Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ability to define custom pkcs wrapper #81

Open
ayZagen opened this issue Jun 3, 2021 · 9 comments
Open

Ability to define custom pkcs wrapper #81

ayZagen opened this issue Jun 3, 2021 · 9 comments
Assignees

Comments

@ayZagen
Copy link

ayZagen commented Jun 3, 2021

It would be great to have the ability for defining custom pkcs wrapper.
For example: have a look at java lib

than we could use it like this:

pkcs11.load("/usr/local/lib/softhsm/libsofthsm2.dll", "/usr/local/lib/pkcs11wrapper.dll");
@rmhrisk
Copy link
Contributor

rmhrisk commented Jun 3, 2021

Normally these wrappers have their own configuration and act as a passthrough, is your expectation that the additional param would be used to configure these wrapper libraries?

@ayZagen
Copy link
Author

ayZagen commented Jun 3, 2021

I would like to connect to a PKCS#11 module (libsofthsm2 in the example) with the specified PKCS#11-wrapper native library (pkcs11wrapper.dll) and get an interface to it.

@rmhrisk
Copy link
Contributor

rmhrisk commented Jun 3, 2021

Why not specify PKCS11wrapper.dll and configure it to call libsofthsm2?

For example:
https://github.com/xipki/pkcs11wrapper/blob/sunpkcs11/examples/data/pkcs11.properties

@ayZagen
Copy link
Author

ayZagen commented Jun 3, 2021

well, you are definitely right but that would require too much work, for every pkcs module I should create a new dll.

In the example you provided, we can create a jar which can be used with the library I referenced at main post. But that's the whole point for me as I am trying to run away from java :)

This a really specific requirement, I am trying to migrate our e-sign reader from java app (a single jar) to an electron application and some countries have their own pkcs11 implementation. The e-signature providers in those countries only works with that modified lib ( I know that sucks ) and I was able to provide it in a single parameter with that java library.

I am no expert of c++ but I thought it is doable in this library.

EDIT: I ve used dll's but actually my requirement is cross os. so it makes it harder to generate libs.

@microshine
Copy link
Contributor

Could you share information about PKCS11 API you are needed? It'll help me to understand it's hard or not to implement it on C++

@rmhrisk
Copy link
Contributor

rmhrisk commented Jun 5, 2021

He isn’t looking for a PKCS11 library interface, he either wants us to provide a wrapper library for logging details or to configure another wrapper library.

@rmhrisk
Copy link
Contributor

rmhrisk commented Jun 5, 2021

Have you seen FortifyApp.com and Verify.ink?

@ayZagen
Copy link
Author

ayZagen commented Jun 5, 2021

@rmhrisk is right.

I really feel very dumb, I didn't notice fortify. It looks promising and slick let me try it it out

@rmhrisk
Copy link
Contributor

rmhrisk commented Jun 5, 2021

@rmhrisk is right.

I really feel very dumb, I didn't notice fortify. It looks promising and slick let me try it it out

Also check out Hancock.ink

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants