Implement a new key store system

mikhailuwu / safeheap

Safeheap is a library providing memory security implementations allowing users to protect sensitive memory during storing and handling.

GNU General Public License v3.0

1 stars 0 forks source link

Implement a new key store system #10

Open mikhailuwu opened 2 weeks ago

mikhailuwu commented 2 weeks ago

The current crypto key store is insufficient in terms of exposure.

Implement a user configurable system including support for TPM-based key store (highly secure), regular protected memory (less secure), and perhaps an internet resource such as a trusted server where the key exchange happens through some asymmetric encryption (somewhat secure).

This can be an additional sh_malloc parameter.

Implement checks as well if TPM is available for application use on the system.

mikhailuwu commented 2 weeks ago

Using TSS2 library for all TPM interactions. sh_cipher_policy_t should contain a reference of some sort to the key in TPM for an access function.

mikhailuwu commented 2 weeks ago

Implementing sh_get_key, unfinished.

mikhailuwu commented 2 weeks ago

Implementing sh_tpm_store_key, unfinished.