Skip to content


Repository files navigation


Build Status Coverage Status Language grade: C/C++ Language grade: Python Coverity Scan

PKCS #11 is a Public-Key Cryptography Standard that defines a standard method to access cryptographic services from tokens/ devices such as hardware security modules (HSM), smart cards, etc. In this project we intend to use a TPM2 device as the cryptographic token.

Getting Started

Example Usages

  • SSH - How to configure and use it with SSH.
  • P11 - How to configure and use it with various P11 components.
  • PKCS11-TOOL - How to configure and use it with OpenSC's pkcs11-tool.
  • EAP-TLS - How to configure and use it for Wi-Fi authentication using EAP-TLS.
  • INTEROPERABILITY - Configuration details for interoperability with tss2-engine and tpm2-tools projects. Note, the tpm2-tools interoperability could cover other projects that use raw marshalled TPM 2.0 structures.

Advanced Knowledge