New signer implementation in Go
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Jan Dittberner af40662c7d Refactor client protocol
- define protocols.ClientHandler interface as base for client implementations
- implement protocols.ClientHandler in clientsim's ClientHandler type
- move protocol state handling into protocols.ServerProtocol and
  protocols.ClientProtocol
- move protocolState type into protocols.go
- reduce clientsim's TestCommandGenerator responsibility to test command
  generation
2 years ago
cmd Refactor client protocol 2 years ago
docs Rename intermediary CA to subordinate CA 2 years ago
internal Refactor client protocol 2 years ago
pkg Refactor client protocol 2 years ago
.gitattributes First DDD based signer implementation parts 3 years ago
.gitignore Implement command type handling 2 years ago
.golangci.yml Move internal code to internal packages 2 years ago
.goreleaser.yaml Add goreleaser configuration 2 years ago
LICENSE Configure and apply golangci-lint 2 years ago
Makefile Protocol improvements 2 years ago
README.md Implement serial link and protocol handling infrastructure 2 years ago
go.mod Protocol improvements 2 years ago
go.sum Protocol improvements 2 years ago

README.md

Running with softhsm2

Setup HSM keys and certificates

sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup

Run the signer

export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer

Run the client simulator with socat

You may run the client simulator that sends commands via stdout and reads responses on stdin via socat to simulate traffic on an emulated serial device:

sudo apt install socat
go build ./cmd/clientsim
socat -d -d -v pty,rawer,link=$(pwd)/testPty EXEC:./clientsim,pty,rawer

You will need to configure $(pwd)/testPty as serial/device in your config.yaml to let the signer command find the emulated serial device.