Context Navigation

Up
Start Page
Index
History
Last Change

Using Keys

Once you have created a key and know its id attribute you can start using it. Code like this:

TODO

will search the HSM for the key with a given ID and then allow you to use it to perform crypto operations

Would URLs be a better way?

In order to use a key an application needs the path to the PKCS11 lib, the key ID, username, pin and the slot number ???Any others???

It might be nice to have a standard way of passing an application this information. How about defining a set of URI schemes for finding the key you want. For example, you could have keys in the following locations

pkcs11:///path/to/pkcs11/lib?slot=0&id=123

file:///path/to/pem/file

You could even pass the username and pin in the URL but that would be very bad!

See also: Darren Moffat's PKCS#11 URI Suggestion

Download in other formats:

Plain Text
PDF