summaryrefslogtreecommitdiff
path: root/manual/html_node/Hardware-security-modules-and-abstract-key-types.html
diff options
context:
space:
mode:
Diffstat (limited to 'manual/html_node/Hardware-security-modules-and-abstract-key-types.html')
-rw-r--r--manual/html_node/Hardware-security-modules-and-abstract-key-types.html216
1 files changed, 0 insertions, 216 deletions
diff --git a/manual/html_node/Hardware-security-modules-and-abstract-key-types.html b/manual/html_node/Hardware-security-modules-and-abstract-key-types.html
deleted file mode 100644
index 92d5a5df50..0000000000
--- a/manual/html_node/Hardware-security-modules-and-abstract-key-types.html
+++ /dev/null
@@ -1,216 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<!-- This manual is last updated 4 March 2015 for version
-3.5.4 of GnuTLS.
-
-Copyright (C) 2001-2015 Free Software Foundation, Inc.\\
-Copyright (C) 2001-2015 Nikos Mavrogiannopoulos
-
-Permission is granted to copy, distribute and/or modify this document
-under the terms of the GNU Free Documentation License, Version 1.3 or
-any later version published by the Free Software Foundation; with no
-Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A
-copy of the license is included in the section entitled "GNU Free
-Documentation License". -->
-<!-- Created by GNU Texinfo 6.1, http://www.gnu.org/software/texinfo/ -->
-<head>
-<title>GnuTLS 3.5.4: Hardware security modules and abstract key types</title>
-
-<meta name="description" content="GnuTLS 3.5.4: Hardware security modules and abstract key types">
-<meta name="keywords" content="GnuTLS 3.5.4: Hardware security modules and abstract key types">
-<meta name="resource-type" content="document">
-<meta name="distribution" content="global">
-<meta name="Generator" content="makeinfo">
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<link href="index.html#Top" rel="start" title="Top">
-<link href="Function-and-Data-Index.html#Function-and-Data-Index" rel="index" title="Function and Data Index">
-<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
-<link href="index.html#Top" rel="up" title="Top">
-<link href="Abstract-key-types.html#Abstract-key-types" rel="next" title="Abstract key types">
-<link href="Selecting-an-appropriate-authentication-method.html#Selecting-an-appropriate-authentication-method" rel="prev" title="Selecting an appropriate authentication method">
-<style type="text/css">
-<!--
-a.summary-letter {text-decoration: none}
-blockquote.indentedblock {margin-right: 0em}
-blockquote.smallindentedblock {margin-right: 0em; font-size: smaller}
-blockquote.smallquotation {font-size: smaller}
-div.display {margin-left: 3.2em}
-div.example {margin-left: 3.2em}
-div.lisp {margin-left: 3.2em}
-div.smalldisplay {margin-left: 3.2em}
-div.smallexample {margin-left: 3.2em}
-div.smalllisp {margin-left: 3.2em}
-kbd {font-style: oblique}
-pre.display {font-family: inherit}
-pre.format {font-family: inherit}
-pre.menu-comment {font-family: serif}
-pre.menu-preformatted {font-family: serif}
-pre.smalldisplay {font-family: inherit; font-size: smaller}
-pre.smallexample {font-size: smaller}
-pre.smallformat {font-family: inherit; font-size: smaller}
-pre.smalllisp {font-size: smaller}
-span.nolinebreak {white-space: nowrap}
-span.roman {font-family: initial; font-weight: normal}
-span.sansserif {font-family: sans-serif; font-weight: normal}
-ul.no-bullet {list-style: none}
-body {
- margin: 2%;
- padding: 0 5%;
- background: #ffffff;
-}
-h1,h2,h3,h4,h5 {
- font-weight: bold;
- padding: 5px 5px 5px 5px;
- background-color: #c2e0ff;
- color: #336699;
-}
-h1 {
- padding: 2em 2em 2em 5%;
- color: white;
- background: #336699;
- text-align: center;
- letter-spacing: 3px;
-}
-h2 { text-decoration: underline; }
-pre {
- margin: 0 5%;
- padding: 0.5em;
-}
-pre.example,pre.verbatim {
- padding-bottom: 1em;
-
- border: solid #c2e0ff;
- background: #f0faff;
- border-width: 1px 1px 1px 5px;
- margin: 1em auto;
- width: 90%;
-}
-
-div.node {
- margin: 0 -5% 0 -2%;
- padding: 0.5em 0.5em;
- margin-top: 0.5em;
- margin-bottom: 0.5em;
- font-weight: bold;
-}
-dd, li {
- padding-top: 0.1em;
- padding-bottom: 0.1em;
-}
-div.float {
-
- margin-bottom: 0.5em;
- text-align: center;
-}
-
-table {
- text-align: left;
- margin-left:auto;
- margin-right:auto;
- border-spacing: 7px;
- width: 50%;
-}
-
-th {
- padding: 0;
- color: #336699;
