Development¶
The repository contains a prepared devcontainer environment that can be used for a simple and secure development setup. Refer to the provided tutorial on how to use it.
Build Requirements¶
Info
All build requirements are already installed in the provided devcontainer environment
Build¶
-
Update submodules
git submodule update --init --recursive
-
Build the library
cargo build --release
Debugging¶
PKCS11-Spy¶
PKCS #11 Spy is a spy library that is injected between a PKCS #11 consumer (application) and a PKCS #11 producer (library). The library logs all function invocations along with the supplied arguments. Envoked calls are delegated to the PKCS #11 producer.
Installation¶
PKCS #11 Spy is part of the OpenSC project and is therefore distributed as part of the OpenSC release artifact.
Debian-Based OS¶
sudo apt-get install opensc
Usage¶
The spy is loaded as a regular PKCS #11 library. In addition, the following environment variables are used for customization:
- PKCS11SPY - Specifies the PKCS #11 library that should receive delegated function invocations
- PKCS11SPY_OUTPUT - Specifies log file that will contain function invocations.
Example¶
PKCS11SPY="/usr/lib/libcryptoki_bridge.so" PKCS11SPY_OUTPUT="./cryptoki-bridge.log" ssh -I /usr/lib/x86_64-linux-gnu/pkcs11-spy.so username@localhost