diff options
| author | dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> | 2021-02-09 09:17:50 +0000 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2021-02-09 10:49:43 -0500 |
| commit | 08d8290f1d65a254b6794f7fe87a6f769b2ca792 (patch) | |
| tree | 1cb56c15d412d1d20226d1486bbd05656a3106e5 /vendor/github.com/miekg/pkcs11/README.md | |
| parent | 19507d0ffe8cda0a69f056838556f471fd9e61fa (diff) | |
| download | podman-08d8290f1d65a254b6794f7fe87a6f769b2ca792.tar.gz podman-08d8290f1d65a254b6794f7fe87a6f769b2ca792.tar.bz2 podman-08d8290f1d65a254b6794f7fe87a6f769b2ca792.zip | |
Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0
Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.0.3 to 1.1.0.
- [Release notes](https://github.com/containers/ocicrypt/releases)
- [Commits](https://github.com/containers/ocicrypt/compare/v1.0.3...v1.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'vendor/github.com/miekg/pkcs11/README.md')
| -rw-r--r-- | vendor/github.com/miekg/pkcs11/README.md | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/vendor/github.com/miekg/pkcs11/README.md b/vendor/github.com/miekg/pkcs11/README.md new file mode 100644 index 000000000..0a5c1b7b6 --- /dev/null +++ b/vendor/github.com/miekg/pkcs11/README.md @@ -0,0 +1,68 @@ +# PKCS#11 [](https://travis-ci.org/miekg/pkcs11) [](http://godoc.org/github.com/miekg/pkcs11) + +This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom were +it makes sense. It has been tested with SoftHSM. + +## SoftHSM + + * Make it use a custom configuration file `export SOFTHSM_CONF=$PWD/softhsm.conf` + + * Then use `softhsm` to init it + + ~~~ + softhsm --init-token --slot 0 --label test --pin 1234 + ~~~ + + * Then use `libsofthsm.so` as the pkcs11 module: + + ~~~ go + p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so") + ~~~ + +## Examples + +A skeleton program would look somewhat like this (yes, pkcs#11 is verbose): + +~~~ go +p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so") +err := p.Initialize() +if err != nil { + panic(err) +} + +defer p.Destroy() +defer p.Finalize() + +slots, err := p.GetSlotList(true) +if err != nil { + panic(err) +} + +session, err := p.OpenSession(slots[0], pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION) +if err != nil { + panic(err) +} +defer p.CloseSession(session) + +err = p.Login(session, pkcs11.CKU_USER, "1234") +if err != nil { + panic(err) +} +defer p.Logout(session) + +p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)}) +hash, err := p.Digest(session, []byte("this is a string")) +if err != nil { + panic(err) +} + +for _, d := range hash { + fmt.Printf("%x", d) +} +fmt.Println() +~~~ + +Further examples are included in the tests. + +To expose PKCS#11 keys using the [crypto.Signer interface](https://golang.org/pkg/crypto/#Signer), +please see [github.com/thalesignite/crypto11](https://github.com/thalesignite/crypto11). |