Comments (4)
I have some more information, in case it helps, and I pushed on a bit further. It turns out that it requires the pin to either be set in java.security, or as a system property on the command line. So, adding -Dfips.nssdb.pin=pin:XXXXXXXXXX
resolves the bad arguments error message, but it ends up producing this:
Caused by: java.security.ProviderException: update() failed
at jdk.crypto.cryptoki/sun.security.pkcs11.P11Digest.engineUpdate(P11Digest.java:242)
at java.base/java.security.MessageDigest$Delegate.engineUpdate(MessageDigest.java:658)
at java.base/java.security.MessageDigest.update(MessageDigest.java:349)
at org.gradle.internal.hash.Hashing$MessageDigestHasher.update(Hashing.java:302)
at org.gradle.internal.hash.Hashing$MessageDigestHasher.putInt(Hashing.java:318)
at org.gradle.internal.hash.Hashing$DefaultHasher.putString(Hashing.java:413)
at org.gradle.internal.hash.Hashing.signature(Hashing.java:78)
at org.gradle.api.internal.changedetection.state.DefaultResourceSnapshotterCacheService.<clinit>(DefaultResourceSnapshotterCacheService.java:33)
... 107 more
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_GENERAL_ERROR
at jdk.crypto.cryptoki/sun.security.pkcs11.wrapper.PKCS11.C_DigestInit(Native Method)
at jdk.crypto.cryptoki/sun.security.pkcs11.P11Digest.engineUpdate(P11Digest.java:224)
... 114 more
when I run gradle init
in an empty directory. I have been searching a lot for information on this, but I cannot seem to find any. So, why is nssdb involved at all when using SoftHSM? I have to assume that plenty of people are using SoftHSM2 on RHEL8 with Java 17, and some of them must be using it in FIPS mode. Any ideas, or can I provide even more information?
from softhsmv2.
Related Issues (20)
- compile issue with openssl 3 backend on RHEL 8.5 machine HOT 1
- Configure fails with >= botan 3.0.0
- C_Decrypt sometimes fails to decrypt properly
- Import fails with RSA-PSS keys HOT 1
- SIGSEGV using OpenSSL 3 PKCS11 provider with SoftHSM2 + Botan HOT 1
- ECB is not supported by Botan HOT 1
- Getting SIGSEGV in EVP_MD_CTX_free HOT 1
- Implements RFC5649 as CKM_AES_KEY_WRAP_PAD but should actually be CKM_AES_KEY_WRAP_KWP
- Per-slot configuration
- openssl operations involving pcks11 and softHSM result in segfault on exit HOT 9
- AES/GCM multi-part decryption fails with CKR_BUFFER_TOO_SMALL HOT 1
- Unit Tests fails HOT 4
- Make check test fails on OS X HOT 2
- AES key file format for import HOT 1
- Documentation for SoftHSM is inaccessible HOT 4
- Coredump / Alma/rhel 9 HOT 2
- decrypting scrambled ciphered text with RSA succeeded on RHEL9 unexpectedly
- SoftHSM on AIX
- Issues with configure option `--with-openssl=PATH`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from softhsmv2.