A good free library for PKCS11 in java

3
votes

i want to use token to purpose :

  1. Encrypt with AES
  2. Decrypt with AES
  3. Create and Encrypt with RSA Public key
  4. Create and sign with RSA Private key
  5. Create Certificate
  6. Fetch RSA Kies

i want to find a good API to do this.i found iaik wrapper but it seems the JCE Library to Create Certificate and sign is not free. could some body please introduce a good free library?

2
javacryptographytokenpkcs#11
Have you taken a look at j4sign? A bonus point being that you could leverage most of the BouncyCastle stack while using it.Perception
Why would you need to encrypt/decrypt with AES using a token? Most of the time your AES key would be a session key if you would use RSA. Session keys are only required to be as accessible as the data that they protect. RSA public keys should be always accessible, so there is certainly no requirement to do that in the token. Then there is the creation of certificates. Normally you create a certificate request to be signed. You should only have to sign with the private key, and you should never fetch the private key - what good is the token if the private key becomes available?Maarten Bodewes

2 Answers

3
votes

For Java the reference is : BouncyCastle crypto library JCE and BCmail

I allready use it to do what you are looking for

Bruno