PKCS11标准下的密钥管理方式研究与实现

Research and Implementation of Key Management Mechanism based on PKCS11

PKCS11标准在信息安全领域广泛使用,该标准独立于密码设备、主机和操作系统,有效地屏蔽了各模块间的异构性。密钥是密码运算中不可或缺的一部分,任何安全系统都必须具备安全、可靠、稳定的密钥管理模块。在PKCS11标准下,分析了PKCS11标准中的密钥相关接口,在嵌入式应用程序和主机端动态库两个层面上研究并实现了密钥管理功能模块。测试结果表明,该模块兼容性好,易于实现,在ARM9平台下具有良好的性能。

PKCS11 is been widely used in the field of information security .PKCS11 shields the heterogeneity of modules effectively,which is independent of cryptogr＆phic equipment, host computer and operation system. The key is dispensible in cryptographic operation. Any security system must have ＆ secure, reliable and stahie key management module. Based on PKCS11, this paper analyzes the interfaces of key in this criterion. R, esearch and implement the key management module in embedded application program and host dynamic library. It is proved by test result that this module is compatible, easy to complete,and has good performance on the platform of AP, M9.