HSM driver for REST API

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

HSM driver for REST API

Sven Anderson
Hi everyone!

I wanna write a PKCS#11 for a network attached HSM that is accessed via a REST API. I would write the "backend" to the HSM with C++/boost/cpprestsdk. I'm thinking about which PKCS#11 project would be the best to base that work on. OpenSC seems to be purely focused on hardware-attached devices. so would it be a reasonable thing to use OpenSC for that? And how would I "hook in" such a non-USB attached device?

Thanks in advance,

Sven

[sent from mobile device]

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: HSM driver for REST API

frankmorgner
I don't know exactly what the benefit of a HSM with REST API is, but regarding
the integration in OpenSC you have several options:

- Write a PC/SC driver that makes your HSM accessible for OpenSC (and most
  other smartcard applications). You could use this virtual driver
http://frankmorgner.github.io/vsmartcard/virtualsmartcard/README.html as
starting point.

- Write new reader driver within OpenSC (which naturally doesn't integrate with
  other applications). You need to add a new implementation of `sc_reader_t`,
look into reader-pcsc.c for guidance.

- Write a CT-API shared library, which OpenSC and some other smartcard
  applications can use.

And of course, you could write a completely new implementation of a PKCS#11
library and skip integration with OpenSC. Given your use case, this option looks
like the most favourable one.

2016-12-25 22:05 GMT+01:00 Sven Anderson <[hidden email]>:
Hi everyone!

I wanna write a PKCS#11 for a network attached HSM that is accessed via a REST API. I would write the "backend" to the HSM with C++/boost/cpprestsdk. I'm thinking about which PKCS#11 project would be the best to base that work on. OpenSC seems to be purely focused on hardware-attached devices. so would it be a reasonable thing to use OpenSC for that? And how would I "hook in" such a non-USB attached device?

Thanks in advance,

Sven

[sent from mobile device]

------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/intel
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel