This is a library which brings support for PKCS#11 to Rust. It is aiming at having both a very low-level API to map the PKCS#11 functionality to Rust as well as having a higher-level API for more easy usage as well as bringing more safety for programming against PKCS#11.
Testing is currently done with SoftHSM2. A trillion thanks to the people at OpenDNSSEC for writing SoftHSM. This makes it possible to develop applications that need to support PKCS#11. I would have no idea what to do without it. (Suggestions are always welcome.)
Here is a list of the implementation status and plans on what to do next:
- [x] Dynamic loading of PKCS#11 module (thanks to libloading)
- [x] Initializing and Dropping PKCS#11 context
- [x] Implementing Token and PIN Management functions
- [x] Implementing Session Management functions
- [x] Implementing Object Management functions
- [ ] Implementing Key Management functions
- [ ] Implementing Encryption/Decryption functions
- [ ] Implementing Message Digest functions
- [ ] Implementing Signing and MACing
- [ ] Implementing Verifying of signatures and MACs
- [ ] Implementing Dual-function cryptographic operations
- [ ] Implementing Legacy PKCS#11 functions
- [x] Reorganize code of low-level API (too bloated, which we all know is what PKCS#11 is like)
- [x] Import the rest of the C header pkcs11t.h types into rust
- [ ] Import the rust of the C header pkcs11f.h functions into rust
- [ ] C type constants to string converter functions, and the reverse
- [ ] Design and implement high-level API
- [x] Publish on crates.io (wow, that was easy)
- [ ] Write and Generate Documentation for Rust docs
- [ ] Better Testing (lots of repetitive code + we need a testing framework and different SoftHSM versions for different platforms)