search

kakwa / uts-server

Micro RFC 3161 Time-Stamp server written in C.
http://uts-server.readthedocs.org/en/latest/
MIT License
74 stars 20 forks source link

PKCS11 #10

Open Yxoti opened 7 years ago

Yxoti commented 7 years ago

Hi,

Is your product compatible with the PKCS11 standard ? If not, is it possible to add this functionality?

Best regards,

Yxoti

kakwa commented 7 years ago

Right now, it's not supported.

It should be possible to implement it through the OpenSSL pkcs11 engine provided by OpenSC, but this requires some modification on the uts-server part for the initialization and the setup of the engine.

I've begun to play with softhsm2 and the pkcs11 engine last evening to see how it would be possible to implement it. But this project is more a side project for me so I will not commit to any dead line here :smirk_cat:.

Also I don't have a proper HSM, like an nCipher, a Luna SA, a (truly shitty) Luna SE or even a simple USB HSM/smartcard for testing right now.

I've just ordered https://shop.nitrokey.com/shop/product/nitrokey-hsm-7 to have fun wit an HSM, I never actually played with one directly, your ticket just gave me the excuse to buy one :smile: .