Your company here — click to reach over 10,000 unique daily visitors

Package opencryptoki

Implementation of the PKCS#11 (Cryptoki) specification v3.0


Opencryptoki implements the PKCS#11 specification v2.20 for a set of
cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the
Trusted Platform Module (TPM) chip. Opencryptoki also brings a software
token implementation that can be used without any cryptographic
This package contains the Slot Daemon (pkcsslotd) and general utilities.

Version: 3.23.0

See also: opencryptoki-icsftok.

General Commands

p11sak Manage token keys in a PKCS #11 token repository.
pkcsconf configuration utility for the pkcsslotd daemon
pkcshsm_mk_change utility to manage and control the re-enciphering of secure keys for a concurrent HSM master key change for openCryptoki.
pkcsstats utility to display mechanism usage statistics for openCryptoki.
pkcstok_migrate utility to migrate an ICA, CCA, Soft, or EP11 token repository to the FIPS compliant format introduced with openCryptoki 3.12.

File Formats

opencryptoki.conf Configuration file for pkcsslotd.
p11sak_defined_attrs.conf Configuration file for p11sak list-key command.
policy.conf Configuration file for openCryptoki policies.
strength.conf Configuration file for openCryptoki strength configuration.


opencryptoki A PKCS#11 implementation.

System Administration

pkcsslotd shared memory manager for opencryptoki