{"id":27306236,"url":"https://github.com/prasadrahul/hsm-simulator","last_synced_at":"2026-04-29T01:32:59.047Z","repository":{"id":287417428,"uuid":"964627040","full_name":"prasadrahul/HSM-Simulator","owner":"prasadrahul","description":"HSM-Simulator is a lightweight Java-based wrapper over SoftHSM2 designed to simulate the behavior of an HSM such as AWS CloudHSM. It provides REST APIs for key management and cryptographic operations using the PKCS#11 interface, making it ideal for local development, integration testing, and prototyping secure applications.","archived":false,"fork":false,"pushed_at":"2025-04-11T16:12:00.000Z","size":13,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-12T03:59:04.090Z","etag":null,"topics":["cloudhsm","hsm","java","pkcs11","security","simulator","softhsm","spring-boot"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/prasadrahul.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-11T14:15:35.000Z","updated_at":"2025-04-11T16:12:03.000Z","dependencies_parsed_at":"2025-04-11T16:44:21.887Z","dependency_job_id":"146d3393-5b02-4ba1-88f1-81adffe5e522","html_url":"https://github.com/prasadrahul/HSM-Simulator","commit_stats":null,"previous_names":["prasadrahul/hsm-simulator"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prasadrahul%2FHSM-Simulator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prasadrahul%2FHSM-Simulator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prasadrahul%2FHSM-Simulator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/prasadrahul%2FHSM-Simulator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/prasadrahul","download_url":"https://codeload.github.com/prasadrahul/HSM-Simulator/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248514203,"owners_count":21116900,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudhsm","hsm","java","pkcs11","security","simulator","softhsm","spring-boot"],"created_at":"2025-04-12T03:59:07.045Z","updated_at":"2026-04-29T01:32:59.042Z","avatar_url":"https://github.com/prasadrahul.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# hsm-simulator\nA HSM simulator using SoftHSM and PKCS#11 for local testing of CloudHSM-like cryptographic operations.\n\n\n# SoftHSM Wrapper - Java HSM Simulator\n\nThis project provides a Java-based wrapper for SoftHSM2 using the SunPKCS11 provider to simulate AWS CloudHSM-like functionalities. The goal is to create a local, developer-friendly environment to prototype, test, and simulate cryptographic operations similar to a real Hardware Security Module (HSM).\n\n## Features\n\n- Java + Spring Boot REST API\n- AES-GCM encryption \u0026 decryption\n- Key generation and listing\n- Metadata lookup\n- In-memory key simulation\n- Pluggable for SoftHSM2 backend\n- Ideal for testing HSM client logic locally\n\n## Requirements\n\n- Java 17+\n- SoftHSM2 installed (libsofthsm2.so)\n- Spring Boot 3.x\n- Docker (optional)\n\n## API Endpoints\n\n| Method | Endpoint                   | Description            |\n|--------|----------------------------|------------------------|\n| POST   | `/api/keys/generate`       | Generate new key       |\n| GET    | `/api/keys`                | List all keys          |\n| GET    | `/api/keys/{id}`           | Get metadata           |\n| POST   | `/api/keys/{id}/encrypt`   | Encrypt plaintext      |\n| POST   | `/api/keys/{id}/decrypt`   | Decrypt ciphertext     |\n\n## HSM related API Endpoints\n\n| Method | Endpoint                          | Parameter(s)    / Request Body                                             | Description                  |\n|--------|-----------------------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------------------|\n| POST   | `/api/v1/tool/generateSymmetricKey`           | `{ \"keyType\": \"AES_128\", \"id\": \"02\", \"label\": \"SymKeyLabel\" }`                                                   | Generate symmetric keys                 |\n| POST   | `/api/v1/tool/generateAsymmetricKeyPair`      | `{ \"keyType\": \"RSA\", \"id\": \"01\", \"label\": \"AsymKeyLabel\" }`                                                      | Generate an asymmetric key pair         |\n| GET    | `/api/v1/tool/listKeys`                       | `type` (Query: Optional, e.g., 'cert', 'privkey', 'pubkey', etc.)                                                | List all keys                           |\n| GET    | `/api/v1/tool/listMechanisms`                 | None                                                                                                             | List all mechanisms                     |\n| GET    | `/api/v1/slots/{slotId}/keys`                 | `slotId` (Path: Integer)                                                                                         | List all keys in a specific slot        |\n| GET    | `/api/v1/slots`                               | None                                                                                                             | List all available slots                |\n| POST   | `/api/v1/data/sign/{selectedKeyAlias}`        | `{ \"message\": \"example message\", \"signAlgo\": \"SHA256withRSA\" }`                                                  | Sign a message using a key alias        |\n| POST   | `/api/v1/data/verify/{selectedKeyAlias}`      | `{ \"message\": \"example message\", \"base64Signature\": \"base64EncodedSignature\", \"verifyAlgo\": \"SHA256withECDSA\" }` | Verify a signature using a key alias    |\n| POST   | `/api/v1/generateKey`                         | `{ \"algorithm\": \"AES\", \"keySize\": 256, \"alias\": \"symmetricKeyAlias\" }`                                           | Generate a symmetric key                |\n| POST   | `/api/v1/generateKeyPair`                     | `{ \"algorithm\": \"RSA\", \"keySize\": 2048, \"ecCurve\": \"secp256r1\", \"alias\": \"keyPairAlias\" }`                       | Generate a key pair                     |\n| POST   | `/api/v1/encrypt/{algorithm}`                 | `{ \"plainText\": \"example text\" }`                                                                                | Encrypt a message                       |\n| POST   | `/api/v1/decrypt/{algorithm}`                 | `{ \"base64Encrypted\": \"base64EncodedText\" }`                                                                     | Decrypt a message                       |\n| GET    | `/api/v1/random/{byteCount}`                  | `byteCount` (Path: Positive Integer, e.g., 16 or 32)                                                             | Generate random bytes                   |\n\n## Login and Authentication\nThis API does not implement authentication or authorization. It is intended for local development and testing purposes only. In a production environment, you should implement proper security measures.\n\n| Method | Endpoint                  | Parameter(s) / Request Body                     | Description                     |\n|--------|---------------------------|------------------------------------------------|---------------------------------|\n| POST   | `/api/v1/auth/login`      | `{ \"username\": \"user\", \"password\": \"pass\" }`   | Authenticate and obtain a token |\n| POST   | `/api/v1/auth/logout`     | None                                           | NA                              |\n| GET    | `/api/v1/auth/status`     | None                                           | NA                              |\n\n## Swagger API Documentation\nRefer to the API documentation for detailed request and response formats.  \n- http://localhost:8080/swagger-ui/index.html\n\n## License\n\nThis project is licensed under the Apache 2.0 License - see the [LICENSE](./LICENSE) file for details.\n\n## Acknowledgements\n\n- [SoftHSM2](https://github.com/opendnssec/SoftHSMv2) - BSD-2-Clause Licensed\n- Java SunPKCS11 provider - part of OpenJDK\n- [OpenSC](https://github.com/OpenSC/OpenSC) - LGPL-2.1 Licensed\n- [Spring Boot](https://spring.io/projects/spring-boot) - Apache 2.0 Licensed\n- [Springdoc](https://springdoc.org/) - Apache 2.0 Licensed\n\n**Note:** This project is intended as a development and testing tool. It is not a replacement for certified HSM systems in production.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprasadrahul%2Fhsm-simulator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprasadrahul%2Fhsm-simulator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprasadrahul%2Fhsm-simulator/lists"}