Rust PKCS#11 Library
This is a library which brings support for PKCS#11 to Rust. It is aiming at having both a very low-level API to map the PKCS#11 functionality to Rust as well as having a higher-level API for more easy usage as well as bringing more safety for programming against PKCS#11.
Testing
Testing is currently been done with SoftHSM2. A trillion thanks to the people at OpenDNSSEC for writing SoftHSM. This makes it possible to develop applications that need to support PKCS#11. I would have no idea what to do without it. (Suggestions are always welcome.)
Status
Here is a list of the implementation status and plans on what to do next:
- Dynamic loading of PKCS#11 module (thanks to libloading
- Initializing and Dropping PKCS#11 context
- Implementing Token and PIN Management functions
- Implementing Session Management functions
- Implementing Object Management functions
- Implementing Key Management functions
- Implementing Encryption/Decryption functions
- Implementing Message Digest functions
- Implementing Signing and MACing
- Implementing Verifying of signatures and MACs
- Implementing Dual-function cryptographic operations
- Implementing Legacy PKCS#11 functions
- Reorganize code of low-level API (too bloated, which we all know is what PKCS#11 is like)
- Design and implement high-level API
- Publish on crates.io
- Write and Generate Documentation for Rust docs
- Better Testing (lots of repetitive code + we need a testing framework and different SoftHSM versions for different platforms)