New signer implementation in Go

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

Go to file

Jan Dittberner b9e8862f3e Update README to reflect setup Key setup can now be done by the signer, p11tool is no longer needed for key generation.		2 years ago
cmd/signer	Add -verbose flag, implement config options	2 years ago
docs	Improve configuration, implement setup mode	2 years ago
openpgp/signing	First DDD based signer implementation parts	3 years ago
pkg	Add -verbose flag, implement config options	2 years ago
x509	Implement signing test and domain logic	3 years ago
.gitattributes	First DDD based signer implementation parts	3 years ago
.gitignore	Improve configuration, implement setup mode	2 years ago
.goreleaser.yaml	Add goreleaser configuration	2 years ago
README.md	Update README to reflect setup	2 years ago
go.mod	Improve configuration, implement setup mode	2 years ago
go.sum	Implement configuration and CA hierarchy setup	2 years ago

README.md

Running with softhsm2

Setup HSM keys and certificates

sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup

Run the signer

export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer