The purpose of this section is to provide all possible available documentation that makes programming against PKCS#11 easier.
I ran across this only recently (April 2020). It is an invaluable collection of all PKCS#11 standards including all their C header files: /~https://github.com/Pkcs11Interop/PKCS11-SPECS
Special thanks to the guys from Pkcs11Interop to provide this collection.
When one first starts to explore the PKCS#11 world, there will be obstacles. The biggest one is to know and discover what documentation to read so that one can get familiar with the standard. It is best to read up on it in the following order:
- Usage Guide - I discovered this unfortunately way too late for some reason. Giving this a read - before doing anything else - one gets actually a really good architectural overview of the standard.
- Base Specification - This is the most important document for implementation of this library - in particular for the low-level API. It explains in detail how the C interface is structured and how to interact with it. Following this will provide all the details on how to write the FFI wrapper.
- Current Mechanisms - This document is in particular important for our higher-leval API. It explains in detail on how to interface in detail with all the cryptographic algorithms. E.g. go here if you need help on how to generate and use an RSA key or how to use the token for digital signatures.
The C header files for PKCS #11 v2.40 can be found at this location: