RFC: support for HSM private keys in TLS handshake by OYTIS · Pull Request #28973 · nodejs/node
added
c++
labels
Aug 5, 2019labels
Aug 7, 2019
Signed-off-by: Anton Gerasimov <agerasimov@twilio.com>
Signed-off-by: Anton Gerasimov <agerasimov@twilio.com>
Trott pushed a commit that referenced this pull request
Sep 27, 2019
Add `privateKeyIdentifier` and `privateKeyEngine` options to get private key from an OpenSSL engine in tls.createSecureContext(). PR-URL: #28973 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
OYTIS
mentioned this pull request
BridgeAR pushed a commit that referenced this pull request
Oct 9, 2019
Add `privateKeyIdentifier` and `privateKeyEngine` options to get private key from an OpenSSL engine in tls.createSecureContext(). PR-URL: #28973 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
BridgeAR added a commit that referenced this pull request
Oct 10, 2019
Notable changes:
* build:
* Add `--force-context-aware` flag to prevent usage of native node
addons that aren't context aware
#29631
* deprecations:
* Add documentation-only deprecation for `process._tickCallback()`
#29781
* esm:
* Using JSON modules is experimental again
#29754
* fs:
* Introduce `opendir()` and `fs.Dir` to iterate through directories
#29349
* process:
* Add source-map support to stack traces by using
`--source-map-support` #29564
* tls:
* Honor `pauseOnConnect` option
#29635
* Add option for private keys for OpenSSL engines
#28973
PR-URL: #29919
BridgeAR added a commit that referenced this pull request
Oct 11, 2019
Notable changes:
* build:
* Add `--force-context-aware` flag to prevent usage of native node
addons that aren't context aware
#29631
* deprecations:
* Add documentation-only deprecation for `process._tickCallback()`
#29781
* esm:
* Using JSON modules is experimental again
#29754
* fs:
* Introduce `opendir()` and `fs.Dir` to iterate through directories
#29349
* process:
* Add source-map support to stack traces by using
`--source-map-support` #29564
* tls:
* Honor `pauseOnConnect` option
#29635
* Add option for private keys for OpenSSL engines
#28973
PR-URL: #29919
BridgeAR added a commit that referenced this pull request
Oct 11, 2019
Notable changes:
* build:
* Add `--force-context-aware` flag to prevent usage of native node
addons that aren't context aware
#29631
* deprecations:
* Add documentation-only deprecation for `process._tickCallback()`
#29781
* esm:
* Using JSON modules is experimental again
#29754
* fs:
* Introduce `opendir()` and `fs.Dir` to iterate through directories
#29349
* process:
* Add source-map support to stack traces by using
`--source-map-support` #29564
* tls:
* Honor `pauseOnConnect` option
#29635
* Add option for private keys for OpenSSL engines
#28973
PR-URL: #29919
mildsunrise added a commit to mildsunrise/node that referenced this pull request
Dec 7, 2020
We have a few places where we individually forward each parameter to tls.createSecureContext(). In nodejs#28973 and others, we added new SecureContext options but forgot to keep these places up to date. As per https.Agent#getName, I understand that at least `privateKeyIdentifier` and `privateKeyEngine` should be added too, since they're a substitute for `key`. I've also added sigalgs. Fixes: nodejs#36322 Refs: nodejs#28973
mildsunrise added a commit that referenced this pull request
Dec 12, 2020
We have a few places where we individually forward each parameter to tls.createSecureContext(). In #28973 and others, we added new SecureContext options but forgot to keep these places up to date. As per https.Agent#getName, I understand that at least `privateKeyIdentifier` and `privateKeyEngine` should be added too, since they're a substitute for `key`. I've also added sigalgs. Fixes: #36322 Refs: #28973 PR-URL: #36416 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
targos pushed a commit that referenced this pull request
Dec 21, 2020
We have a few places where we individually forward each parameter to tls.createSecureContext(). In #28973 and others, we added new SecureContext options but forgot to keep these places up to date. As per https.Agent#getName, I understand that at least `privateKeyIdentifier` and `privateKeyEngine` should be added too, since they're a substitute for `key`. I've also added sigalgs. Fixes: #36322 Refs: #28973 PR-URL: #36416 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
targos pushed a commit that referenced this pull request
May 1, 2021
We have a few places where we individually forward each parameter to tls.createSecureContext(). In #28973 and others, we added new SecureContext options but forgot to keep these places up to date. As per https.Agent#getName, I understand that at least `privateKeyIdentifier` and `privateKeyEngine` should be added too, since they're a substitute for `key`. I've also added sigalgs. Fixes: #36322 Refs: #28973 PR-URL: #36416 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters