diff --git a/tests/.gitignore b/tests/.gitignore
index 3c9b0cf..d273db0 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -7,3 +7,5 @@
 data_files/hmac_drbg_seed
 data_files/ctr_drbg_seed
 data_files/entropy_seed
+
+softhsm2.d
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index dc27979..a29acee 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -90,6 +90,7 @@
 add_test_suite(memory_buffer_alloc)
 add_test_suite(mpi)
 add_test_suite(pem)
+add_test_suite(pkcs11_client)
 add_test_suite(pkcs1_v15)
 add_test_suite(pkcs1_v21)
 add_test_suite(pkcs5)
diff --git a/tests/Makefile b/tests/Makefile
index 4787f25..624160d 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -78,6 +78,7 @@
 	test_suite_memory_buffer_alloc$(EXEXT)				\
 	test_suite_mpi$(EXEXT)						\
 	test_suite_pem$(EXEXT)			test_suite_pkcs1_v15$(EXEXT)	\
+	test_suite_pkcs11_client$(EXEXT)	\
 	test_suite_pkcs1_v21$(EXEXT)	test_suite_pkcs5$(EXEXT)	\
 	test_suite_pkparse$(EXEXT)	test_suite_pkwrite$(EXEXT)	\
 	test_suite_pk$(EXEXT)						\
@@ -377,6 +378,10 @@
 	echo "  CC    $<"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
 
+test_suite_pkcs11_client$(EXEXT): test_suite_pkcs11_client.c $(DEP)
+	echo "  CC    $<"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
 test_suite_pkcs1_v15$(EXEXT): test_suite_pkcs1_v15.c $(DEP)
 	echo "  CC    $<"
 	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) $<	$(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
diff --git a/tests/scripts/pkcs11-client-test.sh b/tests/scripts/pkcs11-client-test.sh
new file mode 100755
index 0000000..aaf7d94
--- /dev/null
+++ b/tests/scripts/pkcs11-client-test.sh
@@ -0,0 +1,54 @@
+#!/bin/sh
+set -u -e
+
+TOKEN_DIR=softhsm2.d
+
+if [ -e library/aes.c ]; then
+  TOPDIR="$PWD"
+elif [ -e ../library/aes.c ]; then
+  TOPDIR="${PWD%/*}"
+elif [ -e ../../library/aes.c ]; then
+  TOPDIR="${PWD%/*/*}"
+elif [ -e ../../../library/aes.c ]; then
+  TOPDIR="${PWD%/*/*/*}"
+else
+  unset TOPDIR
+fi
+if [ -n "${TOPDIR+1}" ] &&
+     make -C "$TOPDIR/programs" util/syslog2stderr.so >/dev/null 2>&1
+then
+  case $(uname) in
+    Darwin)
+      export DYLD_PRELOAD="${DYLD_PRELOAD-}:$TOPDIR/programs/util/syslog2stderr.so";;
+    *)
+      export LD_PRELOAD="${LD_PRELOAD-}:$TOPDIR/programs/util/syslog2stderr.so";;
+  esac
+fi
+
+# softhsm2_find_token LABEL
+softhsm2_find_token () {
+  softhsm2-util --show-slots | awk -v label="$1" '
+    $1 == "Slot" && $2 ~ /^[0-9]+$/ {slot = $2}
+    $1 == "Label:" && $2 == label {print slot; found=1; exit}
+    END {exit(!found)}
+  '
+}
+
+# softhsm2_create_token LABEL
+softhsm2_create_token () {
+  softhsm2_find_token "$1" || {
+    softhsm2-util --init-token --free --so-pin 0000 --pin 0000 --label "$1" &&
+    softhsm2_find_token "$1"
+  }
+}
+
+softhsm2_init () {
+  test -d "$TOKEN_DIR" || mkdir "$TOKEN_DIR"
+  scratch_token=$(softhsm2_create_token "scratch")
+}
+
+case $1 in
+  find_slot) softhsm2_find_token "$2";;
+  init) softhsm2_init;;
+  *) echo >&2 "$0: Unknown command: $1"; exit 120;;
+esac
diff --git a/tests/softhsm2.conf b/tests/softhsm2.conf
new file mode 100644
index 0000000..08e94d5
--- /dev/null
+++ b/tests/softhsm2.conf
@@ -0,0 +1,4 @@
+objectstore.backend=file
+slots.removable=false
+directories.tokendir=softhsm2.d
+log.level=INFO
diff --git a/tests/suites/test_suite_pkcs11_client.data b/tests/suites/test_suite_pkcs11_client.data
new file mode 100644
index 0000000..3f4d4cf
--- /dev/null
+++ b/tests/suites/test_suite_pkcs11_client.data
@@ -0,0 +1,7 @@
+PKCS#11 RSA import and sign
+depends_on:MBEDTLS_PK_C:MBEDTLS_ECDSA_C
+pk_import_sign:"data_files/server1.key"
+
+PKCS#11 RSA generate and sign
+depends_on:MBEDTLS_PK_C:MBEDTLS_RSA_C
+pk_generate_sign:MBEDTLS_PK_RSA
diff --git a/tests/suites/test_suite_pkcs11_client.function b/tests/suites/test_suite_pkcs11_client.function
