Modules
This module provides functions to encode and decode elliptic curve parameters.
This module provides functions to convert between the raw signature bytes and the ASN.1 encoding of the signature.
Handles conversion between PKCS#11 flags (CK_FLAGS) and MapSets of atoms.
This module contains the core functionality for the P11ex library and provides
the low-level API for interacting with PKCS#11 modules. In general, you should not
use this module directly. Instead, use the higher-level P11ex.Module and P11ex.Session
modules instead.
Represents a reference to a dynamically loaded PKCS#11 module.
This module defines sets of attributes for PKCS#11 objects.
Represents a PKCS#11 object. This can be a key, a certificate, a secret key, etc. Note
that the object handle may be only valid in the context of the session that created it.
For example, a session key (:cka_token is false) is only visible and usable within the
context of the session that generates it. Other handles may be visible and usable over multiple
sessions, such as handles to token objects.
Represents a PKCS#11 session. A session is used to interact with a token.
Represents a PKCS#11 slot. A slot can contain a token (e.g. a smart card) or a token emulator (e.g. a software token).
A module is a GenServer that manages a PKCS#11 module and its loading state. A PKCS#11 module is a
shared library that implements a PKCS#11 provider. A module should be loaded only once per application
or beam virtual machine. That is, you should only create one instance of P11ex.Module in your application
and add it to your supervision tree. Operations on the module should be performed through the GenServer
callbacks so that they are serialized.
This module is a GenServer that manages a PKCS#11 session. A session is used
to interact with a token, e.g. generate keys, encrypt data, decrypt data, etc. Sessions
are created by the P11ex.Module module using the open_session/3 function. Depending on
the type of token multiple for the same token can be opened in parallel (e.g. if the token is
a network HSM). One session can only be used in a serialised way, i.e. only one operation can be
performed at a time. Additionally, sessions have a state. This state can be non-persistent keys associated
with the session or the state of an encryption or decryption operation.