TclPKCS11

Artifact [0b83e8c6f4]
Login

Artifact [0b83e8c6f4]

Artifact 0b83e8c6f42781a77225ee796e431124c7ff2d9a4d56a3a180cf3f9e8868b3db:

Wiki page [TclPKCS11] by rkeene on 2019-06-12 21:39:36.
D 2019-06-12T21:39:36.797
L TclPKCS11
N text/x-markdown
U rkeene
W 1575
# RSA's Public Key Cryptographic Standard (PKCS) #11 for Tcl
## Introduction

Public Key Cryptography Standard (PKCS) Number 11 specifies an API for interfacing with cryptographic tokens.  These cryptographic tokens are usually seperate hardware devices that do not provide direct access to the keying materials under normal use -- instead they directly perform the cryptographic operations on the hardware module.  This provides additional security and can be used for off-loading CPU intensive operations to specialized hardware.

Some PKCS#11 providers:

   * [CACKey](https://cackey.rkeene.org/)
   * [CoolKey](http://directory.fedoraproject.org/wiki/CoolKey)
   * [OpenSC](http://www.opensc-project.org/opensc)

## Downloads

   * [Latest Release](/uv/releases/tclpkcs11-0.9.12.tar.gz)
   * [Archive](/uvlist)

## Information

  * [Usage](/doc/trunk/usage.txt)

## Simple Example

        package require pki
        package require pki::pkcs11
        
        set handle [pki::pkcs11::loadmodule /usr/lib/pkcs11/libcackey.so]
        
        pki::pkcs11::login $handle $slotId 123456
        
        set slots [pki::pkcs11::listslots $handle]
        set slotId [lindex $slots 0 0]
        
        set certs [pki::pkcs11::listcerts $handle $slotId]
        set cert [lindex $certs 0]
        
        set plain "TestMsg"
        
        set cipher [pki::encrypt -binary -pub -- $plain $cert]
        set check  [pki::decrypt -binary -priv -- $cipher $cert]
        
        puts "Plain: $plain"
        puts "Check: $check"
Z 067ff709cdf019a93a69cac5826636fd