[Libwebsockets] Private key in SSL

Bruce Perens bruce at perens.com
Fri Jun 10 09:14:55 CEST 2016


On Thu, Jun 9, 2016 at 10:39 PM, Andy Green <andy at warmcat.com> wrote:
>
> The key and the passphrase do pass through lws + openssl, that would be
> enough if the attacker compromises the userland part and then forces the
> admin to restart it.
>

The key and passphrase remain within the token. So, we have to combine lws
and openssl with OpenSC, which controls the token and provides a public-key
engine to OpenSSL that causes the token to be used. We don't provide the
key to lws, we just provide the *name* of the key and it asks, through
openssl and OpenSC, for the token to use it.

    Or if my app can get things manipulated by this 'tamper resistant
>>     hardware', I can inject my request in the userland app, or by
>>     duplicating what the app does on usb or whatever, and get things
>>     signed by it as if I was the app.
>>
>
Yes. It will use the key if an unauthorized person gets in a position to
ask it to. But it will never reveal the key. So, the compromise is limited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20160610/14e3fe5c/attachment-0001.html>


More information about the Libwebsockets mailing list