Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-3538

clientToolBox p11 test multiple times in same jvm, to test if objects on a p11 token can be updated from another application.

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.2.0
    • Component/s: CLI
    • Labels:
      None

      Description

      An application using a token on a HSM should be able to use objects that is created on the token after start by another application.
      But some HSM is not capable of this. To find out whether an application can pic up objects created from another application after start the "clientToolBox PKCS11HSMKeyTool test" has been modified.
      Now it is possible to repeat the single test of all private keys on the token without closing the the clientToolBox application.
      Example of test:

      Open a console and do:
      clientToolBox PKCS11HSMKeyTool test ./libcs2_pkcs11.so i5

      Open another console and do:
      clientToolBox PKCS11HSMKeyTool generate ./libcs2_pkcs11.so secp256r1 secp256r1-1 i5

      Then hit RETURN on the first console. If you could see a new key with alias secp256r1-1 then your HSM is capable of handling updates from other applications.

        Attachments

          Activity

            People

            Assignee:
            lars Lars Silvén
            Reporter:
            lars Lars Silvén
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: