Go to the first, previous, next, last section, table of contents.


2 Introduction to gpkcs11.

GPKCS-11 is an implementation of PKCS#11: Cryptographic Token Interface Standard GPKCS#11 is still in development and may lead to loss of data and has potential security holes. FSF, the GNU Project or TC TrustCenter are not liable to any damages, direct or indirect, that arise through the use of the software.

PKCS#11 defines an interface for the communication of arbitrary applications with systems that perform cryptographic operations, like en- and decryption, signing and verifying. These systems, called token, may be Chipcards (with appropriate reader), discrete hardware systems or pure software implementations. The standard also defines mechasnism for using multiple cryptographics systems within a single application.

gpkcs11 provides support functions to make the development of support for new tokens easier and contains a complete software token, as well as an automated testing environment. In a later version this software token will be usable as complete and secure tool for cryptographic applications. In this phase GPKCS#11 may serve as a testing tool in the development of new applications that contain cryptographic support.

This is code in work. It is currently only tested to run under Solaris 2.5.1/SPARC. It should be able to run on other UNIX platforms. Only the creation of shared libraries will create problems. The use of libtool to solve this problem is on the top of our list of further developments. The development was done on Windows NT in parallel, and should be able to run on it as well. But the distribution does not contain our project files, as this would have made it too bloated. Due to this is the creation of an automatic build for NT one of the features planed for future releases.

To create all parts of gpkcs11 you also need the following:

OpenSSL-0.9.4
to provide the cryptographic backend to the software token.
GUILE-1.3
for the interactive test and administration tool cryptsh
DejaGNU-1.3
are needed to run the automatic test environment. If you do not want to run the tests that you do not need this. But the tests may also be used to test other PKCS#11 implementations.
JDK 1.1
is needed to install the library in Netscape Communicator. For other uses the package is not required.


Go to the first, previous, next, last section, table of contents.