blob: c060d9c3c0a2e26eba2468286eed20446c6fcc0a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
This Cryptoki module provides acces to certs and keys stored in
Macintosh key Ring.
- It does not yet export PKCS #12 keys. To get this to work should be
implemented using exporting the key object in PKCS #8 wrapped format.
PSM work needs to happen before this can be completed.
- It does not import or export CA Root trust from the mac keychain.
- It does not handle S/MIME objects (pkcs #7 in mac keychain terms?).
- The AuthRoots don't show up on the default list.
- Only RSA keys are supported currently.
There are a number of things that have not been tested that other PKCS #11
apps may need:
- reading Modulus and Public Exponents from private keys and public keys.
- storing public keys.
- setting attributes other than CKA_ID and CKA_LABEL.
Other TODOs:
- Check for and plug memory leaks.
- Need to map mac errors into something more intellegible than
CKR_GENERAL_ERROR.
|