Home

SoftHSM

SoftHSM is an open-source software-based cryptographic module that emulates a hardware security module (HSM) by providing a PKCS#11 (Cryptoki) interface. It is designed to let developers and testers work with PKCS#11-enabled applications without requiring physical HSM hardware. SoftHSM implements a compliant PKCS#11 library and stores cryptographic objects on disk in a token-backed data store managed by the software.

SoftHSM is commonly used in development and continuous integration workflows to test key generation, signing, encryption,

The project includes a PKCS#11 library and a management utility for token administration. In SoftHSM 2.x, the

SoftHSM is part of the OpenSC project and is available on multiple platforms, including Linux, Windows, and

and
token
management
workflows.
Applications
load
SoftHSM
as
a
PKCS#11
module
and
interact
with
named
tokens
through
user
credentials.
The
library
is
platform-agnostic
in
spirit
and
can
be
linked
or
loaded
by
applications
across
different
operating
systems.
management
tool
is
used
to
initialize
tokens,
configure
token
labels,
and
manage
keys
and
other
objects.
Tokens
are
organized
into
slots,
and
each
token
can
hold
multiple
objects
such
as
private
keys,
public
keys,
certificates,
and
symmetric
keys,
accessible
after
authentication.
macOS.
It
is
widely
used
for
testing
PKCS#11
integration
and
for
development
scenarios
where
hardware
HSMs
are
impractical
or
unavailable.