GitHub Repository

A PKCS#11 v3.0-compliant Software Hardware Security Module (HSM) written in pure Rust

6 starsRust

Craton HSM – A memory-safe PKCS#11 software HSM in Rust

Name: Craton HSM – A memory-safe PKCS#11 software HSM in Rust
Availability: InStock
Author: victor-craton

by victor-craton·Mar 24, 2026·3 points·3 comments

Visit Project View on HN

AI Analysis

●●●BangerWizardryDark Horse

Memory-safe PKCS#11 HSM in Rust with post-quantum crypto support.

Strengths

•Pure Rust implementation eliminates memory safety vulnerabilities common in C-based HSMs.
•Includes post-quantum algorithms ahead of many legacy HSMs.

Weaknesses

•Not FIPS 140-3 certified yet, limiting enterprise adoption where compliance.

Similar Projects

Infrastructure●●Solid

A vibe-coded low-level PKCS#11 Terraform provider

Exposes PKCS#11 primitives as Terraform resources — you can C_CreateObject, generate asymmetric and symmetric keys, and manage wrapped keys with slot/token selection filters. The repo also doubles as an interesting LLM experiment: most code was iteratively authored and validated with Claude against a real YubiHSM, which is a clever demo but doesn't by itself change the niche infra value proposition.

Niche GemShip It

blechschmidt

203mo ago

Developer Tools●●●Banger