Scratchpad

Scratchpad r75 (See the current copy)

Random [Scripts]
Random [Demonstrations]
Information about interesting [Current Projects]
Information about [Tcl]
Information about [Random Number Generation]
My [Scratchpad]
----
Information about [Roy Keene]
Feel free to contact me about this website at mailto:wiki@rkeene.org
Random [Diatribes]
Information about [Threads]
Random [Links]
My [Friends]
'''What you will find here'''

** [TclPKCS11] **
''RSA's Public Key Cryptographic Standard #11 for Tcl''

Public Key Cryptography Standard (PKCS) Number 11 specifies an API for interfacing with cryptographic tokens.  These cryptographic tokens are usually seperate hardware devices that do not provide direct access to the keying materials under normal use -- instead they directly perform the cryptographic operations on the hardware module.  This provides additional security and can be used for off-loading CPU intensive operations to specialized hardware.

Some PKCS#11 providers:
[CACKey]
[http://directory.fedoraproject.org/wiki/CoolKey | CoolKey]
[http://www.opensc-project.org/opensc | OpenSC]

'''[https://chiselapp.com/user/rkeene/repository/tclpkcs11/ | Homepage]'''

----

'''Information'''

  ::pki::pkcs11::loadmodule <filename>                       -> handle
  ::pki::pkcs11::unloadmodule <handle>                       -> true/false
  ::pki::pkcs11::listslots  <handle>                         -> list: slotId label flags
  ::pki::pkcs11::listcerts  <handle> <slotId>                -> list: keylist
  ::pki::pkcs11::encrypt <mode> <input> <keylist>            -> data
  ::pki::pkcs11::decrypt <mode> <input> <keylist>            -> data
  ::pki::pkcs11::login <handle> <slotId> <password>          -> true/false
  ::pki::pkcs11::logout <handle> <slotId>                    -> true/false

----
'''Simple Example'''

 package require pki
 package require pki::pkcs11

 set handle [pki::pkcs11::loadmodule /usr/lib/pkcs11/libcackey.so]

 pki::pkcs11::login $handle $slotId 123456

 set slots [pki::pkcs11::listslots $handle]
 set slotId [lindex $slots 0 0]

 set certs [pki::pkcs11::listcerts $handle $slotId]
 set cert [lindex $certs 0]

 set plain "TestMsg"

 set cipher [pki::encrypt -binary -pub -- $plain $cert]
 set check  [pki::decrypt -binary -priv -- $cipher $cert]

 puts "Plain: $plain"
 puts "Check: $check"