External hardware for SSL handshake (overriding PreMasterSecret decrypt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi, 

I have a task to use external Security Module to perform RSA functions in my WEB-server (nginx/httpd using OpenSSL for HTTPS).
The goal is to store Server private key components and establish SSL Handshake using Hardware module. It is not an SSL hardware accelerator.

This device has proprietary API (binary protocol over TCP/UDP, a few commands like "generate RSA key pair", "premaster decrypt using key#123").

What is the easiest way to do it? Will be very grateful for keywords/advices.
Should I write my ENGINE ? Or is there any other way? 

I need only 2 functions to perform using hardware: 
- RSA key generation (private component will be saved in hardware module)
- PreMaster decrypt from client during SSL handshake

How to override only these 2 functions?


Thanks in advance!



Pavel



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux