API Reference p11ex v#0.1.1

Modules

This module provides functions to encode and decode elliptic curve parameters.

Handles conversion between PKCS#11 flags (CK_FLAGS) and MapSets of atoms.

This module contains the core functionality for the P11ex library and provides the low-level API for interacting with PKCS#11 modules. In general, you should not use this module directly. Instead, use the higher-level P11ex.Module and P11ex.Session modules instead.

Represents a reference to a dynamically loaded PKCS#11 module.

This module defines sets of attributes for PKCS#11 objects.

Represents a PKCS#11 object. This can be a key, a certificate, a secret key, etc. Note that the object handle may be only valid in the context of the session that created it. For example, a session key (:cka_token is false) is only visible and usable within the context of the session that generates it. Other handles may be visible and usable over multiple sessions, such as handles to token objects.

Represents a PKCS#11 session. A session is used to interact with a token.

Represents a PKCS#11 slot. A slot can contain a token (e.g. a smart card) or a token emulator (e.g. a software token).

A module is a GenServer that manages a PKCS#11 module and its loading state. A PKCS#11 module is a shared library that implements a PKCS#11 provider. A module should be loaded only once per application or beam virtual machine. That is, you should only create one instance of P11ex.Module in your application and add it to your supervision tree. Operations on the module should be performed through the GenServer callbacks so that they are serialized.

This module is a GenServer that manages a PKCS#11 session. A session is used to interact with a token, e.g. generate keys, encrypt data, decrypt data, etc. Sessions are created by the P11ex.Module module using the open_session/3 function. Depending on the type of token multiple for the same token can be opened in parallel (e.g. if the token is a network HSM). One session can only be used in a serialised way, i.e. only one operation can be performed at a time. Additionally, sessions have a state. This state can be non-persistent keys associated with the session or the state of an encryption or decryption operation.