From the point of view of the PKCS#11 interface, using a cloud token is no different from using a hardware token. To use the token on a computer (and we will talk about the Android platform), you must have a library for working with the token and the actual connected token. For
Checking the status of a cryptographic token
So, download the updated version of the utility
The screenshot clearly shows what happens when you click on a particular button. If you click on the "other token" button, you will be prompted to select the PKCS # 11 library for your token. In the other two cases, information about the status of the selected token is given. How the software token is connected was discussed in the previous
Cloud token registration
Go to the βConnecting PKCS#11 Tokensβ tab, find the item βCreate a cloud tokenβ and download the LS11CloudToken-A application
Install the downloaded application and run it:
After filling in the fields on the "Registration in the cloud" tab and clicking the "Register" button, the process of registering a token in the cloud begins. The registration process includes the creation of a seed random number generator (RNG). NZDCH to add "biological" randomness when generating the initial value includes the user's keyboard input. This takes into account both character input speed and input correctness:
After registering in the cloud, you can check the status of the token in the cloud:
After successful registration in the cloud, we exit the LS11CloudToken-A application and return to the cryptoarmpkcs-A application and check the status of the cloud token again:
Checking for the presence of a cloud token confirmed that we successfully registered in the cloud and we need to initialize our own cloud token in it.
Cloud token initialization
This initialization is no different from the initialization of any other token, for example,
And then everything is as usual, we put a personal certificate, for example from a container
You can also form
With the created request, go to the certification center, get a certificate there and import it to the token:
Source: habr.com