New signer implementation in Go
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
Jan Dittberner c2b987fd31 Allow hsm to use relative paths 2 years ago
cmd/signer Refactor HSM setup 2 years ago
docs Remove separate Command dispatcher 2 years ago
pkg Allow hsm to use relative paths 2 years ago
.gitattributes First DDD based signer implementation parts 3 years ago
.gitignore Improve configuration, implement setup mode 2 years ago
.golangci.yml Add test for pkg/hsm/context.go 2 years ago
.goreleaser.yaml Add goreleaser configuration 2 years ago
LICENSE Configure and apply golangci-lint 2 years ago
README.md Update README to reflect setup 2 years ago
go.mod Finish openssl repository implementation and tests 2 years ago
go.sum Implement configuration and CA hierarchy setup 2 years ago

README.md

Running with softhsm2

Setup HSM keys and certificates

sudo apt install softhsm2
umask 077
mkdir -p ~/.config/softhsm2/tokens
echo "directories.tokendir = $HOME/.config/softhsm2/tokens/" > ~/.config/softhsm2/softhsm2.conf
cp docs/config.sample.yaml config.yaml
# modify config.yaml to fit your needs
softhsm2-util --init-token --free --label localhsm --so-pin 47110815 --pin 123456
# initialize the keys
export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer -setup

Run the signer

export PKCS11_PIN_LOCALHSM=123456
go run ./cmd/signer