DevConf.CZ 2025

PKCS#11 providers: security modules used as cryptographic backends
2025-06-13 08:15-08:30 (Africa/Abidjan), A113 (capacity 64)

The RHEL crypto team participates in a development effort to add PKCS#11 support into existing cryptographic libraries like OpenSSL and GnuTLS. The PKCS#11 API allows to access a hardware or software security module to perform cryptographic operations. We will explore the topic of PKCS#11 providers and their benefits. Then we will take a closer look at GnuTLS, its cryptographic backend and current development of its PKCS#11 provider. At the end a demo will be presented that shows GnuTLS's PKCS#11 provider in action.


What level of experience should the audience have to best understand your session?

Intermediate - attendees should be familiar with the subject

Graduated in applied informatics at Masaryk University faculty of informatics. Works as a Software Engineer at Red Hat crypto team. Specializes in low level programming.