GitXplorerGitXplorer
i

qsslkey-p11

public
6 stars
1 forks
0 issues

Commits

List of commits on branch master.
Unverified
4a324dcf7acc16981efe3000408a3e53ea4f5b95

README -> README.md

iiksaif committed 10 years ago
Unverified
945324bb9c9cd1fa0b8be2746d18e611e2c12756

qpkcs11: add kind of standalone class for pkcs11

iiksaif committed 13 years ago
Unverified
15f1358141d8c3446d48db52643a62227d17aa38

qsslkey-p11: don't hand-free the key

iiksaif committed 13 years ago
Unverified
e9b0afe19f610f1f1207a9af3d78795e46e974d3

Initial commit

iiksaif committed 13 years ago

README

The README file for this repository.

QSslKey using PKCS#11

This example show how to use OpenSSL (http://www.openssl.org) along with engine_pkcs11 (http://www.opensc-project.org/engine_pkcs11) to make a QSslSocket use a private key and a certificate from an HSM (http://en.wikipedia.org/wiki/Hardware_Security_Module) using PKCS#11 (http://en.wikipedia.org/wiki/PKCS11).

To test this example you'll need OpenSSL headers and libraries, a binary version of engine_pkcs11 and a PKCS#11 module (.so or .dll that should comes with the device you're using).

You will need a patched version of Qt available here: https://qt.gitorious.org/~iksaif/qt/iksaifs-clone/commits/qssl

You'll also need a valid keypair present both on your HSM and on your disk (named cert.pem and key.pem and put in a certs subdirectory).

Basically the example create an SSL server that will load cert.pem and key.pem as its public and private keys. Then it'll create a client that'll load it's keys from the HSM and connect to the server. If the client certificate matches the server certificate then the test succeed.