new file mode 100644
index 0000000..9c16a35
--- /dev/null
+++ b/tests/suites/test_suite_pkcs11_client.function
@@ -0,0 +1,296 @@
+/* BEGIN_HEADER */
+#include <string.h>
+
+#include <pkcs11.h>
+
+#include "mbedtls/pkcs11_client.h"
+
+#if defined(MBEDTLS_PK_C)
+
+#include "mbedtls/oid.h"
+#include "mbedtls/asn1write.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/pk.h"
+
+#define ARRAY_LENGTH( a ) ( sizeof( a ) / sizeof( *( a ) ) )
+
+#define CK_ASSERT( expr )                                               \
+    do {                                                                \
+        CK_RV CK_ASSERT_rv = ( expr );                                  \
+        char CK_ASSERT_msg[sizeof( #expr ) + 20] = #expr;               \
+        if( CK_ASSERT_rv != CKR_OK ) {                                  \
+            sprintf( CK_ASSERT_msg + strlen( CK_ASSERT_msg ),           \
+                     " -> 0x%x", (unsigned) CK_ASSERT_rv );             \
+            test_fail( CK_ASSERT_msg, __LINE__, __FILE__ );             \
+            goto exit;                                                  \
+        }                                                               \
+    } while( 0 )
+
+#define RSA_KEY_SIZE_BITS 512
+#define RSA_KEY_SIZE_BYTES ( ( RSA_KEY_SIZE_BITS + 7 ) / 8 )
+#define ECP_GROUP_ID MBEDTLS_ECP_DP_SECP256R1
+#define ECP_GROUP_NAME( id ) #id
+
+//static CK_BBOOL ck_false = CK_FALSE;
+static CK_BBOOL ck_true = CK_TRUE;
+
+static int pkcs11_token_label_is( const CK_TOKEN_INFO *info, const char *label )
+{
+    size_t n = strlen( label );
+    if( n > sizeof( info->label ) )
+        return( 0 );
+    if( memcmp( info->label, label, n ) )
+        return( 0 );
+    for( ; n < sizeof( info->label ); n++ )
+    {
+        if( info->label[n] != ' ' )
+            return( 0 );
+    }
+    return( 1 );
+}
+
+static int pkcs11_get_slot_id( const char *label, CK_SLOT_ID *slot )
+{
+    CK_SLOT_ID *slots = NULL;
+    CK_ULONG count;
+    CK_ULONG i;
+    CK_TOKEN_INFO info;
+    int found = 0;
+    CK_ASSERT( C_GetSlotList( CK_TRUE, NULL_PTR, &count ) );
+    slots = mbedtls_calloc( sizeof( *slots ), count );
+    TEST_ASSERT( slots != NULL );
+    CK_ASSERT( C_GetSlotList( CK_TRUE, slots, &count ) );
+    for( i = 0; i < count; i++ )
+    {
+        CK_ASSERT( C_GetTokenInfo( slots[i], &info ) );
+        if( pkcs11_token_label_is( &info, label ) )
+        {
+            *slot = slots[i];
+            found = 1;
+            break;
+        }
+    }
+    if( !found )
+        mbedtls_fprintf( stdout, "No token found with label %s\n", label );
+exit:
+    mbedtls_free( slots );
+    return( found );
+}
+
+static CK_OBJECT_HANDLE pkcs11_init( void )
+{
+    CK_SESSION_HANDLE hSession;
+    CK_SLOT_ID slot;
+    unsigned char user_pin[4] = "0000";
+    CK_ASSERT( C_Initialize( NULL_PTR ) );
+    TEST_ASSERT( pkcs11_get_slot_id( "scratch", &slot ) );
+    CK_ASSERT( C_OpenSession( slot,
+                              CKF_RW_SESSION | CKF_SERIAL_SESSION,
+                              NULL_PTR, NULL_PTR,
+                              &hSession ) );
+    CK_ASSERT( C_Login( hSession, CKU_USER, user_pin, sizeof( user_pin ) ) );
+    return( hSession );
+exit:
+    return( CK_INVALID_HANDLE );
+}
+
+static CK_RV pkcs11_generate_key( mbedtls_pk_type_t key_type,
+                                  CK_SESSION_HANDLE hSession,
+                                  CK_OBJECT_HANDLE *phPublicKey,
+                                  CK_OBJECT_HANDLE *phPrivateKey )
+{
+    CK_MECHANISM mechanism = {0, NULL_PTR, 0};
+    CK_ATTRIBUTE public_attributes[] = {
+        {0, 0, 0},
+        {CKA_ENCRYPT, &ck_true, sizeof( ck_true )},
+        {CKA_VERIFY, &ck_true, sizeof( ck_true )},
+    };
