Skip to content

Cybersecurity-LINKS/openssl

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Purpose

This is a fork of OpenSSL to enable TLS 1.3 authentication through the use of Verifiable Credentials. The original OpenSSL README can be found at README-OPENSSL

Architecture

This version of OpenSSL leverages the ssi-provider to perform operations that involve the usage of Verifiable Credentials.

Build

We have added the vcauthtls option in the Configure file to enable VC authentication in the TLS 1.3 handshake. The option is disabled by default, so when you run the Configure file you need to add the option enable-vcauthtls.

Usage

The creation of the Self-Sovereign Identity can be performed through the genpkey application treating the DID Document as the public part and the VC as the private part of an asymmetric keypair.

openssl genpkey -algorithm VC -out did-document.pem -outpubkey vc.pem -provider default -provider ssi

A TLS 1.3 handshake with VC authentication can be performed locally by running the s_server and s_client applications with the following options:

openssl s_server -accept 44330 -www -cert server-vc.pem -key server-did-document.pem -verify 1 -enable_client_rpk -enable_server_rpk -tls1_3 -provider default -provider ssi

openssl s_client -connect localhost:44330 -cert client-vc.pem -key client-did-document.pem -enable_client_rpk -enable_server_rpk -tls1_3 -provider default -provider ssi 

About

TLS/SSL and crypto library with VC certificate type

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C 64.0%
  • Perl 19.3%
  • HTML 15.2%
  • Raku 0.5%
  • Assembly 0.5%
  • Shell 0.2%
  • Other 0.3%