kris
/
optee_eng
mirror of https://github.com/henrydcase/optee_eng.git
1
0
Fork 0
Code Issues 0 Releases 1 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
2 Branches
252 KiB
 
 
 
 
 
 
Tree: 7fc8dd7ea9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7fc8dd7ea9'
${ noResults }
 ZIP  TAR.GZ
Henry Case 7fc8dd7ea9
Create README.md 		3 years ago
3rd Implementation of OPTEE ENGINE (CA) 3 years ago
src/optee_engine Implementation of OPTEE ENGINE (CA) 3 years ago
.gitignore Implementation of OPTEE ENGINE (CA) 3 years ago
.gitmodules Implementation of OPTEE ENGINE (CA) 3 years ago
CMakeLists.txt Implementation of OPTEE ENGINE (CA) 3 years ago
README.md Create README.md 3 years ago

README.md

OPTEE OpenSSL ENGINE for TLS

Typically, a TLS server uses a X509 Certificate and associated Private Key in order to sign TLS session. Both certificate and private key used for signing the certificate form a asymmetric cryptographic key-pair. Revealing the traffic-private-key makes it possible to perform men-in-the-middle type of attacks. Typically private-key is stored on the server’s hard disk. Even if it is stored in encrypted form, at some point HTTPS server needs to have a possibility to decrypt it in order to use for signing. It means that at runtime the key in plaintext will be available in a memory of a HTTPS process. In case of software errors (see Heartbleed.