[FABN-1359] Move HSM docs into separated page

Will move and prettify HSM detailed contents in README.md into fabric-sdk-node.github.io tutorials, since the special tests for HSM is not necessary thing for every builder/developer. Let's move it out of README. Signed-off-by: “5sWind” <fiveswind@gmail.com> Change-Id: Ia97289b27c5f6efae4ca2e03ea7a1cf6ee56010a
hyperledger · Aug 28, 2019 · 130173b · 130173b
1 parent be841fe
commit 130173b
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 21 deletions.
diff --git a/README.md b/README.md
@@ -49,27 +49,8 @@ We have functional and scenario based tests that may be run via the following co
     * `node test/integration/e2e/query.js`
 
 ### Special Tests for Hardware Security Module support via PKCS#11 interface
-The SDK has support for PKCS#11 interface in order to allow applications to make use of HSM devices for key management. To turn these tests off, set environment variable "PKCS11_TESTS" to "false". In order to run the tests:
-
-* Install a software emulator of the PKCS#11 interface. The unit tests have been tried with SoftHSM2:
-  * install using the package manager for your host system:
-    * Ubuntu:  apt-get install softhsm2
-    * macOS: brew install softhsm
-  * or install from source:
-    * install openssl 1.0.0+ or botan 1.10.0+
-    * download the source code from https://dist.opendnssec.org/source/softhsm-2.2.0.tar.gz
-    * `tar -xvf softhsm-2.2.0.tar.gz`
-    * `cd softhsm-2.2.0`
-    * `./configure --disable-gost` (would require additional libraries, turn it off unless you need gost algorithm support for the Russian market)
-    * `make`
-    * `sudo make install`
-  * set environment variable "SOFTHSM2_CONF" to "./test/fixtures/hsm/softhsm2.conf"
-  * create a token to store keys inside slot 0: `softhsm2-util --init-token --slot 0 --label "My token 1"`, you will be prompted two PINs: SO (Security Officer) PIN that can be used to re-initialize the token, and user PIN to be used by applications to access the token for generating and retrieving keys
-
-The unit test assumes slot '0' and user PIN `98765432`. If your configuration is different, use these environment variables to pass in the values:
-* PKCS11_LIB - path to the SoftHSM2 library, if not specified, the test case searches through a list of popular install locaions
-* PKCS11_PIN
-* PKCS11_SLOT
+
+The SDK has support for Hardware Security Module via PKCS#11 interface. See [Testing for Hardware Security Module via PKCS#11 interface](https://fabric-sdk-node.github.io/release-1.4/tutorial-hsm-pkcs11.html) for configuration and tests.
 
 ### Hyperledger Fabric Client objects and reference documentation
 The SDK has support for Java based Chaincode. To turn these tests off, set the environment variable "JAVA_TESTS" to false.

diff --git a/docs/tutorials/hsm-pkcs11.md b/docs/tutorials/hsm-pkcs11.md
@@ -0,0 +1,51 @@
+This tutorial illustrates the different ways of installing, configuring and testing the Hardware Security Module SoftHSM via PKCS#11 interface with a Hyperledger Fabric SDK for Node.js as of 1.4.
+
+For more information please refer to [SoftHSM](https://www.opendnssec.org/softhsm/).
+
+## Overview
+
+The SDK has support for PKCS#11 interface in order to allow applications to make use of HSM devices for key management.
+
+## Installation
+
+In order to run the tests, install a software emulator of the PKCS#11 interface.
+
+### Install using the package manager for your host system
+
+* Ubuntu: apt-get install softhsm2
+* macOS: brew install softhsm
+* Windows: **unsupported**.
+
+### Or install from source
+
+1. install openssl 1.0.0+ or botan 1.10.0+
+2. download the source code from <https://dist.opendnssec.org/source/softhsm-2.2.0.tar.gz>
+3. `tar -xvf softhsm-2.2.0.tar.gz`
+4. `cd softhsm-2.2.0`
+5. `./configure --disable-gost` (would require additional libraries, turn it off unless you need gost algorithm support for the Russian market)
+6. `make`
+7. `sudo make install`
+
+### Set environment variable "SOFTHSM2_CONF" to "./test/fixtures/softhsm2.conf"
+
+```bash
+export SOFTHSM2_CONF="./test/fixtures/softhsm2.conf"
+```
+
+### Create a token to store keys inside slot 0
+
+```bash
+softhsm2-util --init-token --slot 0 --label "My token 1"
+```
+
+Then you will be prompted two PINs: SO (Security Officer) PIN that can be used to re-initialize the token, and user PIN to be used by applications to access the token for generating and retrieving keys.
+
+## Test
+
+The unit tests have been tried with SoftHSM2 and assumes slot '0' and user PIN `98765432`. If your configuration is different, use these environment variables to pass in the values:
+
+* PKCS11_LIB - path to the SoftHSM2 library, if not specified, the test case searches through a list of popular install locaions
+* PKCS11_PIN
+* PKCS11_SLOT
+
+To turn these tests off, set environment variable "PKCS11_TESTS" to "false".
diff --git a/docs/tutorials/tutorials.json b/docs/tutorials/tutorials.json
@@ -55,5 +55,8 @@
 	},
 	"fabtoken": {
 		"title": "fabric-client: How to perform token operations"
+	},
+	"hsm-pkcs11": {
+		"title": "Testing for Hardware Security Module via PKCS#11 interface"
 	}
 }