Javascript has become the most popular language on the Internet. Until now there has not been a way to directly use cryptographic devices that provide PKCS#11 interfaces natively within NodeJS based applications.
The best you could do was to use the Node ability to use OpenSSL and OpenSSL’s ability to use the OpenSC PKCS#11 engine which would then wrap the vendor provided PKCS#11 library. That clearly is a convoluted mess.
We wanted to let Node developers use these devices directly. With that in mind we created Graphene which uses the node-ffi module to call into these libraries directly.
Our goal was to expose all of PKCS#11 while adopting the NodeJS “style” as appropriate. There is still work to do but we think it is now to the point where others may find value in it so we have made it public as of today.
Ryan
Pingback: Graphene CLI | UNMITIGATED RISK
Does graphene support RSA encryption? Is there any example available for encrypting/decrypting with some RSA mechanism? I’ve only seen some examples for signing/verifying, but I need to encrypt with a public key on a smart card.
Yes, it is based on pkcs11js which is a binding of almost all of PKCS11 so anything you can do in PKCS11js you can do in Graphene.
For an example look at graphene-cli which does a benchmarking and enumeration of device capabilities, it does, for example AES encryption.
Hi,
Nice project. I have a few questions regarding this project:
1. Will we be able to link in out own implementation of PKCS#11. We have various custom APDU commands to communicate with our smart card device that we will be using. Will we be able to link for example our own .dll file or will we have to link our PKCS#11 source?
2. Will graphene and PKCS11js work on Windows and MacOS platforms?
Look forward hearing from you
1. No need to statically link, will just work.
2. Yes