diff options
| author | Linus Nordberg <linus@sunet.se> | 2019-07-03 11:37:34 +0200 |
|---|---|---|
| committer | Linus Nordberg <linus@sunet.se> | 2019-07-03 11:37:34 +0200 |
| commit | 3279feecd434c4135ab4b8b0c54560504bf9261d (patch) | |
| tree | dfdb74d999c20b07e048580314955d350489dae2 /doc | |
| parent | c60a39db307592661760b0c0f2cd3f5871dd71fd (diff) | |
split up p11p.md
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/p11p-design.md | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/doc/p11p-design.md b/doc/p11p-design.md new file mode 100644 index 0000000..d16dddf --- /dev/null +++ b/doc/p11p-design.md @@ -0,0 +1,58 @@ +# p11p design + +## Overview and design criterias + + User application --(dlopen)--> + p11p-client.so --(<our-protocol>-over-unix-socket)--> + p11p-daemon --(fork+exec, stdin/stdout)--> + p11p-helper --(dlopen)--> + $vendor.so --(vendor-specific)--> + PKCS #11 token + +- Typical sequence of events + - User application dlopens `p11p-client.so` as a "Cryptoki library" + - `p11p-client.so` connects to `p11p-daemon` running on the same + system, over a unix socket (AF_UNIX). + - `p11p-daemon` forks a process and executes `p11p-helper` + - `p11p-helper` dlopens the appropriate Cryptoki library from + $vendor and forwards the Cryptoki calls there + +- The daemon, `p11p-daemon`, handles both load balancing and failover, + according to configuration per (set of) token(s). +- Run on reasonable Linux and BSD systems. +- Somewhat isolating (and potentially constraining) the running of + vendor solibs by forking before loading them. +- The Cryptoki stub library, `p11p-client.so`, is implemented in + C. TBD: Use code from p11-kit for this? p11-kit-client.so uses + libffi and its own serialisation code (rpc-message.c), + both of which might be unnecessarily complex, but for a PoC might + be a good choice. +- The daemon, `p11p-daemon`, is implemented in something not too + crazy, like Erlang or Rust, taking the deployment story into + account -- being self-contained is a worthwhile goal. +- The daemon child, `p11p-helper`, is an executable program using + the Cryptoki API, implemented in C (or possibly another language + that can dlopen and call into the vendor solib). +- Wire protocol between `p11p-client.so` and `p11p-daemon` is TBD but + should be designed for simple parsing in C. It runs over an AF_UNIX + socket and needs only serialisation of Cryptoki calls -- no + addressing and minimal framing (like a message length). TBD: + Serialise (using Trunnel) and use an end-of-record sequence instead? + +### PKCS #11 + +#### Supported PKCS #11 mechanisms + +TBD + +## Configuration + +TODO + +## External dependencies + +TODO + +## External documentation + +- [OASIS PKCS 11 TC](https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=pkcs11) |