containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/vendor/github.com/stefanberger/go-pkcs11uri
History
dependabot-preview[bot] 08d8290f1d
Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 
Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/containers/ocicrypt/releases)
- [Commits](https://github.com/containers/ocicrypt/compare/v1.0.3...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 		2021-02-09 10:49:43 -05:00
..
.gitignore Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 2021-02-09 10:49:43 -05:00
.travis.yml Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 2021-02-09 10:49:43 -05:00
LICENSE Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 2021-02-09 10:49:43 -05:00
Makefile Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 2021-02-09 10:49:43 -05:00
README.md Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 2021-02-09 10:49:43 -05:00
pkcs11uri.go Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 2021-02-09 10:49:43 -05:00

README.md

go-pkcs11uri

Welcome to the go-pkcs11uri library. The implementation follows RFC 7512 and this errata.

Exampe usage:

The following example builds on this library here and are using softhsm2 on Fedora.

Example

This example program extending the one found here:

package main

import (
	"fmt"
	"os"
	"strconv"

	"github.com/miekg/pkcs11"
	pkcs11uri "github.com/stefanberger/go-pkcs11uri"
)

func main() {
	if len(os.Args) < 2 {
		panic("Missing pkcs11 URI argument")
	}
	uristr := os.Args[1]

	uri, err := pkcs11uri.New()
	if err != nil {
		panic(err)
	}
	err = uri.Parse(uristr)
	if err != nil {
		panic(err)
	}

	module, err := uri.GetModule()
	if err != nil {
		panic(err)
	}

	slot, ok := uri.GetPathAttribute("slot-id", false)
	if !ok {
		panic("No slot-id in pkcs11 URI")
	}
	slotid, err := strconv.Atoi(slot)
	if err != nil {
		panic(err)
	}

	pin, err := uri.GetPIN()
	if err != nil {
		panic(err)
	}

	p := pkcs11.New(module)
	err = p.Initialize()
	if err != nil {
		panic(err)
	}

	defer p.Destroy()
	defer p.Finalize()

	session, err := p.OpenSession(uint(slotid), pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
	if err != nil {
		panic(err)
	}
	defer p.CloseSession(session)

	err = p.Login(session, pkcs11.CKU_USER, pin)
	if err != nil {
		panic(err)
	}
	defer p.Logout(session)

	p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)})
	hash, err := p.Digest(session, []byte("this is a string"))
	if err != nil {
		panic(err)
	}

	for _, d := range hash {
		fmt.Printf("%x", d)
	}
	fmt.Println()
}

Exampe Usage

$ sudo softhsm2-util --init-token --slot 1 --label test --pin 1234 --so-pin 1234
The token has been initialized and is reassigned to slot 2053753261
$ go build ./...
$ sudo ./pkcs11-example 'pkcs11:slot-id=2053753261?module-path=/usr/lib64/pkcs11/libsofthsm2.so&pin-value=1234'
517592df8fec3ad146a79a9af153db2a4d784ec5