NAME
Crypt::HSM - A PKCS11 implementation
VERSION
version 0.001
SYNOPSIS
my $hsm = Crypt::HSM->load('/usr/lib/pkcs11/libsofthsm2.so');
my ($slot) = $hsm->slots;
my $session = $hsm->open_session($slot);
$session->login('user', '1234');
my ($key) = $session->find_objects({ class => 'secret-key', label => "my-key" });
my $ciphertext = $session->encrypt('aes-gcm', $key, $plaintext);
DESCRIPTION
This module interfaces with any PKCS11 library to use its cryptography.
METHODS
load($path)
This loads the pkcs11 found a $path, and returns it as a new Crypt::HSM object.
slots($available = 1)
This lists the slots of this interface. If $available
is true only slots with a token available will be listed.
mechanisms($slot)
This returns all mechanisms supported by the token in the slot.
mechanism_info($slot, $mechanism)
This returns more information about the mechanism. This includes the following fields.
min-key-size
The minimum key size
max-key-size
The maximum key size
flags
This array lists properties of the mechanism. It may contain values like
'encrypt'
,'decrypt'
,'sign'
,'verify'
,'generate'
,'wrap'
and'unwrap'
.
open_session($slot, $flags = [])
This opens a session to $slot
. $flag
is an optional array that may currenlt contain the value 'rw-session'
to enable writing to the token.
close_all_sessions($slot)
This closes all sessions on $slot
.
info()
This returns a hash with information about the HSM.
slot_info($slot)
This returns a hash with information about the slot.
token_info($slot)
This returns a hash with information about the token in the slot.
init_token($slot, $pin, $label)
This initializes a token on $slot
, with the associalted $pin
and $label
(max 32 characters).
AUTHOR
Leon Timmermans <leont@cpan.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2023 by Leon Timmermans.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.