21 stable releases
Uses new Rust 2024
| 5.23.0 | May 29, 2026 |
|---|---|
| 5.21.0 | Apr 21, 2026 |
| 5.18.0 | Mar 26, 2026 |
| 1.9.0 | Feb 16, 2026 |
| 0.4.0 | May 9, 2025 |
#337 in Security
1MB
19K
SLoC
A PKCS#11 provider for Cosmian KMS
This project builds libraries for Linux, MACOS and Windows, to use the Cosmian KMS as a PKCS#11 provider.
The PKCS#11 standard defines an API for cryptographic devices, such as hardware security modules ( HSMs) and smart cards. The Cosmian KMS is a cloud-based cryptographic service that provides a secure and scalable key management solution.
The PKCS#11 2.40 standard is available at https://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html
The primary goal is to support the Cosmian KMS as
- a Veracrypt keyfiles provider,
- a LUKS keys provider,
but it can be used with any application that supports PKCS#11.
Prim'x
Generating a private key and certificate:
cosmian.exe certificates certify -t disk-encryption -c primx --generate-key-pair --algorithm rsa2048 --subject-name "CN=Disk Encryption,OU=Org Unit,O=Org Name,L=City,ST=State,C=US" --certificate-extensions F:\primx.extensions` (exit code: 1)
PS F:\projects\kms> cargo run --bin ckms -- certificates certify -t disk-encryption -c primx --generate-key-pair --algorithm rsa2048 --subject-name "CN=Disk Encryption,OU=Org Unit,O=Org Name,L=City,ST=State,C=US" --certificate-extensions F:\primx.extensions
Dependencies
~52–78MB
~1.5M SLoC