New signer implementation in Go
Find a file
Jan Dittberner b9e8862f3e Update README to reflect setup
Key setup can now be done by the signer, p11tool is no longer needed for
key generation.
2022-04-20 09:06:22 +02:00
cmd/signer Add -verbose flag, implement config options 2022-04-20 09:03:26 +02:00
docs Improve configuration, implement setup mode 2022-04-19 16:48:32 +02:00
openpgp/signing First DDD based signer implementation parts 2021-08-23 20:53:43 +02:00
pkg Add -verbose flag, implement config options 2022-04-20 09:03:26 +02:00
x509 Implement signing test and domain logic 2021-08-24 22:02:14 +02:00
.gitattributes First DDD based signer implementation parts 2021-08-23 20:53:43 +02:00
.gitignore Improve configuration, implement setup mode 2022-04-19 16:48:32 +02:00
.goreleaser.yaml Add goreleaser configuration 2022-04-16 14:43:05 +02:00
go.mod Improve configuration, implement setup mode 2022-04-19 16:48:32 +02:00
go.sum Implement configuration and CA hierarchy setup 2022-04-16 22:24:32 +02:00
README.md Update README to reflect setup 2022-04-20 09:06:22 +02:00

Running with softhsm2

Setup HSM keys and certificates

sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup

Run the signer

export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer