bentonstark
commented
3 years ago It has been several years since I installed and used the Utimaco Simulator and used it on Linux rather than Windows. So it sounds like you are using the java -jar p11cat.jar program.
The good news is that it appears you have loaded the HSM P11 library and it is talking to some degree with the simulator. I think the next step is to look at the log files of the simulator for clues. You should be able to set the log file location in the cs_pkcs11_R2.cfg file. The simulator has two main parts: (1) server (2) client.
Below is the config file I used on the Linux client to connect to the Utimaco Simulator server (SecurityServer-V3.21.0.zip) running in Wine. That version is going to be probably be old so things may have changed. Your Logpath should be some value path on your Windows host. Set the Logging level to 4. Also check the SlotCount value.
cs_pkcs11_R2.cfg
[Global]
# Path to the logfile (name of logfile is attached by the API)
Logpath = /tmp
# Loglevel (0 = NONE; 1 = ERROR; 2 = WARNING; 3 = INFO; 4 = TRACE)
Logging = 4
# Maximum size of the logfile in bytes (file is rotated with an backupfile
if full)
Logsize = 10mb
# Created/Generated keys are stored in an external or internal database
KeysExternal = false
# If true, every session establishes its own connection
SlotMultiSession = true
# Maximum number of slots that can be used
SlotCount = 1
# If true, leading zeroes of decryption operations will be kept
KeepLeadZeros = false
# Prevents expiring session after inactivity of 15 minutes
KeepAlive = false
# Timeout of the open connection command in ms
ConnectionTimeout = 5000
# Timeout of command execution in ms
CommandTimeout = 60000
[CryptoServer]
Device = 3001@127.0.0.1Now if you still have issues there is another test you should perform which is to test that libhsm and py-hsm are working properly on Windows. To do that you can use SoftHSM2 which is a free program from OpenDNSSEC that emulates a mostly PKCS-11 compliant HSM. Now again I used softhsm on Linux where it is a native application you can install with your distro package manager. But it appears someone has ported it to Windows. https://github.com/disig/SoftHSM2-for-Windows https://github.com/opendnssec/SoftHSMv2
longnt89
E-genin
Hi @bentonstark ,
As you have successfully tested your library on a Utimaco simulator, I'd like to make some questions because currently I have to create a Python application (using your py-hsm library) that sends requests to a Utimaco cryptoserver PCIe. Before testing the application on a physical device (commercially used) I need to make sure that it works correctly on a simulator.
For some information:
However, when I tried to use your sample code to just make some login to the cryptoserver, for example:
c = HsmClient(pkcs11_lib="C:\Windows\System32\cs_pkcs11_R2.dll")c.open_session(slot=0)c.login(pin="123456")c.logout()c.close_session()(Suppose that I put cs_pkcs11_R2.dll to C:\windows\system32)
That one returned such error:
I tried to read the Utimaco dev guide, I used CAT tool to initialize the slot 0 but it always gave me such error.
Honestly, I have no idea of what should I do to make some test with the simulator, could you give me a hint or if you have always kept your code that tested on a Utimaco simulator would it be possible to send me your code or its instruction?
Many thanks for your help.