feat(hsm-emulator): PKCS#11 HSM emulator in Zig (M0–M7)
Software HSM that compiles to a real Cryptoki (PKCS#11) v2.40 shared
object, loadable by pkcs11-tool / OpenSSL like a smartcard. SoftHSM2-style
three-layer split: C-ABI facade -> typed core state -> crypto + persistence.
- M0 hand-written v2.40 ABI + build-time OASIS cross-check; exports only C_GetFunctionList
- M1 sessions, login, Argon2id PIN, lockout
- M2 objects + find, CKA_PRIVATE gating, persisted token store
- M3 RNG, SHA-2 digest, HMAC, AES-CBC/CBC-PAD/GCM
- M4 ECDSA P-256/P-384 keygen + sign/verify (std.crypto)
- M5 RSA 2048-4096 via libcrypto: PKCS#1 v1.5 / PSS sign-verify, PKCS#1 / OAEP enc-dec
- M6 encrypted-at-rest store: selective AES-256-GCM envelope, master key wrapped under Argon2id(User-PIN)
- M7 hardening (session-secret zeroization, fail-closed relock, heap-leak scrub, ubsan-free ABI) + Docker
Verified three ways: 65/65 unit tests, in-process dlopen smoke, and
cross-process OpenSC pkcs11-tool (token keys survive process restart).
Also excludes vendor/pkcs11 from the trailing-whitespace / end-of-file
pre-commit hooks so the vendored OASIS headers keep their documented
SHA-256 provenance.