Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
f1d6e9bc4b
k3s/vendor/github.com/stefanberger/go-pkcs11uri/README.md
Brad Davidson b352d73511 Bump containerd to v1.4.8-k3s1 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2021-07-20 15:44:06 -07:00

103 lines
2.0 KiB
Markdown
Raw Blame History

# go-pkcs11uri
Welcome to the go-pkcs11uri library. The implementation follows [RFC 7512](https://tools.ietf.org/html/rfc7512) and this [errata](https://www.rfc-editor.org/errata/rfc7512).
# Exampe usage:
The following example builds on this library [here](https://github.com/miekg/pkcs11) and are using softhsm2 on Fedora.
## Example
This example program extending the one found [here](https://github.com/miekg/pkcs11/blob/master/README.md#examples):
```
package main
import (
"fmt"
"os"
"strconv"
"github.com/miekg/pkcs11"
pkcs11uri "github.com/stefanberger/go-pkcs11uri"
)
func main() {
if len(os.Args) < 2 {
panic("Missing pkcs11 URI argument")
}
uristr := os.Args[1]
uri, err := pkcs11uri.New()
if err != nil {
panic(err)
}
err = uri.Parse(uristr)
if err != nil {
panic(err)
}
module, err := uri.GetModule()
if err != nil {
panic(err)
}
slot, ok := uri.GetPathAttribute("slot-id", false)
if !ok {
panic("No slot-id in pkcs11 URI")
}
slotid, err := strconv.Atoi(slot)
if err != nil {
panic(err)
}
pin, err := uri.GetPIN()
if err != nil {
panic(err)
}
p := pkcs11.New(module)
err = p.Initialize()
if err != nil {
panic(err)
}
defer p.Destroy()
defer p.Finalize()
session, err := p.OpenSession(uint(slotid), pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
if err != nil {
panic(err)
}
defer p.CloseSession(session)
err = p.Login(session, pkcs11.CKU_USER, pin)
if err != nil {
panic(err)
}
defer p.Logout(session)
p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)})
hash, err := p.Digest(session, []byte("this is a string"))
if err != nil {
panic(err)
}
for _, d := range hash {
fmt.Printf("%x", d)
}
fmt.Println()
}
```
## Exampe Usage
```
$ sudo softhsm2-util --init-token --slot 1 --label test --pin 1234 --so-pin 1234
The token has been initialized and is reassigned to slot 2053753261
$ go build ./...
$ sudo ./pkcs11-example 'pkcs11:slot-id=2053753261?module-path=/usr/lib64/pkcs11/libsofthsm2.so&pin-value=1234'
517592df8fec3ad146a79a9af153db2a4d784ec5
```
Reference in New Issue View Git Blame Copy Permalink