publicWagsHome
/
buildx
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v0.11
v0.10
v0.9
v0.8
v0.7
v0.6
v0.10.0
v0.10.0-rc1
v0.10.0-rc2
v0.10.0-rc3
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.11.0-rc1
v0.11.0-rc2
v0.11.1
v0.11.2
v0.2.0
v0.2.1
v0.2.2
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.5.0-rc1
v0.5.1
v0.6.0
v0.6.0-rc1
v0.6.1
v0.6.2
v0.6.3
v0.7.0
v0.7.0-rc1
v0.7.1
v0.8.0
v0.8.0-rc1
v0.8.1
v0.8.2
v0.9.0
v0.9.0-rc1
v0.9.0-rc2
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
buildx/vendor/github.com/miekg/pkcs11
History
Sebastiaan van Stijn 35b238ee82
vendor: vendor with -compat=1.17 
This might break compatibility with projects using this module that
are still on go1.16, which is EOL, so probably ok to ignore:

    github.com/docker/buildx/store imports
        github.com/gofrs/flock tested by
        github.com/gofrs/flock.test imports
        gopkg.in/check.v1 loaded from gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f,
        but go 1.16 would select v1.0.0-20201130134442-10cb98267c6c

    To upgrade to the versions selected by go 1.16:
        go mod tidy -go=1.16 && go mod tidy -go=1.17
    If reproducibility with go 1.16 is not needed:
        go mod tidy -compat=1.17
    For other options, see:
        https://golang.org/doc/modules/pruning

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 		3 years ago
..
.gitignore vendor: initial vendor 6 years ago
LICENSE vendor: initial vendor 6 years ago
Makefile.release vendor: update buildkit to 8effd45b 4 years ago
README.md vendor: update buildkit to 3e38a2d 3 years ago
error.go vendor: initial vendor 6 years ago
hsm.db vendor: initial vendor 6 years ago
params.go vendor: initial vendor 6 years ago
pkcs11.go vendor: update buildkit to 3e38a2d 3 years ago
pkcs11.h vendor: initial vendor 6 years ago
pkcs11f.h vendor: initial vendor 6 years ago
pkcs11go.h vendor: initial vendor 6 years ago
pkcs11t.h vendor: initial vendor 6 years ago
release.go vendor: update buildkit to 3e38a2d 3 years ago
softhsm.conf vendor: initial vendor 6 years ago
softhsm2.conf vendor: update buildkit to 8effd45b 4 years ago
types.go vendor: update buildkit to 3e38a2d 3 years ago
vendor.go vendor: initial vendor 6 years ago
zconst.go vendor: update buildkit to 3e38a2d 3 years ago

README.md

PKCS#11

This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom where it makes sense. It has been tested with SoftHSM.

SoftHSM

  • Make it use a custom configuration file export SOFTHSM_CONF=$PWD/softhsm.conf

  • Then use softhsm to init it

    softhsm --init-token --slot 0 --label test --pin 1234

  • Then use libsofthsm2.so as the pkcs11 module:

    p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")

Examples

A skeleton program would look somewhat like this (yes, pkcs#11 is verbose):

p := pkcs11.New("/usr/lib/softhsm/libsofthsm2.so")
err := p.Initialize()
if err != nil {
    panic(err)
}

defer p.Destroy()
defer p.Finalize()

slots, err := p.GetSlotList(true)
if err != nil {
    panic(err)
}

session, err := p.OpenSession(slots[0], pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
if err != nil {
    panic(err)
}
defer p.CloseSession(session)

err = p.Login(session, pkcs11.CKU_USER, "1234")
if err != nil {
    panic(err)
}
defer p.Logout(session)

p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)})
hash, err := p.Digest(session, []byte("this is a string"))
if err != nil {
    panic(err)
}

for _, d := range hash {
        fmt.Printf("%x", d)
}
fmt.Println()

Further examples are included in the tests.

To expose PKCS#11 keys using the crypto.Signer interface, please see github.com/thalesignite/crypto11.