swedenconnect / credentials-support Goto Github PK
View Code? Open in Web Editor NEWJava library for PKI credentials support, including PKCS#11 and HSM:s.
Home Page: https://www.swedenconnect.se
License: Apache License 2.0
Java library for PKI credentials support, including PKCS#11 and HSM:s.
Home Page: https://www.swedenconnect.se
License: Apache License 2.0
Make a Java8 build of the repository as well (it will be used in some Java8-projects).
There has been an identified need to add functionalities to handle key generation inside an HSM slot for 2 major use cases
Use-case 2 is primarily relevant for sign services where a user key is generated, used and destroyed without ever leaving the HSM.
In addition to this there is also a need for supporting scripts to automatically extract service keys from key stores and to load them into a SoftHSM token to test application usage with PKCS#11 for HSM support.
If an OpenSamlCredential
wraps a hardware based credential it will still answer false
to the isHardwareBased
predicate...
Spring 6 is included since we have open version ranges. This is not what we want.
Fix it.
Upgrade to OpenSAML 5 and Java 17
In some cases, for example in a CA, the key pair is first generated, and then the certificate is issued. We should make sure that this case can be handled.
Include certificate chain. May be useful in some cases.
In some cases we might want to know whether a specific PkiCredential
resides on hardware or software. We should introduce a isHardwareBased
predicate.
Can not assign both 'certificate' and 'certificates' ...
The POM includes the slf4j-simple in compile scope. Should be changed to 'test'.
As it is now it is defined by the abstract base class.
Currently, the docker example project can not be used since it uses a JRE 11 docker image. We need to fix this.
It should be the caller's responsibility to decide which key to generate.
When using the PkiCredentialConfigurationProperties
it should be possible to use keyPassword
and specify an encrypted privateKey
.
Some minor adjustments are needed to allow the SoftHSM scripts to work properly in all cases.
When using PkiCredentialConfigurationProperties
to configure a PkiCredential
it should be possible to supply a key password to unlock an encrypted key file.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.