Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is it possible to provide a URI to create a PKey? #2059

Open
WolfDan opened this issue Oct 18, 2023 · 3 comments · May be fixed by #2304 or #2077
Open

Is it possible to provide a URI to create a PKey? #2059

WolfDan opened this issue Oct 18, 2023 · 3 comments · May be fixed by #2304 or #2077

Comments

@WolfDan
Copy link

WolfDan commented Oct 18, 2023
edited
Loading

I'm working with the pkcs11-provider for OpenSSL 3; one way to use the provider is via a URI; openssl internally will make use of OSSL_STORE_INFO_get1_PKEY after getting a ctw and store info to get the provider key and use it internally. I can't see any function on PKey or a store module, so I'm wondering if that's possible with the library

For example, this command works with OpenSSL, but I'm unsure if -key "pkcs11:type=private;id=%00%01" will translate into rust-openssl

openssl req -new -x509 -days 365 -subj '/CN=my key/' -sha256 -provider pkcs11 -key "pkcs11:type=private;id=%00%01" -out cert.pem

Thank you!
@sfackler
Copy link
Owner

I don't think we currently expose anything like that but I'd be happy to take a PR.

@Firstyear
Copy link

Similar to this, a method to create keys into a PKCS11 provider would probably be good here to complete the lifecycle. The challenge might be the provider setup if you have keys coming from different sources though.

@Firstyear
Copy link

@WolfDan I'm going to give this a go.

@Firstyear Firstyear linked a pull request Oct 31, 2023 that will close this issue
Draft
mvar-ms pushed a commit to mvar-ms/rust-openssl that referenced this issue Nov 29, 2023
@Firstyear @mvar-ms
based on public PR
b7a4062 
PR: sfackler#2077
issue: sfackler#2059

It works!

fmt
mvar-ms pushed a commit to mvar-ms/rust-openssl that referenced this issue Apr 11, 2024
@Firstyear @mvar-ms
based on public PR
39cbacf 
PR: sfackler#2077
issue: sfackler#2059

It works!

fmt
@IniterWorker IniterWorker linked a pull request Sep 17, 2024 that will close this issue
Open
mvar-ms pushed a commit to mvar-ms/rust-openssl that referenced this issue Oct 27, 2024
@Firstyear @mvar-ms
based on public PR
af1657d 
PR: sfackler#2077
issue: sfackler#2059

It works!

fmt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@Firstyear @sfackler @WolfDan