HSM setup#
HSM provide the required secure environment that is needed to generate and protect the cryptographic keys used to protect and authenticate sensitive data.
We will use a simple Flask REST API service representing the remote HSM machine.
Looking into hsm
directory, we can see following files:
hsm/sahsm.py
is an example of a remote signing service.hsm/hsm_k0_cert0_2048.pem
test private key used for signing the data.hsm/hsm_k1_cert0_2048.pem
test private key used for signing the data.
IN order to start the HSM service, run following code:
import sys
# Install a the required dependencies into the current Jupyter kernel
!{sys.executable} -m pip install flask requests
# Start remote signing service
from hsm.sahsm import APP
APP.run()
# This will keep running
* Serving Flask app 'hsm.sahsm'
* Debug mode: off
[notice] A new release of pip available: 22.2.1 -> 23.3.1
[notice] To update, run: python.exe -m pip install --upgrade pip
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
* Running on http://127.0.0.1:5000
Press CTRL+C to quit