Comments (4)
JFYI: I'm experimenting with this library on the Nitrokey HSM 2, which uses a CardConnect SmartCard-HSM internally.
I'll let you know if I run into any problems (and should be able to fix and upstream many of them myself 🙂).
from rust-pkcs11.
TL;DR: yes, just point to that module and you are good to go.
That is the general idea of course. SoftHSM is only used as a testing harness as it becomes very impractical/impossible for me to test against different hardware.
The team around SoftHSM has done a very good job to implement the PKCS#11 standard according to the required business logic and it goes far beyond simple mocking. So it is ideal to test this rust library.
In my experience developing in general against SoftHSM first gives you confidence into your own HSM dependant code, however, moving to a "real" HSM usually always requires additional considerations that one often does not think about. Nonetheless it is a good starting point.
Also, the behaviour between different HSMs is often very different and also depends on the configuration of the HSM itself.
To complicate things even further: not al HSMs have very "clean" implementations of pkcs11 themselves, so things that work and should work with one device, are not guaranteed to work on another and vice versa.
Does that answer your question?
from rust-pkcs11.
btw, if you are successful in using this HSM with this library, please shoot me a note. I'd like to start to keep a compatibility list.
from rust-pkcs11.
Closing this now. Please reopen if this did not answer your question.
from rust-pkcs11.
Related Issues (17)
- About the safety of `CK_ATTRIBUTE::get_bytes` HOT 6
- Mutability compile errors HOT 2
- Crash on initialize HOT 7
- Safety of types containing raw pointers and methods using them HOT 15
- Commit "Fix Windows x64 compatiblity" breaks MacOS HOT 7
- Support for partial implementations HOT 3
- CK_ATTRIBUTE get_biginteger mixes up endianness HOT 4
- Disabling of compiler optimizations needed to prevent non-null `pReserved` when invoking `C_Initialize()`. HOT 2
- `ctx.open_session` against Luna Network HSM crashed with SIGSEGV HOT 2
- Unknown error code from `Ctx::new()` on ARMv7 when calling the PKCS#11 `C_GetFunctionList()` function. HOT 3
- Change `Ctx::generate_random` to take the buffer to be filled instead of generating the buffer from a given size HOT 1
- possible segmentation fault HOT 1
- Unsound transmute_copy in `attr_ck_long`, `get_date`, `attr_ck_ulong`
- Report as unmaintained? HOT 1
- latest code not available in https://crates.io/ HOT 7
- Ctx::new should take a &Path HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-pkcs11.