Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement a pkcs11 driver #28

Open
7 tasks
rcatolino opened this issue Mar 3, 2025 · 0 comments
Open
7 tasks

Implement a pkcs11 driver #28

rcatolino opened this issue Mar 3, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@rcatolino
Copy link

rcatolino commented Mar 3, 2025
edited
Loading

Implementing a pkcs11 driver wrapping the KMS APIs would enable several applications to use the KMS as a backend (applications like gpg or ssh, but also services like openbao)

We would need to implement at least the following mechanisms :

  • CKM_AES_KEY_GEN
  • CKM_RSA_PKCS_KEY_PAIR_GEN
  • CKM_EC_KEY_PAIR_GEN
  • CKM_AES_GCM (encrypt/decrypt and wrap/unwrap)
  • CKM_ECDSA (sign/verify)
  • CKM_RSA_PKCS_PSS (sign/verify)
  • CKM_RSA_PKCS (sign/verify)
@rcatolino rcatolino added the enhancement New feature or request label Mar 3, 2025
@rcatolino rcatolino mentioned this issue Mar 3, 2025
Closed
@rcatolino rcatolino marked this as a duplicate of #26 Mar 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rcatolino