SoftHSM is an implementation of a cryptographic store accessible through a PKCS#11 interface. You can use it to explore PKCS#11 without having a Hardware Security Module. It is being developed as a part of the OpenDNSSEC project. SoftHSM uses Botan for its cryptographic operations.
|Tags||Security Cryptography Hardware|
Release Notes: Supports an RSASSA-PSS signature scheme. The default location of the token database is now $localstatedir/lib/softhsm/.
Release Notes: This release increases performance by adding more indexes to the database, describes the usage of SO and the user PIN in the README, and detects whether a C++ compiler is missing.
Release Notes: The library is now installed in $libdir/softhsm/. This release does not give a warning about the schema version if the token has not been initialized yet. The tools now return the correct exit code.
Release Notes: The --disable-64bit option is respected. $DESTDIR is respected for configuration files. The binaries can now show the version number. softhsm-keyconv could not handle --ttl properly. softhsm is linked statically with libsofthsm. libsofthsm.so is built without a version number. libsofthsm.so is now a loadable module.
Release Notes: Documentation on how to do backup was added. The number of concurrent sessions is limited to 256, because SQLite has a limit on the number of database connections. A sample of the configuration file is installed. Manual pages are now available for softhsm, softhsm-keyconv, and softhsm.conf. The –enable-64bit configure option now works correctly. There is a known bug in which a version of Botan available in some operating systems has a problem with the entropy. This causes SoftHSM to freeze in some operations. This can be worked around by upgrading to Botan 1.8.5 or greater.