[jboss-jira] [JBoss JIRA] Updated: (AS7-1102) Create PKCS#11 Compitable Cryptographic Services for Domain Management

Create PKCS#11 Compitable Cryptographic Services for Domain Management ---------------------------------------------------------------------- Key: AS7-1102 URL: https://issues.jboss.org/browse/AS7-1102 Project: Application Server 7 Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 7.1.0.Alpha1 Within domain management there are occasions where passwords need to be stored or keystores accessed either for encryption / decryption of password or to load the keys used for SSL exchanges. Commonly a password within code is used for password based encryption of other passwords, this obfuscates the password but does not over complicate the process of recovering the password, alternatively a local keystore can be used for the encryption but again everything is available on the local disk to recover the password. PKCS#11 will allow the cryptographic to be delegated to hardware which contains it's own protection against keys being made available.