TclPKCS11 r27 (See the current copy)
RSA's Public Key Cryptographic Standard #11 for Tcl
Public Key Cryptography Standard (PKCS) Number 11 specifies an API for interfacing with cryptographic tokens. These cryptographic tokens are usually seperate hardware devices that do not provide direct access to the keying materials under normal use -- instead they directly perform the cryptographic operations on the hardware module. This provides additional security and can be used for off-loading CPU intensive operations to specialized hardware.
Some PKCS#11 providers:
Downloads
- Source
- Binaries
- Version 0.9.9
- Version 0.9.6
- FreeBSD (8.x) on AMD64
- Haiku on i586
- HP-UX v11.11 on PA-RISC 1.1 (32 bit)
- HP-UX v11.11 on PA-RISC 2.0 (64-bit)
- Linux on AMD64
- Linux on i386
- Linux on MIPS (EL, 32-bit)
- Mac OS X Universal
- Mac OS X on AMD64
- Mac OS X on i386
- Mac OS X on PowerPC 32-bit
- Mac OS X on PowerPC 64-bit
- NetBSD (5.x) on AMD64
- NetBSD (5.x) on i386
- Solaris 10 on SPARC 32-bit
- Solaris 10 on SPARC 64-bit
- Solaris 10 on i386
- Solaris 10 on AMD64
- Windows on AMD64
- Windows on i586
Information
::pki::pkcs11::loadmodule <filename> -> handle ::pki::pkcs11::unloadmodule <handle> -> true/false ::pki::pkcs11::listslots <handle> -> list: slotId label flags ::pki::pkcs11::listcerts <handle> <slotId> -> list: keylist ::pki::pkcs11::encrypt <mode> <input> <keylist> -> data ::pki::pkcs11::decrypt <mode> <input> <keylist> -> data ::pki::pkcs11::login <handle> <slotId> <password> -> true/false ::pki::pkcs11::logout <handle> <slotId> -> true/false
Simple Example
package require pki package require pki::pkcs11 set handle [pki::pkcs11::loadmodule /usr/lib/pkcs11/libcackey.so] pki::pkcs11::login $handle $slotId 123456 set slots [pki::pkcs11::listslots $handle] set slotId [lindex $slots 0 0] set certs [pki::pkcs11::listcerts $handle $slotId] set cert [lindex $certs 0] set plain "TestMsg" set cipher [pki::encrypt -binary -pub -- $plain $cert] set check [pki::decrypt -binary -priv -- $cipher $cert] puts "Plain: $plain" puts "Check: $check"