README

cd src/nginx_modules/nginx-1.22.0

./configure --prefix=src/nginx_modules/bin/ 
            --add-module=src/nginx_modules/ngx_http_hsm_service_module 
            --with-cc-opt="-Ijson-c/include" 
            --with-ld-opt="-Ljson-c/lib"
make
make install
../bin/sbin/nginx -c ../bin/conf/nginx.conf


/////// nginx.conf //////////////

#user  nobody;
worker_processes  1;
daemon off;

error_log  logs/error.log  debug;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;

events {
    worker_connections  1024;
    worker_aio_requests 5;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    hsm_service_lib     "[path]/libsofthsm2.so";
    hsm_service_conf    "[path]/softhsm2.conf";


    server {
        listen       9999;
        server_name  localhost;


        location ~ ^/hsm/(encdec|signver)$ {
            hsm_service ;
            hsm_service_slotname    "SLOT1"; 
            hsm_service_user        "user";
            hsm_service_pass        "654321";
            hsm_service_encdec_key  "KEY1";
            hsm_service_sign_key    "SIGNKEY1";
            hsm_service_verify_key  "VERIFYKEY1";
        }
    }
}



////////////////// Test //////////////////

Encryption Test ->
curl -v --header 'Content-Type: application/json' \
    -d '{"transactionId": 12344, "data": "BASE64(PLAIN_DATA)", "type": 0}' \
    http://localhost:9999/hsm/encdec

Decryption Test ->
curl -v --header 'Content-Type: application/json' \
    -d '{"transactionId": 12344, "data": "BASE64(ENC_DATA)", "type": 1}' \
    http://localhost:9999/hsm/encdec

Sing Test ->
curl -v --header 'Content-Type: application/json' \
    -d '{"transactionId": 345678, "data": "BASE64(SHA256(PLAIN_DATA))", "type": 0}'  \
    http://localhost:9999/hsm/signver

Verify Test ->
curl -v --header 'Content-Type: application/json' -d '{"transactionId": 12344, "data": "BASE64(SHA256(PLAIN_DATA)+SIGN)", "type": 1}' http://localhost:9999/hsm/signver