HSM setup

HSM setup#

HSM provide the required secure environment that is needed to generate and protect the cryptographic keys used to protect and authenticate sensitive data.

We will use a simple Flask REST API service representing the remote HSM machine.

Looking into hsm directory, we can see following files:

  • hsm/sahsm.py is an example of a remote signing service.

  • hsm/hsm_k0_cert0_2048.pem test private key used for signing the data.

  • hsm/hsm_k1_cert0_2048.pem test private key used for signing the data.

IN order to start the HSM service, run following code:

import sys
# Install a the required dependencies into the current Jupyter kernel
!{sys.executable} -m pip install flask requests

# Start remote signing service
from hsm.sahsm import APP
# This will keep running
 * Serving Flask app 'hsm.sahsm'
 * Debug mode: off
[notice] A new release of pip available: 22.2.1 -> 23.3.1
[notice] To update, run: python.exe -m pip install --upgrade pip
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
 * Running on
Press CTRL+C to quit