wolfSSL v3.15.5 was released last week, which features many new additions to the library. One of those options is support for PCKS#11. The PKCS#11 standard defines an API to cryptographic tokens. The API defines most commonly used cryptographic object types (RSA keys, X.509 Certificates, DES/Triple DES keys, etc.) and all the functions needed to use, create/generate, modify and delete those objects.
Using wolfSSL on your application or your device will now allow you to utilize PKCS#11 for access to hardware security modules, smart cards, and other cryptographic tokens.
To build wolfSSL with PKCS#11 support, the library needs to be downloaded and then built with a specific option. The library can be downloaded from the wolfSSL download page, here: https://www.wolfssl.com/download/. The steps to build wolfSSL with PKCS#11 are detailed below:
# From within wolfSSL's root directory ./autogen.sh ./configure --enable-pkcs11 make sudo make install
wolfSSL also has its PKCS#11 documentation located within its doxygen pages, here: https://www.wolfssl.com/doxygen/group__PKCS11.html. This PKCS#11 documentation provides information on the recently added PKCS#11 API.
More information about the new release of wolfSSL v3.15.5 can be found here: https://www.wolfssl.com/wolfssl-3-15-5-now-available/
wolfSSL v3.15.5 download: https://www.wolfssl.com/download/
Wikipedia article on PKCS#11: https://en.wikipedia.org/wiki/PKCS_11