TclPKCS11

Update of "TclPKCS11"
Login

Update of "TclPKCS11"

Overview

Artifact ID: 5f6ff01aff24b8c2fb4a3cc423ec649e93f6f23716cee01e16b1c7926b591190
Page Name:TclPKCS11
Date: 2019-06-12 21:41:57
Original User: rkeene
Mimetype:text/x-markdown
Parent: 67c956994500722ebecabc2fedc7414a476f5b4f9a4fd6e1513114f7d0abde75 (diff)
Next 0b2f4c50ac87c08dec4e135ec6c29994b56c737a8892903271dd940d90fdc4a6
Content

RSA's Public Key Cryptographic Standard (PKCS) #11 for Tcl

Introduction

Public Key Cryptography Standard (PKCS) Number 11 specifies an API for interfacing with cryptographic tokens. These cryptographic tokens are usually separate hardware devices that do not provide direct access to the keying materials under normal use -- instead they directly perform the cryptographic operations on the hardware module. This provides additional security and can be used for off-loading CPU intensive operations to specialized hardware.

This package lets Tcl scripts interface with PKCS#11 modules.

This package requires the "pki" extension, which is pure Tcl and can be found in Tcllib.

Some PKCS#11 providers:

Downloads

Information

Simple Example

    package require pki
    package require pki::pkcs11

    set handle [pki::pkcs11::loadmodule /usr/lib/pkcs11/libcackey.so]

    pki::pkcs11::login $handle $slotId 123456

    set slots [pki::pkcs11::listslots $handle]
    set slotId [lindex $slots 0 0]

    set certs [pki::pkcs11::listcerts $handle $slotId]
    set cert [lindex $certs 0]

    set plain "TestMsg"

    set cipher [pki::encrypt -binary -pub -- $plain $cert]
    set check  [pki::decrypt -binary -priv -- $cipher $cert]

    puts "Plain: $plain"
    puts "Check: $check"