New signer implementation in Go

Find a file

Jan Dittberner b9e8862f3e Update README to reflect setup Key setup can now be done by the signer, p11tool is no longer needed for key generation.		2022-04-20 09:06:22 +02:00
cmd/signer	Add -verbose flag, implement config options	2022-04-20 09:03:26 +02:00
docs	Improve configuration, implement setup mode	2022-04-19 16:48:32 +02:00
openpgp/signing	First DDD based signer implementation parts	2021-08-23 20:53:43 +02:00
pkg	Add -verbose flag, implement config options	2022-04-20 09:03:26 +02:00
x509	Implement signing test and domain logic	2021-08-24 22:02:14 +02:00
.gitattributes	First DDD based signer implementation parts	2021-08-23 20:53:43 +02:00
.gitignore	Improve configuration, implement setup mode	2022-04-19 16:48:32 +02:00
.goreleaser.yaml	Add goreleaser configuration	2022-04-16 14:43:05 +02:00
go.mod	Improve configuration, implement setup mode	2022-04-19 16:48:32 +02:00
go.sum	Implement configuration and CA hierarchy setup	2022-04-16 22:24:32 +02:00
README.md	Update README to reflect setup	2022-04-20 09:06:22 +02:00

README.md

Running with softhsm2

Setup HSM keys and certificates

sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup

Run the signer

export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer