New signer implementation in Go

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Jan Dittberner 63c3716b5b Move x509 and openpgp into pkg small refactoring to unify package structure. Use crypto.rand for serial number generation in tests.		2 years ago
cmd/signer	Add -verbose flag, implement config options	2 years ago
docs	Improve configuration, implement setup mode	2 years ago
pkg	Move x509 and openpgp into pkg	2 years ago
.gitattributes	First DDD based signer implementation parts	3 years ago
.gitignore	Improve configuration, implement setup mode	2 years ago
.goreleaser.yaml	Add goreleaser configuration	2 years ago
README.md	Update README to reflect setup	2 years ago
go.mod	Finish openssl repository implementation and tests	2 years ago
go.sum	Implement configuration and CA hierarchy setup	2 years ago

README.md

Running with softhsm2

Setup HSM keys and certificates

sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup

Run the signer

export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer