Load a PKCS#11 module for NSS to use

Stef Walter stefw at redhat.com
Tue Aug 12 00:38:52 PDT 2014

On 12.08.2014 08:12, Watson Sato wrote:
> Hi,
> I'm a GSoC student and I'm developing a PKCS#11 module for Evolution.
> I'm about to integrate it into Evolution, and planning to load it by
> calling SECMOD_LoadUserModule().
> Some people recommended me to take a look on other approaches, like Gck
> and p11-kit.
> For what I have tried and tested, with both approaches I managed to load
> and initialize the modules. But the references to the modules remain in
> the application, and I need NSS to be able to use the module.
> Is there a way for an application to load a PKCS#11 module and make it
> available to NSS with p11-kit?

Well, sorta ... You can use the p11-kit-proxy.so module. By using that
all configured p11-kit modules become available to NSS.

But I think what you're trying to do SECMOD_LoadUserModule() is the
perfect function to use. As I understand it, you're not trying to build
a globally configured/installed module, but rather something specific to
the running Evolution process. There's no need to involve p11-kit in the



More information about the p11-glue mailing list