serf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian P. HInz (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (SERF-27) support pcs11 / wincapi to get ssl client certificates from hardware security modules (smartcards)
Date Fri, 29 Jan 2016 16:53:39 GMT

     [ https://issues.apache.org/jira/browse/SERF-27?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Brian P. HInz updated SERF-27:
------------------------------
    Attachment: serf-1.3.7-pkcs11.patch

The attached patch file adds support for PKCS11 tokens via engine_pkcs11.  Please consider
it for inclusion in serf.  I'm not familiar with scons, and didn't know how to alter SConstruct
so that PKCS11 is an optional compile-time feature.  I think that probably needs to be fixed
so that pre-processor statements can be added that nullify this change if PKCS11 support isn't
desired.  Perhaps someone else can assist with that?  I've only been able to test against
two modules (both software-based), but both of them work pretty well.  The nice thing about
this approach is that it adds support for PKCS11 to applications linked against libserf transparently.

Thanks,
-brian

> support pcs11 / wincapi to get ssl client certificates from hardware security modules
(smartcards)
> --------------------------------------------------------------------------------------------------
>
>                 Key: SERF-27
>                 URL: https://issues.apache.org/jira/browse/SERF-27
>             Project: serf
>          Issue Type: Bug
>            Reporter: Serf Importer
>              Labels: Priority-Medium, Type-Enhancement
>         Attachments: serf-1.3.7-pkcs11.patch
>
>
> it would be nice if serf would provide a hook to configure cryptography 
> modules for reading ssl client certificates of smartcards, the same as web 
> browsers do.
> e.g. in mozilla firefox there is such a possibility in preferences - 
> advanced - cryptography modules. e.g. in windows you may add a pkcs11 dll 
> that way which then shows up when you list your certificates.
> some references migt be ssen on
> http://www.mail-archive.com/mozilla-crypto@mozilla.org/.
> Original issue reported by *rupert.thurner*



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message