Package: wnpp Severity: wishlist Owner: Tobias Deiminger <tobias.deimin...@posteo.de> X-Debbugs-Cc: debian-devel@lists.debian.org, debian-r...@lists.debian.org
* Package name : nethsm-pkcs11 Version : 1.7.2 Upstream Contact: Technical support supp...@nitrokey.com * URL : https://github.com/Nitrokey/nethsm-pkcs11 * License : Apache 2.0 Programming Lang: Rust Description : PKCS#11 module for Nitrokey NetHSM nethsm-pkcs11 is an open source PKCS#11 module written in Rust and published by Nitrokey to use their NetHSM hardware [1] as a backend for PKCS#11 operations. As such it's comparable to yubihsm-pkcs11 which is already in Debian. Unlike most other Rust crates, the build output is a shared library implementing the Cryptoki C API [2]. I've walked through the packaging process locally to see what it takes and was able to build and use the resulting .deb to connect to a NetHSM and perform code signing operations. Only minor patching will be needed, mostly dropping/relaxing dependencies. At least following changes are required in Debian: - nethsm-pkcs11 1.7.2, new - nethsm-sdk-rs 2.0.0, new - multipart 0.18.0 new, enable only client features to avoid more dependencies - x509-cert 0.2.5 new - merge, merge_derive 0.1.0 -> 0.2.0 - tex-fmt 0.5.2, rdep to merge, bump merge to 0.2.0 I should be able to maintain the new packages in my spare- and working time and hope to find a sponsor from the Rust team initially. [1] https://www.nitrokey.com/de/produkte/nethsm [2] https://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html
