Closed stefanberger closed 3 years ago
Thanks @stefanberger , looks good for the most part, only main concern is with adding PKCS11 specific fields into the
DecryptConfig
struct. Could you also give an idea of what the config helpers would look like? Likefunc EncryptPKCS11WithPublicKey(...) encconfig.CryptoConfig
@lumjjb I pushed an update now. The extension to the DecryptConfig is still the same and I added it as a parameter to the pkcs11 related constructors, which in turn extends some existing API calls with a parameter. One way or another we need this parameter so we know where the directories with the modules are. It should be (part of) a configuration file of the app that's calling the API.
something came up and I'm away till Monday, I'll take a look at this on Tuesday.
@lumjjb I am also away till Tuesday.
Linking issue: https://github.com/containers/ocicrypt/issues/20
This series of patches adds high level keywrap and unwrap support for pkcs11.