New signer implementation in Go

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Jan Dittberner 47d5b2afff Improve configuration, implement setup mode - implement a dedicated setup mode for creating CA certificates that is triggered by the '-setup' command line flag - switch to YAML configuration for comment support and more human readable syntax. Format documentation is in docs/config.sample.yaml - move HSM related code to pkg/hsm - improve consistency checks in pkg/config		2 years ago
cmd/signer	Improve configuration, implement setup mode	2 years ago
docs	Improve configuration, implement setup mode	2 years ago
openpgp/signing	First DDD based signer implementation parts	3 years ago
pkg	Improve configuration, implement setup mode	2 years ago
x509	Implement signing test and domain logic	3 years ago
.gitattributes	First DDD based signer implementation parts	3 years ago
.gitignore	Improve configuration, implement setup mode	2 years ago
.goreleaser.yaml	Add goreleaser configuration	2 years ago
README.md	Add PKCS#11 test to generate root certificate	2 years ago
go.mod	Improve configuration, implement setup mode	2 years ago
go.sum	Implement configuration and CA hierarchy setup	2 years ago

README.md

Testing with softhsm2

sudo apt install softhsm2 gnutls-bin
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
export TOKEN_URL=$(p11tool --list-token-urls | grep localhsm | head -1)
p11tool --login --outfile=rootkey2022.pub --label=rootkey2022 --generate-privkey=ECDSA --curve=secp521r1 $TOKEN_URL
go test -v ./cmd/signer/
openssl x509 -in /tmp/test.pem -noout -text