Public Key Infrastructure for Tcl
Tcllib now has a "PKI" module. This module includes support for RSA certificates, but is extensible to include other types of public key cryptographic systems.
Documentation:
TclPKCS11 [L1 ] supports loading a PKCS#11 compliant module and offloading sensitive cryptographic operations onto it. It requires the "PKI" module in Tcllib.
=== Create a self-signed certificate under PKI ===
set key [pki::rsa::generate 512] set csr [pki::pkcs::create_csr $key [list CN www.google.com] 1] set csr [pki::pkcs::parse_csr $csr] lappend key subject "CN=www.google.com" set crt [::pki::x509::create_cert $csr $key 1 [clock seconds] [clock seconds] 1 [list] 1]