PKCS #11, Javascript and Nodejs

Javascript has become the most popular language on the Internet. Until now there has not been a way to directly use cryptographic devices that provide PKCS#11 interfaces natively within NodeJS based applications.

The best you could do was to use the Node ability to use OpenSSL and OpenSSL’s ability to use the OpenSC PKCS#11 engine which would then wrap the vendor provided PKCS#11 library. That clearly is a convoluted mess.

We wanted to let Node developers use these devices directly. With that in mind we created Graphene which uses the node-ffi module to call into these libraries directly.

Our goal was to expose all of PKCS#11 while adopting the NodeJS “style” as appropriate. There is still work to do but we think it is now to the point where others may find value in it so we have made it public as of today.

Ryan

3 thoughts on “PKCS #11, Javascript and Nodejs

  1. Pingback: Graphene CLI | UNMITIGATED RISK

  2. Luis Zuniga

    Does graphene support RSA encryption? Is there any example available for encrypting/decrypting with some RSA mechanism? I’ve only seen some examples for signing/verifying, but I need to encrypt with a public key on a smart card.

    Reply
    1. rmhrisk Post author

      Yes, it is based on pkcs11js which is a binding of almost all of PKCS11 so anything you can do in PKCS11js you can do in Graphene.

      For an example look at graphene-cli which does a benchmarking and enumeration of device capabilities, it does, for example AES encryption.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *