- Moving the private keys out of the public-facing servers.
- Preventing private key extraction in case of memory leaks (like Heartbleed)
The following patch aims to provide a way for a server to asynchronously request private key signing/decryption from other party (like different thread, or a remote server).
This is done by splitting the:
ssl3_get_client_key_exchange()
ssl3_send_server_key_exchange()
into two functions, and adding intermediate states
respectively. The output data (from remote server) should
be supplied using SSL_supply_key_ex_data()
, and at this
point handshake process is able to continue.
Until SSL_supply_key_ex_data()
is called, all calls like:
SSL_read()
SSL_write()
SSL_accept()
Will return either of:
SSL_ERROR_WANT_RSA_DECRYPT
(for non-DH ciphers)SSL_ERROR_WANT_SIGN
(for DH ciphers)
More details in the actual documentation.