A few weeks ago we released Graphene, a PKCS #11 binding for NodeJS. Today we are releasing a CLI based on the same library.
Our goal was to make it easy for you to work with PKCS#11 devices in a vendor neutral way without the complexity of installing and configuring a bunch of miscellaneous packages.
Using the tool itself is pretty straight forward, load the PKCS#11 module and open a session to a slot then you are ready to go:
rmh@peculiar-02:/home/graphene# graphene
> module load -l /usr/safenet/lunaclient/lib/libCryptoki2_64.so -n test
Module info
==============================
Library: /usr/safenet/lunaclient/lib/libCryptoki2_64.so
Name: test
Description: Chrystoki
Cryptoki version: 2.20
> slot open --slot 0 -p {YourPin}
Session is started
>
Once logged in you can always find help with the ‘?’ command:
> ? Commands: ? output usage information exit exit from the application module load and retrieve information from the PKCS#11 module slot open a session to a slot and work with its contents object manage objects on the device hash compute a hash for a given file test benchmark device performance for common algorithms Note: all commands require you to first load the PKCS #11 module > module load -l /path/to/pkcs11/lib/name.so -n LibName
Some things you can do with the tool:
- Enumerate the supported algorithms of your device
- Enumerate and manage the objects on your device
- Benchmark the performance of your device
- Hash a file utilizing your device
We recently benchmarked the capabilities of a SafeNet G5, you can see the results here.
We hope you find it useful.