michael@0: This Cryptoki module provides acces to certs and keys stored in
michael@0: Macintosh key Ring.
michael@0: 
michael@0: - It does not yet export PKCS #12 keys. To get this to work should be 
michael@0:   implemented using exporting the key object in PKCS #8 wrapped format.
michael@0:   PSM work needs to happen before this can be completed.
michael@0: - It does not import or export CA Root trust from the mac keychain.
michael@0: - It does not handle S/MIME objects (pkcs #7 in mac keychain terms?).
michael@0: - The AuthRoots don't show up on the default list.
michael@0: - Only RSA keys are supported currently.
michael@0: 
michael@0: There are a number of things that have not been tested that other PKCS #11
michael@0: apps may need:
michael@0: - reading Modulus and Public Exponents from private keys and public keys.
michael@0: - storing public keys.
michael@0: - setting attributes other than CKA_ID and CKA_LABEL.
michael@0: 
michael@0: Other TODOs:
michael@0: - Check for and plug memory leaks.
michael@0: - Need to map mac errors into something more intellegible than 
michael@0:   CKR_GENERAL_ERROR.