crypto/tls: Add HSM config support. #22124
Labels
Comments
|
can you say a little more about these functions? How many are there? What do they need as arguments? What do they return? |
|
@zaolin The great thing about the built in I had this same need for my Yubikey in PIV mode, so I wrote pault.ag/go/ykpiv, which will provide that type for use in Go. I even added a helper for TLS connections So, this is likely a matter of writing the right shim to provide a |
|
@paultag Okay good to know :) Thanks. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
What version of Go are you using (
go version)?1.9
Does this issue reproduce with the latest release?
What operating system and processor architecture are you using (
go env)?What did you do?
I tried to setting up a tls connection based on a Trusted Platform Module key which
is basically a smartcard.
What did you expect to see?
Functions which can be implemented by myself hooking into the decrypt/sign operations
of the golang tls implementation: https://golang.org/pkg/crypto/tls/#Config
What did you see instead?
Using keys from a TPM requires custom hooks of decrypt/sign
operations because the private key never leaves the secure element. This was not
possible due to missing config functions ( https://golang.org/pkg/crypto/tls/#Config )
for the decrypt/sign operations of the TLS implementation in golang.
The text was updated successfully, but these errors were encountered: