Getting Started with the PKCS#11 Fuzzer
On this page we will show you how to use the Cryptosense PKCS#11 Fuzzer to obtain a trace from your PKCS#11 device.
Prerequisites
Before you use the PKCS#11 Fuzzer, make sure you have followed the installation instructions.
Make sure the device you want to test is connected. For hardware PKCS#11 devices you need to know the location of the PKCS#11 DLL, as well as the user PIN.
Make sure that you have backups for all key materials before running Cryptosense Fuzzer on a device. Cryptosense Fuzzer should not delete preexisting keys, but it tends to reveal firmware and driver bugs and those bugs may in turn require you to reset the device.
Fuzzing an PKCS#11 device
Choose a directory where you have write access to store the result of the fuzzing process.
Put the cs-fuzzer
executable inside it and run the following command:
./cs-fuzzer \
--dll /path/to/library
--pin 1234
--output trace.cst.gz
When the PKCS#11 Fuzzer has finished executing, you'll find a trace.cst.gz
trace file in
your directory.
This trace file is now ready for
uploading to the Cryptosense
Analyzer Platform. The trace file where the PKCS#11 Fuzzer writes the trace can be changed
with the --output
option. See the manual to get a list
of the available options, learn how to use those options and learn what else you could do
with the PKCS#11 Fuzzer.