Initialization and Login

  • Last updated:
  • access_time Reading time:

SDKMS provides multiple interfaces to application developers. For C/C++ programmers, SDKMS provides a PKCS#11 interface through a library. For Java programmers, SDKMS can be accessed through the JCE interface and through Java SDK. SmartKey can also be accessed through its RESTful interface, documented at https://www.fortanix.com/api/

We provide examples for using SDKMS in 7 languages – a C++ program using the PKCS#11 interface, a Java program using the JCE interface, and other programs using the REST interface through Java, Python, Golang, C#, PHP and Javascript SDKs

The example programs can be downloaded in full at the Downloads page.

C++


CK_FUNCTION_LIST_PTR initialize() {
CK_FUNCTION_LIST_PTR p11;
void *pDynLib;

pDynLib = dlopen("/opt/fortanix/pkcs11/sdkms-pkcs11.so", RTLD_NOW);
if (!pDynLib) {
cout << "Failed to load the PKCS#11 library" << endl;
return NULL;
}
cout << "Successfully initialized PKCS#11 library to use Fortanix SDKMS" << endl;
CK_C_GetFunctionList pGetFunctionList = (CK_C_GetFunctionList) dlsym(pDynLib, "C_GetFunctionList");
(*pGetFunctionList)(&p11);
return p11;
}

CK_RV login(CK_FUNCTION_LIST_PTR p11, CK_SESSION_HANDLE_PTR phSession, string pin) {
CK_RV rv;
CK_SLOT_ID slotId = 1;

rv = p11->C_Initialize(NULL_PTR);
if (rv == CKR_OK) {
rv = p11->C_OpenSession(slotId, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, phSession);
if (rv == CKR_OK) rv = p11->C_Login(*phSession, CKU_USER, (CK_UTF8CHAR_PTR)pin.c_str(), pin.length());
}
if (rv != CKR_OK) {
cout << "Incorrect API Key. Error code = " << rv << endl;
} else {
cout << "Successfully logged in to Fortanix SDKMS" << endl << endl;
}
return rv;
}

C#

public void login() {
    string apiKey =SDKMS_API_KEY;
    Configuration.Default.BasePath = SDKMS_API_ENDPOINT;

    string decodedKey = Encoding.ASCII.GetString(Convert.FromBase64String(apiKey));
    string[] tokens = decodedKey.Split(':');
    Configuration.Default.Username = tokens[0];
    Configuration.Default.Password = tokens[1];

    // App Authentication
    AuthenticationApi authenticationApi = new AuthenticationApi();
    AuthResponse response = authenticationApi.Authorize();
    Configuration.Default.AddApiKey("Authorization", response.AccessToken);
    Configuration.Default.AddApiKeyPrefix("Authorization", "Bearer");
}

Golang

func login() {
    config := &sdkms.Configuration{
        BasePath: SDKMS_API_ENDPOINT,
    }
    client := sdkms.NewAPIClient(config)
    decodeKey, _ := base64.StdEncoding.DecodeString(SDKMS_API_KEY)
    credential := strings.Split(string(decodeKey), ":")
    ctx := context.WithValue(context.Background(), sdkms.ContextBasicAuth, sdkms.BasicAuth{
        UserName: credential[0],
        Password: credential[1],
    })
    authResponse, _, _ := client.AuthenticationApi.Authorize(ctx)
    ctx = context.WithValue(context.Background(), sdkms.ContextAccessToken, authResponse.AccessToken)
}

Java

private static ApliClient login() throw Exception{
    String apiKey = new String (Base64.decode(SDKMS_API_KEY);
    if (!apiKey.contains(":")) {
        throw new Exception("Invalid SDKMS Api Key");
    }
    String[] credential = apiKey.split(":");
    ApiClient apiClient = new ApiClient();
    apiClient.setBasePath(SDKMS_API_ENDPOINT)
    apiClient.setUsername(credential[0]);
    apiClient.setPassword(credential[1]);

    AuthenticationApi authenticationApi = new AuthenticationApi(apiClient);
    AuthResponse authResponse = authenticationApi.authorize();
    ApiKeyAuth bearerToken =
        (ApiKeyAuth) apiClient.getAuthentication("bearerToken");
    bearerToken.setApiKey(authResponse.getAccessToken());
    bearerToken.setApiKeyPrefix("Bearer");
    return apliClient;
}

Python

def login():
    api_keys = base64.b64decode(SDKMS_API_KEY).decode('ascii')
    credential = api_keys.split(':')
    if len(parts) != 2:
        print 'Invalid API key provided'
        exit(1)
    config = sdkms.v1.Configuration()
    config.host = SDKMS_API_ENDPOINT
    config.username = credential[0]
    config.password = credential[1]
    client = sdkms.v1.ApiClient(configuration=config)
    auth_instance = sdkms.v1.AuthenticationApi(api_client=client)
    try:
        auth = auth_instance.authorize()
        config.api_key['Authorization'] = auth.access_token
        config.api_key_prefix['Authorization'] = 'Bearer'
        return client
    except ApiException as e:
        print("Exception when calling AuthenticationApi->authorize: %s\n" % e)
        return None

PHP

public function login() {
    $apiKey = base64_decode(SDKMS_API_KEY);
    $credential = explode(":", $apiKey);

    $cfg = new Swagger\Client\Configuration();

    $cfg->setHost(SDKMS_API_ENDPOINT); 
    $cfg->setUsername($credential[0]); 
    $cfg->setPassword($credential[1]);

    $client = new Swagger\Client\ApiClient($cfg);
    // authenticate
    $authenticationApi = new Swagger\Client\Api\AuthenticationApi($client);
    $auth = $authenticationApi->authorize();
    // set access token
    $cfg->setApiKey("Authorization", $auth['access_token']);
    $cfg->setApiKeyPrefix("Authorization", "Bearer");
}

Javascript

var FortanixSdkmsRestApi = require('./src/index.js');

function initialise() {
    var defaultClient = FortanixSdkmsRestApi.ApiClient.instance;
    defaultClient.basePath= SDKMS_API_ENDPOINT
    var basicAuth = defaultClient.authentications['basicAuth'];
    var apiKey = Base64.decode(SDKMS_API_KEY);

    var credential = apiKey.split(":");
    basicAuth.username = credential[0] 
    basicAuth.password = credential[1]
    return defaultClient;
}

var login = function(error, data, response) {
   var bearerAuth = defaultClient.authentications['bearerToken'];
   bearerAuth.apiKeyPrefix = "Bearer"
   bearerAuth.apiKey = data["access_token"]
}

defaultClient = initialise()
var authenticationApi = new FortanixSdkmsRestApi.AuthenticationApi()
authenticationApi.authorize(login);