Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
OpenXPKI::Crypto::BackUserpContributedpPerlBDocumentapenSSL::Engine::PKCS11(3)

Name
       OpenXPKI::Crypto::Backend::OpenSSL::Engine::PKCS11

Description
       This class implements an	interface for OpenSC's PKCS#11 engine.

Configuration
       You must	configure an ENGINE_SECTION which looks	like this:

	--snip--
	pkcs11 = pkcs11_section

	[pkcs11_section]
	engine_id = pkcs11
	dynamic_path = /usr/lib/engines/engine_pkcs11.so
	MODULE_PATH = /usr/lib/opensc-pkcs11.so
	init = 0
	--snip--

       Please note that	the key	file which must	be specified in	the
       configuration must be the idenitifier of	the key	on the smartcard an
       not a real filename.  A typical OpenSC example for a name is id_45.

Functions
   login
       tries to	set the	passphrase for the used	token. Actually	we cannot
       check the passphrase without risking to lock the	smartcard or whatever
       token is	used. If the passhrase is missing or shorter than 4 characters
       then an exception is thrown. There is no	parameter because we get the
       passphrase from the OpenXPKI::Crypto::Secret object.

       Examples: $engine->login	();

   get_engine
       returns the used	OpenSSL	engine pkcs11.

   get_engine_section
       returns the OpenSSL engine section from the configuration. Please note
       that this configuration must include a PIN line where the value of the
       PIN parameter is	__PIN__. This is necessary because this	is the only
       way how we can supply the PIN to	the PKCS#11 library.

   get_keyform
       returns "engine"	because	otherwise the use of this module makes no
       sense.

perl v5.24.1		 OpenXPKI::Crypto::Backend::OpenSSL::Engine::PKCS11(3)

Name | Description | Configuration | Functions

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=OpenXPKI::Crypto::Backend::OpenSSL::Engine::PKCS11&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help