The SAML engine should support a PKCS#11 interface for signature (and maybe for verification, although this is not crucial). We probably need 2 attributes in the config file: - chosing between a key store or a PKCS#11 interface - the path of the PKCS#11 DLL/SO (the latter could maybe be the same as the key store path?)
| Hardware | None |
| Product | SAML engine |
| Operating System | None |
| Component | SAML engine |
| Version | None |
| Severity | enhancement |
| Resolution | None |
Category
Bugs
Login or create an account to comment.
Comments
We will also need to use a PKCS#11 interface or a key store in the specific PEPS for national identifier derivation. Shouldn't we define these parameters only once at the global PEPS level?