Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

createWithMtlsJavaKeystore should use custom key operations to support non-exportable keys #579

Open
MikeDombo opened this issue Jan 13, 2023 · 0 comments
Labels
CRT/IoT feature-request A feature should be added or improved. p2 This is a standard priority issue

Comments

@MikeDombo
Copy link

Feature Request:

public static TlsContextOptions createWithMtlsJavaKeystore(

createWithMtlsJavaKeystore extracts the key, assumes it is RSA and then creates the TLS options using the in-memory private key and certificate. There should be a way to use the Java KeyStore via custom key operations to provide security without exporting the key from secure storage such as PKCS11 or AndroidKeyStore.

This can be done by customers manually by writing the necessary code, but having a prebuilt implementation to call the necessary Java APIs to sign and verify using the secure key material would make a lot of sense.

@jmklix jmklix added the feature-request A feature should be added or improved. label Mar 27, 2023
@jmklix jmklix added CRT/IoT p2 This is a standard priority issue labels Nov 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
CRT/IoT feature-request A feature should be added or improved. p2 This is a standard priority issue
Projects
None yet
Development

No branches or pull requests

2 participants