How does JCA/JCE and PKCS#11 work (together)?

java jce pkcs#11
Andy picture Andy · Oct 17, 2012 · Viewed 8.3k times · Source

I want to use a HSM (hardware security module) to create a signature of a XML file. I did a bit of research and am now a bit confused, though.

Can you please clarify those questions:

  1. What is meant with a key handle in JCE? I have read about it, that it is just a handle and the key is stored somewhere else. How can that be? From my understanding I either load the key into memory and use it, or the signing is done completely by a HSM and I only get the result, right?
  2. Does the PKCS#11 standard define a way so that the signature is generated in the HSM? I've read about tokens, but I am not sure about signing.
  3. The featurelist of my HSM states JCE and PKCS#11 separately. What does that mean?
  4. I thought PKCS#11 is a standard, and JCE defines classes to use that standard. Does JCE specify its own protocols?

Answer

SquareRootOfTwentyThree picture SquareRootOfTwentyThree · Oct 17, 2012

  1. What is meant with a key handle in JCE?
    A key handle (in JCE, PKCS#11, or most other cryptographic APIs) is simply a reference that enables you to use a key without seeing its actual value. That is good: you can have the key permanently stored in a secure place (e.g. an HSM) with the assurance that nobody will be able to copy it and run away with it - as it may happen if the key is the application space. Unlike a physical safe though, you can still perform cryptographic operation without running any security risk of key leakage.

  2. Does the PKCS#11 standard define a way so that the signature is generated in the HSM?
    PKCS#11 is a C API for cryptographic tokens. A token is a PKCS#11 abstraction for any device or program that offers services described by such API. The API defines which operations you can perform using the objects inside the PKCS#11 token: some objects are non sensitive, and can be extracted (e.g. public keys); some others are sensitive and can only be used, via handles.
    If you have a handle to an object that supports signing, you can use the C function C_Sign to ask the token to authenticate some data provided by your application. The key does not leave the HSM.

  3. The featurelist of my HSM states JCE and PKCS#11 separately. What does that mean?
    Your HSM supports JCE in the sense that it comes with a native library that qualifies as a Cryptographic Service Provider.
    It supports PKCS#11 in the sense that it comes with a native library that offers a C PKCS#11 API.

  4. I thought PKCS#11 is a standard, and JCE defines classes to use that standard. Does JCE specify its own protocols?
    Indeed PKCS#11 is a standard; but it is not directly usable by languages other than C. You need a mapping layer that translates it into something compatible to your language. A PKCS#11 library (and the physical tokens that it abstracts) can be mapped to a JCE provider.

However, a JCE provider may have nothing to do with PKCS#11.

Related questions

Trust Store vs Key Store - creating with keytool

I understand that the keystore would usually hold private/public keys and the trust store only public keys (and represents the list of trusted parties you intend to communicate with). Well, that's my first assumption, so if that's not correct, …

Read More
Hash String via SHA-256 in Java

By looking around here as well as the internet in general, I have found Bouncy Castle. I want to use Bouncy Castle (or some other freely available utility) to generate a SHA-256 Hash of a String in Java. Looking at …

Read More
How to avoid installing "Unlimited Strength" JCE policy files when deploying an application?

I have an app that uses 256-bit AES encryption which is not supported by Java out of the box. I know to get this to function correctly I install the JCE unlimited strength jars in the security folder. This is …

Read More