gnutls 2.11.0 released

Nikos Mavrogiannopoulos nmav at
Thu Aug 5 21:09:30 CEST 2010

On Thu, Aug 5, 2010 at 12:32 PM, Christian Hilberg <hilberg at>

>> [...]
>> This is major update release that includes features such as PKCS #11
>> support for cryptographic objects, support for local system thread
>> locks, new message buffering layer, support for nettle library and more.
>> [...]
>> * Version 2.11.0 (released 2010-07-22)
>> [...]
>> ** libgnutls: Added PKCS #11 support and an API to access objects in
>> gnutls/pkcs11.h. Currently certificates and public keys can be
>> imported from tokens, and operations can be performed on private keys.
>> [...more pkcs #11 additions...]
> I'm interested in getting to know whether you see this version of GnuTLS fit
> for accessing client certificates residing in a TPM module (token).
> We have a setup with openCryptoki and Trousers and we can access the TPM token
> via openCryptoki's pkcsslotd using the NSS library. Is the same possible with
> the current GnuTLS development release as well?

I've never tried the pkcsslotd but if it provides a pkcs11 module,
then it should work. Check the gnutls.pdf  from the development for
more details on pkcs11. The certtool program will provide a quick test
on whether the pkcs11 library can be used.


More information about the Gnutls-devel mailing list