func FindPKCS11Lib() (lib, pin, label string)
FindPKCS11Lib IS ONLY USED FOR TESTING This is a convenience function. Useful to self-configure, for tests where usual configuration is not available
func New(opts PKCS11Opts, keyStore bccsp.KeyStore) (bccsp.BCCSP, error)
New WithParams returns a new instance of the software-based BCCSP set at the passed security level, hash family and KeyStore.
DummyKeystoreOpts is placeholder for testing purposes
type DummyKeystoreOpts struct{}
FileKeystoreOpts currently only ECDSA operations go to PKCS11, need a keystore still Pluggable Keystores, could add JKS, P12, etc..
type FileKeystoreOpts struct {
KeyStorePath string `mapstructure:"keystore" json:"keystore" yaml:"KeyStore"`
}
PKCS11Opts contains options for the P11Factory
type PKCS11Opts struct {
// Default algorithms when not specified (Deprecated?)
SecLevel int `mapstructure:"security" json:"security"`
HashFamily string `mapstructure:"hash" json:"hash"`
// Keystore options
Ephemeral bool `mapstructure:"tempkeys,omitempty" json:"tempkeys,omitempty"`
FileKeystore *FileKeystoreOpts `mapstructure:"filekeystore,omitempty" json:"filekeystore,omitempty"`
DummyKeystore *DummyKeystoreOpts `mapstructure:"dummykeystore,omitempty" json:"dummykeystore,omitempty"`
// PKCS11 options
Library string `mapstructure:"library" json:"library"`
Label string `mapstructure:"label" json:"label"`
Pin string `mapstructure:"pin" json:"pin"`
SoftVerify bool `mapstructure:"softwareverify,omitempty" json:"softwareverify,omitempty"`
Immutable bool `mapstructure:"immutable,omitempty" json:"immutable,omitempty"`
}