You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Jan Dittberner
2de592d30c
This commit changes the wire protocol to split between command announcement and command payload to allow proper typing of sent and received msgpack messages. CRL fetching has been implemented as second command after the existing health check command. |
2 years ago | |
|---|---|---|
| cmd | 2 years ago | |
| docs | 2 years ago | |
| pkg | 2 years ago | |
| .gitattributes | 3 years ago | |
| .gitignore | 2 years ago | |
| .golangci.yml | 2 years ago | |
| .goreleaser.yaml | 2 years ago | |
| LICENSE | 2 years ago | |
| README.md | 2 years ago | |
| go.mod | 2 years ago | |
| go.sum | 2 years ago | |
README.md
Running with softhsm2
Setup HSM keys and certificates
sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup
Run the signer
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer
Run the client simulator with socat
You may run the client simulator that sends commands via stdout and reads responses on stdin via socat to
simulate traffic on an emulated serial device:
sudo apt install socat
go build ./cmd/clientsim
socat -d -d -v pty,rawer,link=$(pwd)/testPty EXEC:./clientsim,pty,rawer
You will need to configure $(pwd)/testPty as serial/device in your config.yaml to let the signer command find
the emulated serial device.