+    CK_ATTRIBUTE private_attributes[] = {
+        {CKA_DECRYPT, &ck_true, sizeof( ck_true )},
+        {CKA_SIGN, &ck_true, sizeof( ck_true )},
+    };
+    CK_ULONG ck_rsa_key_size = RSA_KEY_SIZE_BITS;
+    unsigned char ecParams[16];
+    size_t ecParams_length;
+
+    switch( key_type )
+    {
+#if defined(MBEDTLS_RSA_C)
+    case MBEDTLS_PK_RSA:
+        mechanism.mechanism = CKM_RSA_PKCS_KEY_PAIR_GEN;
+        public_attributes[0].type = CKA_MODULUS_BITS;
+        public_attributes[0].pValue = &ck_rsa_key_size;
+        public_attributes[0].ulValueLen = sizeof( ck_rsa_key_size );
+        break;
+#endif /* MBEDTLS_RSA_C */
+    default:
+        test_fail( "Unsupported key type in test data", __LINE__, __FILE__ );
+        break;
+    }
+
+    return( C_GenerateKeyPair( hSession,
+                               &mechanism,
+                               public_attributes,
+                               ARRAY_LENGTH( public_attributes ),
+                               private_attributes,
+                               ARRAY_LENGTH( private_attributes ),
+                               phPublicKey, phPrivateKey ) );
+exit:
+    /* Shouldn't happen except if there's a test error (e.g. trying to
+       use a curve that isn't compiled in). */
+    return( -1 );
+}
+
+
+#endif /* MBEDTLS_PK_C */
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES
+ * depends_on:MBEDTLS_PKCS11_CLIENT_C
+ * END_DEPENDENCIES
+ */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PK_C:MBEDTLS_SHA256_C */
+void pk_generate_sign( int key_type )
+{
+    mbedtls_pk_context pkcs11_ctx;
+    mbedtls_pk_context transparent_ctx;
+    CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE;
+    CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
+    CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE;
+    unsigned char hash_value[32] = "Fake hash, it doesn't matter....";
+    unsigned char sig_buffer[RSA_KEY_SIZE_BYTES];
+    size_t sig_length = sizeof( sig_buffer );
+
+    mbedtls_pk_init( &pkcs11_ctx );
+    mbedtls_pk_init( &transparent_ctx );
+
+    /* Initialize cryptoki and generate a key in the token */
+    hSession = pkcs11_init( );
+    TEST_ASSERT( hSession != CK_INVALID_HANDLE );
+
+    CK_ASSERT( pkcs11_generate_key( key_type,
+                                    hSession,
+                                    &hPublicKey, &hPrivateKey ) );
+    TEST_ASSERT( hPublicKey != CK_INVALID_HANDLE );
+    TEST_ASSERT( hPrivateKey != CK_INVALID_HANDLE );
+
+    /* Prepare the mbed TLS contexts */
+    TEST_ASSERT( mbedtls_pk_setup( &transparent_ctx,
+                                   mbedtls_pk_info_from_type( key_type ) ) == 0 );
+    TEST_ASSERT( mbedtls_pk_setup_pkcs11( &pkcs11_ctx,
+                                          hSession,
+                                          hPublicKey,
+                                          hPrivateKey ) == 0 );
+
+    /* Retrieve the public key from the token */
+    switch( key_type )
+    {
+#if defined(MBEDTLS_RSA_C)
+    case MBEDTLS_PK_RSA:
+        {
+            unsigned char n_buffer[RSA_KEY_SIZE_BYTES];
+            unsigned char e_buffer[RSA_KEY_SIZE_BYTES];
+            CK_ATTRIBUTE public_attributes[] = {
+                {CKA_MODULUS, n_buffer, sizeof( n_buffer )},
+                {CKA_PUBLIC_EXPONENT, e_buffer, sizeof( e_buffer )},
+            };
+            CK_ULONG *n_length = &public_attributes[0].ulValueLen;
+            CK_ULONG *e_length = &public_attributes[1].ulValueLen;
+            mbedtls_rsa_context *rsa_ctx = mbedtls_pk_rsa( transparent_ctx );
+
+            CK_ASSERT( C_GetAttributeValue( hSession, hPublicKey,
+                                            public_attributes, ARRAY_LENGTH( public_attributes ) ) );
+            TEST_ASSERT( mbedtls_mpi_read_binary( &rsa_ctx->N,
