kris/optee_eng
1
0
Fork 0
mirror of https://github.com/henrydcase/optee_eng.git synced 2024-11-22 23:28:58 +00:00
Code Issues Releases Wiki Activity

Create README.md

Browse Source
This commit is contained in:
Henry Case 2021-01-07 23:57:00 +00:00 committed by GitHub
parent 8f301d1f88
commit 7fc8dd7ea9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md Normal file
View File

@ -0,0 +1,7 @@
# OPTEE OpenSSL ENGINE for TLS
Typically, a TLS server uses a X509 Certificate and associated Private Key in order to sign TLS session. Both certificate and private key used for
signing the certificate form a asymmetric cryptographic key-pair. Revealing the traffic-private-key makes it possible to perform men-in-the-middle
type of attacks. Typically private-key is stored on the servers hard disk. Even if it is stored in encrypted form, at some point HTTPS server
needs to have a possibility to decrypt it in order to use for signing. It means that at runtime the key in plaintext will be available in a memory
of a HTTPS process. In case of software errors (see [Heartbleed](https://heartbleed.com/).