PKCS #11 + gnutls

Christian Hilberg hilberg at
Fri Mar 25 10:34:49 CET 2011

On Thu 24 March 2011, Nikos Mavrogiannopoulos wrote:
> Hello,
> The just-released gnutls 2.12.0 includes support for security
> modules such as smart-cards via the PKCS #11 API. More
> details are available at:
> l#PKCS-_002311-tokens
> It should be noted however that PKCS #11 is an old
> API with few problems. If you expect the PKCS #11 modules
> to be used by multiple crypto libraries, we suggest that you
> use the intermediate module p11-kit. It is available at:

Aside from p11-kit, has GnuTLS PKCS #11 been tried with the OpenCryptoki [1] / 
Trousers [2] stack (or glue, whichever wording is more appropriate)? I'm 
asking just out of curiosity as we're using OpenCryptoki/Trousers and NSS 
presently, since there had not been PKCS #11 support in GnuTLS when we started 
out with our project [3], which could also profit from the now-available PKCS 
#11 support in GnuTLS.

Kind regards,



kernel concepts GbR        Tel: +49-271-771091-14
Sieghuetter Hauptweg 48
D-57072 Siegen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110325/8bb05b05/attachment.pgp>

More information about the Gnutls-devel mailing list