Development

The repository contains a prepared devcontainer environment that can be used for a simple and secure development setup. Refer to the provided tutorial on how to use it.

Build Requirements

• rust
• protocol buffer compiler

Info

All build requirements are already installed in the provided devcontainer environment

Build

1. Update submodules

   git submodule update --init --recursive
   

2. Build the library

   cargo build --release
   

Debugging

PKCS11-Spy

PKCS #11 Spy is a spy library that is injected between a PKCS #11 consumer (application) and a PKCS #11 producer (library). The library logs all function invocations along with the supplied arguments. Envoked calls are delegated to the PKCS #11 producer.

Installation

PKCS #11 Spy is part of the OpenSC project and is therefore distributed as part of the OpenSC release artifact.

Debian-Based OS

sudo apt-get install opensc

Usage

The spy is loaded as a regular PKCS #11 library. In addition, the following environment variables are used for customization:

• PKCS11SPY - Specifies the PKCS #11 library that should receive delegated function invocations
• PKCS11SPY_OUTPUT - Specifies log file that will contain function invocations.

Example

PKCS11SPY="/usr/lib/libcryptoki_bridge.so" PKCS11SPY_OUTPUT="./cryptoki-bridge.log" ssh -I /usr/lib/x86_64-linux-gnu/pkcs11-spy.so username@localhost