What is openCryptoki?

Edit online

The PKCS #11 standard comprises the definition of an API called Cryptoki (from cryptographic token interface). However, the term PKCS #11 is often used instead, to refer to the API as well as to the standard that defines it. openCryptoki in turn is an open source implementation of Cryptoki. As such, openCryptoki provides a standard programming interface between applications and all kinds of portable cryptographic devices.

openCryptoki consists of an implementation of the PKCS #11 Cryptoki API, a slot manager, a set of slot token dynamic link libraries (STDLLs), and an API for these STDLLs. For example, the EP11 token type is a STDLL introduced with openCryptoki version 3.1.

openCryptoki provides support for several cryptographic algorithms according to the PKCS #11 standard. The openCryptoki library loads the tokens that provide hardware or software specific support for cryptographic functions.

openCryptoki can be used directly through the openCryptoki shared library (C API) from all applications which are written in a language that provides a foreign language interface for C.

openCryptoki is available for major Linux® distributions, for example, Red Hat Enterprise Linux, SUSE Linux Enterprise Server, or Ubuntu.

For more information about the openCryptoki services, or about the interfaces between the openCryptoki main module and its tokens, see

https://github.com/opencryptoki/opencryptoki.