pkcs11-provider

This is an OpenSSL 3.x provider to access Hardware and Software Tokens using the PKCS#11 Cryptographic Token Interface. Access to tokens depends on loading an appropriate PKCS#11 driver that knows how to talk to the specific token. The PKCS#11 provider is a connector that allows OpenSSL to make proper use of such drivers. This code targets PKCS#11 version 3.1 but is backwards compatible to version 3.0 and 2.40 as well.

To report Security Vulnerabilities, please use the “Report a Security Vulnerability” template in the issues reporting page.

Installation

See BUILD for more details about building and installing the provider.

Usage

Configuration directives for the provider are documented in provider-pkcs11(7) man page. Example configurations and basic use cases can be found in HOWTO.

Notes

• PKCS #11 Specification Version 3.1