Pkcs11ex.Signer (pkcs11ex v0.1.0)

Copy Markdown View Source

PKCS#11 implementation of the SignCore.Signer protocol.

Routes signing requests from SignCore.PDF.sign/2, SignCore.XML.sign/2, and SignCore.JWS.sign/2 through the Layer-2 Pkcs11ex.sign_bytes/2 entry point.

Construction

Two equivalent forms — pick whichever matches the calling code:

# Slot-ref form (recommended for production deployments
# using the application's slot supervisor)
%Pkcs11ex.Signer{slot_ref: :legal_proxy, key_ref: :signing}

# Explicit-module form (one-shot CLI tasks, tests)
%Pkcs11ex.Signer{module: pkcs11_module, slot_id: 0, key_label: "platform"}

Either form is passed as signer: in the format adapters' options. The convenience wrappers Pkcs11ex.PDF.sign/2, Pkcs11ex.XML.sign/2, Pkcs11ex.JWS.sign/2 accept the bare tuple {slot_ref, key_ref} and construct this struct internally.

Summary

Types

t()

Functions

new(opts)

Convenience constructor for the slot-ref form.

Types

t()

@type t() :: %Pkcs11ex.Signer{
  key_label: String.t() | nil,
  key_ref: atom() | nil,
  module: term() | nil,
  slot_id: non_neg_integer() | nil,
  slot_ref: atom() | nil
}

Functions

new(opts)

@spec new(keyword()) :: t()

Convenience constructor for the slot-ref form.

Pkcs11ex.Signer.new(slot_ref: :legal_proxy, key_ref: :signing)