+                                                  n_buffer, *n_length ) == 0 );
+            TEST_ASSERT( mbedtls_mpi_read_binary( &rsa_ctx->E,
+                                                  e_buffer, *e_length ) == 0 );
+            rsa_ctx->len = mbedtls_mpi_size( &rsa_ctx->N );
+        }
+        break;
+#endif /* MBEDTLS_RSA_C */
+
+    default:
+        TEST_ASSERT( !"Unsupported key type in test data" );
+        break;
+    }
+
+    /* Sign with the token and verify in software */
+    TEST_ASSERT( mbedtls_pk_sign( &pkcs11_ctx, MBEDTLS_MD_SHA256,
+                                  hash_value, 32,
+                                  sig_buffer, &sig_length,
+                                  NULL, NULL ) == 0 );
+    TEST_ASSERT( mbedtls_pk_verify( &transparent_ctx, MBEDTLS_MD_SHA256,
+                                    hash_value, 32,
+                                    sig_buffer, sig_length ) == 0 );
+
+exit:
+    if( hPublicKey != CK_INVALID_HANDLE )
+        C_DestroyObject( hSession, hPublicKey );
+    if( hPrivateKey != CK_INVALID_HANDLE )
+        C_DestroyObject( hSession, hPrivateKey );
+    C_CloseSession( hSession );
+    C_Finalize( NULL_PTR );
+    mbedtls_pk_free( &pkcs11_ctx );
+    mbedtls_pk_free( &transparent_ctx );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_PK_C:MBEDTLS_SHA256_C */
+void pk_import_sign( char *file )
+{
+    mbedtls_pk_context pkcs11_ctx;
+    mbedtls_pk_context transparent_ctx;
+    CK_SESSION_HANDLE hSession = CK_INVALID_HANDLE;
+    CK_OBJECT_HANDLE hPublicKey = CK_INVALID_HANDLE;
+    CK_OBJECT_HANDLE hPrivateKey = CK_INVALID_HANDLE;
+    unsigned char hash_value[32] = "Fake hash, it doesn't matter....";
+    unsigned char sig_buffer[4096];
+    size_t sig_length = sizeof( sig_buffer );
+
+    mbedtls_pk_init( &pkcs11_ctx );
+    mbedtls_pk_init( &transparent_ctx );
+
+    /* Read a transparent key */
+    TEST_ASSERT( mbedtls_pk_parse_keyfile( &transparent_ctx, file, NULL ) == 0 );
+
+    /* Initialize cryptoki and import the key into the token */
+    hSession = pkcs11_init( );
+    TEST_ASSERT( hSession != CK_INVALID_HANDLE );
+
+    TEST_ASSERT( mbedtls_pk_import_to_pkcs11( &transparent_ctx,
+                                              MBEDTLS_PK_FLAG_SIGN |
+                                              MBEDTLS_PK_FLAG_VERIFY,
+                                              hSession,
+                                              &hPublicKey,
+                                              &hPrivateKey ) == 0 );
+    TEST_ASSERT( hPublicKey != CK_INVALID_HANDLE );
+    TEST_ASSERT( hPrivateKey != CK_INVALID_HANDLE );
+    TEST_ASSERT( mbedtls_pk_setup_pkcs11( &pkcs11_ctx,
+                                          hSession,
+                                          hPublicKey,
+                                          hPrivateKey ) == 0 );
+
+    /* Sign with the token and verify in software */
+    TEST_ASSERT( sizeof( sig_buffer ) >= mbedtls_pk_signature_size( &pkcs11_ctx ) );
+    TEST_ASSERT( mbedtls_pk_sign( &pkcs11_ctx, MBEDTLS_MD_SHA256,
+                                  hash_value, 32,
+                                  sig_buffer, &sig_length,
+                                  NULL, NULL ) == 0 );
+    TEST_ASSERT( mbedtls_pk_verify( &transparent_ctx, MBEDTLS_MD_SHA256,
+                                    hash_value, 32,
+                                    sig_buffer, sig_length ) == 0 );
+
+exit:
+    if( hPublicKey != CK_INVALID_HANDLE )
+        C_DestroyObject( hSession, hPublicKey );
+    if( hPrivateKey != CK_INVALID_HANDLE )
+        C_DestroyObject( hSession, hPrivateKey );
+    C_CloseSession( hSession );
+    C_Finalize( NULL_PTR );
+    mbedtls_pk_free( &pkcs11_ctx );
+    mbedtls_pk_free( &transparent_ctx );
+}
+/* END_CASE */