This is an OpenSSL 3.x provider to access Hardware and Software Tokens using the PKCS#11 Cryptographic Token Interface. Access to tokens depends on loading an appropriate PKCS#11 driver that knows how to talk to the specific token. The PKCS#11 provider is a connector that allows OpenSSL to make proper use of such drivers. This code targets PKCS#11 version 3.1 but is backwards compatible to version 3.0 and 2.40 as well.
To report Security Vulnerabilities, please use the "Report a Security Vulnerability" template in the issues reporting page.
See BUILD for more details about building and installing the provider.
Configuration directives for the provider are documented in provider-pkcs11(7) man page. Example configurations and basic use cases can be found in HOWTO.