OpenSC
tpm2-pkcs11
Our great sponsors
OpenSC | tpm2-pkcs11 | |
---|---|---|
8 | 3 | |
2,413 | 253 | |
1.9% | 2.8% | |
9.6 | 2.4 | |
5 days ago | 7 days ago | |
C | C | |
GNU Lesser General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OpenSC
- How do you put your private key files (.ppk) on a security key (HYPERFIDO U2F/FIDO2/HOTP) ?
-
Create Your Own Local Root CA With Yubikey Signing
This installs opensc, a library for dealing with Smart Card (essentially what a Yubikey is recognized as) access in a programmatic way. It also installs OpenSSL bindings that interact using the pkcs11 standard. Basically, we won't get very far using a Yubikey for signing without this. The intermediate CA configuration will also need to be updated:
-
You can link an OpenPGP key to a German eID
Well, in Spain you can use your eID directly: https://github.com/OpenSC/OpenSC/wiki/DNIe-%28OpenDNIe%29#up...
-
Enhance your Network Security with Zero Trust and OTP
The OpenSC binary to interact with the Yubikey at command line.
-
Tillitis Security Key – Mullvad spin-off inspired by measured boot and DICE
https://github.com/OpenSC/OpenSC
Note that "production ready" does not equate to "follow a YouTube video and write 17 lines of TypeScript." You need to know Java, you need to know crypto, and you need a few bucks to throw at the appropriate hardware. That said, the entire US DoD is built on JavaCard so it is as production grade as you can get.
-
EU Commission to open source software
Next step. Make sure EU Government paid contractors release source code per LGPL https://github.com/OpenSC/OpenSC/issues/2462
-
How do you store private keys?
I have one of the Nitrokeys and several of the smart cards for various purposes. The software side of using them can be a bit confusing if you're not familiar with HSMs and PKCS#11, but the OpenSC project has a lot of good info to help.
-
Dev Tools I Can't Appreciate Enough
1- PKCS11-Tools by OpenSC
tpm2-pkcs11
-
Linux Protection Against Theft
TPM for SSH keys storage - https://github.com/tpm2-software/tpm2-pkcs11
- Show HN: SSH-tpm-agent – SSH agent for TPMs
-
801.x certificate security
you would look into something like that
What are some alternatives?
AusweisApp - Der offizielle eID-Client des Bundes.
tpm2-tss-engine - OpenSSL Engine for TPM2 devices
putty-cac - Windows Secure Shell Client With Support For Smart Cards, Certificates, & FIDO Keys
yubico-piv-tool - Command line tool for the YubiKey PIV application
tpm2-tools - The source repository for the Trusted Platform Module (TPM2.0) tools
eid-mw - eID Middleware (main repository)
ssh-tpm-agent - :computer: :key: ssh-agent for TPMs
yubikey-full-disk-encryption - Use YubiKey to unlock a LUKS partition
yubikey-agent - yubikey-agent is a seamless ssh-agent for YubiKeys.
postman-app-support - Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.
Super-UEFIinSecureBoot-Disk - Super UEFIinSecureBoot Disk: Boot any OS or .efi file without disabling UEFI Secure Boot