1 个被降级, 0 个将被删除, 同时 74 个将不升级。
需要获取 2,866 kB 的存档。 解包后将要使用 7,783 kB。
您要继续吗?[Y/n/?] y
5.make
6.sudo make install
7. Configuration file:
export SOFTHSM2_CONF=/etc/softhsm2.conf
Then initialize the token
softhsm2-util --init-token --slot 0 --label "My token 1"
But then there will be problems:
ERROR:Could not initialize the PKCS#11 library/module:/usr/local/lib/softhsm/libsofthsm2.so
ERROR:Please check log files for additional information
reasons may be:
When initializing the token as a non-root user, we always try to access the default /etc/softhsm/softhsm2.conf, which points to the token temporarily stored under /var/lib/softhsm/tokens, the ownership of the token/ Permissions are restricted to root and related groups.
Modifying the ownership/permission of /var/lib/softhsm/tokens does not solve the problem, because we cannot access /etc/softhsm/softhsm2.conf.
solution:
cd $HOME
mkdir -p $HOME/lib/softhsm/tokens
cd $HOME/lib/softhsm/
echo "directories.tokendir = $PWD/tokens" > softhsm2.conf
export SOFTHSM2_CONF=$HOME/lib/softhsm/softhsm2.conf
$ softhsm2-util --init-token --slot 0 --label "test" --so-pin 5462 --pin 8764329
Finally, I wish success! ! ! ! ! ! ! ! ! ! ! ! !