HSM setup

HSM provide the required secure environment that is needed to generate and protect the cryptographic keys used to protect and authenticate sensitive data.

We will use a simple Flask REST API service representing the remote HSM machine.

Looking into hsm directory, we can see following files: - hsm/sahsm.py is an example of a remote signing service. - hsm/hsm_k0_cert0_2048.pem test private key used for signing the data. - hsm/hsm_k1_cert0_2048.pem test private key used for signing the data.

IN order to start the HSM service, run following code:

[4]:

# Install a the required dependencies into the current Jupyter kernel
import sys
!{sys.executable} -m pip install flask requests

# Start remote signing service
from hsm.sahsm import APP
APP.run()
# This will keep running

Collecting flask
  Using cached Flask-2.3.2-py3-none-any.whl (96 kB)
Collecting requests
  Using cached requests-2.31.0-py3-none-any.whl (62 kB)
Requirement already satisfied: Werkzeug>=2.3.3 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from flask) (2.3.4)
Requirement already satisfied: Jinja2>=3.1.2 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from flask) (3.1.2)
Requirement already satisfied: itsdangerous>=2.1.2 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from flask) (2.1.2)
Requirement already satisfied: click>=8.1.3 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from flask) (8.1.3)
Requirement already satisfied: blinker>=1.6.2 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from flask) (1.6.2)
Requirement already satisfied: charset-normalizer<4,>=2 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from requests) (3.1.0)
Requirement already satisfied: idna<4,>=2.5 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from requests) (3.4)
Requirement already satisfied: urllib3<3,>=1.21.1 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from requests) (2.0.2)
Requirement already satisfied: certifi>=2017.4.17 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from requests) (2023.5.7)
Requirement already satisfied: colorama in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from click>=8.1.3->flask) (0.4.6)
Requirement already satisfied: MarkupSafe>=2.0 in c:\users\nxf93270\repos\spsdk_1\venv\lib\site-packages (from Jinja2>=3.1.2->flask) (2.1.3)
Installing collected packages: requests, flask
Successfully installed flask-2.3.2 requests-2.31.0
 * Serving Flask app 'hsm.sahsm'
 * Debug mode: off