How to use it with a different SHM about rust-pkcs11 HOT 4 CLOSED

JFYI: I'm experimenting with this library on the Nitrokey HSM 2, which uses a CardConnect SmartCard-HSM internally.

I'll let you know if I run into any problems (and should be able to fix and upstream many of them myself 🙂).

from rust-pkcs11.

TL;DR: yes, just point to that module and you are good to go.

That is the general idea of course. SoftHSM is only used as a testing harness as it becomes very impractical/impossible for me to test against different hardware.

The team around SoftHSM has done a very good job to implement the PKCS#11 standard according to the required business logic and it goes far beyond simple mocking. So it is ideal to test this rust library.

In my experience developing in general against SoftHSM first gives you confidence into your own HSM dependant code, however, moving to a "real" HSM usually always requires additional considerations that one often does not think about. Nonetheless it is a good starting point.

Also, the behaviour between different HSMs is often very different and also depends on the configuration of the HSM itself.

To complicate things even further: not al HSMs have very "clean" implementations of pkcs11 themselves, so things that work and should work with one device, are not guaranteed to work on another and vice versa.

Does that answer your question?

from rust-pkcs11.

btw, if you are successful in using this HSM with this library, please shoot me a note. I'd like to start to keep a compatibility list.

from rust-pkcs11.

Closing this now. Please reopen if this did not answer your question.

from rust-pkcs11.