kris/optee_eng
1
0
Fork 0
mirror of https://github.com/henrydcase/optee_eng.git synced 2024-11-22 15:18:59 +00:00
Code Issues Releases Wiki Activity
7fc8dd7ea9
optee_eng/README.md
Henry Case 7fc8dd7ea9
Create README.md
2021-01-07 23:57:00 +00:00

8 lines
710 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# OPTEE OpenSSL ENGINE for TLS
Typically, a TLS server uses a X509 Certificate and associated Private Key in order to sign TLS session. Both certificate and private key used for
signing the certificate form a asymmetric cryptographic key-pair. Revealing the traffic-private-key makes it possible to perform men-in-the-middle
type of attacks. Typically private-key is stored on the servers hard disk. Even if it is stored in encrypted form, at some point HTTPS server
needs to have a possibility to decrypt it in order to use for signing. It means that at runtime the key in plaintext will be available in a memory
of a HTTPS process. In case of software errors (see [Heartbleed](https://heartbleed.com/).
Reference in New Issue View Git Blame Copy Permalink