summaryrefslogtreecommitdiff
path: root/conf/plugins/pkcs11.conf
blob: c786a9abb486504fcf227f77716db8ae91a894a9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
pkcs11 {

    # Whether to load the plugin. Can also be an integer to increase the
    # priority of this plugin.
    load = yes

    # Reload certificates from all tokens if charon receives a SIGHUP.
    # reload_certs = no

    # Whether the PKCS#11 modules should be used for DH and ECDH (see use_ecc
    # option).
    # use_dh = no

    # Whether the PKCS#11 modules should be used for ECDH and ECDSA public key
    # operations. ECDSA private keys can be used regardless of this option.
    # use_ecc = no

    # Whether the PKCS#11 modules should be used to hash data.
    # use_hasher = no

    # Whether the PKCS#11 modules should be used for public key operations, even
    # for keys not stored on tokens.
    # use_pubkey = no

    # Whether the PKCS#11 modules should be used as RNG.
    # use_rng = no

    # List of available PKCS#11 modules.
    modules {

        <name> {

            # Whether to automatically load certificates from tokens.
            # load_certs = yes

            # Whether OS locking should be enabled for this module.
            # os_locking = no

            # Full path to the shared object file of this PKCS#11 module.
            # path =

        }

    }

}