- background-color: #c2e0ff;
- border: solid #000000;
- border-width: 0px;
- margin: 1em auto;
- text-align: center;
- margin-left:auto;
- margin-right:auto;
-}
-
-td {
- padding: 0;
- border: solid #000000;
- background-color: #f0faff;
- border-width: 0px;
- margin: 1em auto;
- text-align: left;
- margin-left:auto;
- margin-right:auto;
- padding-left: 1em;
-}
-
-dl {
- text-align: left;
- margin-left:auto;
- margin-right:auto;
- width: 50%;
-
- padding-left: 1em;
- border: solid #c2e0ff;
- background: #f0faff;
- border-width: 5px 1px 1px 1px;
- margin: 1em auto;
-}
-
--->
-</style>
-
-
-</head>
-
-<body lang="en">
-<a name="Hardware-security-modules-and-abstract-key-types"></a>
-<div class="header">
-<p>
-Next: <a href="How-to-use-GnuTLS-in-applications.html#How-to-use-GnuTLS-in-applications" accesskey="n" rel="next">How to use GnuTLS in applications</a>, Previous: <a href="Authentication-methods.html#Authentication-methods" accesskey="p" rel="prev">Authentication methods</a>, Up: <a href="index.html#Top" accesskey="u" rel="up">Top</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p>
-</div>
-<hr>
-<a name="Abstract-keys-types-and-Hardware-security-modules"></a>
-<h2 class="chapter">5 Abstract keys types and Hardware security modules</h2>
-
-<p>In several cases storing the long term cryptographic keys in a hard disk or
-even in memory poses a significant risk. Once the system they are stored
-is compromised the keys must be replaced as the secrecy of future sessions
-is no longer guaranteed. Moreover, past sessions that were not protected by a
-perfect forward secrecy offering ciphersuite are also to be assumed compromised.
-</p>
-<p>If such threats need to be addressed, then it may be wise storing the keys in a security
-module such as a smart card, an HSM or the TPM chip. Those modules ensure the
-protection of the cryptographic keys by only allowing operations on them and
-preventing their extraction. The purpose of the abstract key API is to provide
-an API that will allow the handle of keys in memory and files, as well as keys
-stored in such modules.
-</p>
-<p>In GnuTLS the approach is to handle all keys transparently by the high level API, e.g.,
-the API that loads a key or certificate from a file.
-The high-level API will accept URIs in addition to files that specify keys on an HSM or in TPM,
-and a callback function will be used to obtain any required keys. The URI format is defined in
-[<em>PKCS11URI</em>].
-</p>
-<p>More information on the API is provided in the next sections. Examples of a URI of a certificate
-stored in an HSM, as well as a key stored in the TPM chip are shown below. To discover the URIs
-of the objects the <code>p11tool</code> (see <a href="p11tool-Invocation.html#p11tool-Invocation">p11tool Invocation</a>).
-</p><div class="example">
-<pre class="example">pkcs11:token=Nikos;serial=307521161601031;model=PKCS%2315; \
-manufacturer=EnterSafe;object=test1;type=cert
-
-</pre></div>
-
-
-<table class="menu" border="0" cellspacing="0">
-<tr><td align="left" valign="top">&bull; <a href="Abstract-key-types.html#Abstract-key-types" accesskey="1">Abstract key types</a>:</td><td>&nbsp;&nbsp;</td><td align="left" valign="top">
-</td></tr>
-<tr><td align="left" valign="top">&bull; <a href="Application_002dspecific-keys.html#Application_002dspecific-keys" accesskey="2">Application-specific keys</a>:</td><td>&nbsp;&nbsp;</td><td align="left" valign="top">
-</td></tr>
-<tr><td align="left" valign="top">&bull; <a href="Smart-cards-and-HSMs.html#Smart-cards-and-HSMs" accesskey="3">Smart cards and HSMs</a>:</td><td>&nbsp;&nbsp;</td><td align="left" valign="top">
-</td></tr>
-<tr><td align="left" valign="top">&bull; <a href="Trusted-Platform-Module.html#Trusted-Platform-Module" accesskey="4">Trusted Platform Module</a>:</td><td>&nbsp;&nbsp;</td><td align="left" valign="top">
-</td></tr>
-</table>
-
-<hr>
-<div class="header">
-<p>
-Next: <a href="How-to-use-GnuTLS-in-applications.html#How-to-use-GnuTLS-in-applications" accesskey="n" rel="next">How to use GnuTLS in applications</a>, Previous: <a href="Authentication-methods.html#Authentication-methods" accesskey="p" rel="prev">Authentication methods</a>, Up: <a href="index.html#Top" accesskey="u" rel="up">Top</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p>
-</div>
-
-
-
-</body>
-</html>
View Lorry Controller Status