summaryrefslogtreecommitdiff
path: root/vendor/github.com/miekg/pkcs11/README.md
diff options
context:
space:
mode:
authordependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>2021-02-09 09:17:50 +0000
committerDaniel J Walsh <dwalsh@redhat.com>2021-02-09 10:49:43 -0500
commit08d8290f1d65a254b6794f7fe87a6f769b2ca792 (patch)
tree1cb56c15d412d1d20226d1486bbd05656a3106e5 /vendor/github.com/miekg/pkcs11/README.md
parent19507d0ffe8cda0a69f056838556f471fd9e61fa (diff)
downloadpodman-08d8290f1d65a254b6794f7fe87a6f769b2ca792.tar.gz
podman-08d8290f1d65a254b6794f7fe87a6f769b2ca792.tar.bz2
podman-08d8290f1d65a254b6794f7fe87a6f769b2ca792.zip
Bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0
Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.0.3 to 1.1.0. - [Release notes](https://github.com/containers/ocicrypt/releases) - [Commits](https://github.com/containers/ocicrypt/compare/v1.0.3...v1.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'vendor/github.com/miekg/pkcs11/README.md')
-rw-r--r--vendor/github.com/miekg/pkcs11/README.md68
1 files changed, 68 insertions, 0 deletions
diff --git a/vendor/github.com/miekg/pkcs11/README.md b/vendor/github.com/miekg/pkcs11/README.md
new file mode 100644
index 000000000..0a5c1b7b6
--- /dev/null
+++ b/vendor/github.com/miekg/pkcs11/README.md
@@ -0,0 +1,68 @@
+# PKCS#11 [![Build Status](https://travis-ci.org/miekg/pkcs11.png?branch=master)](https://travis-ci.org/miekg/pkcs11) [![GoDoc](https://img.shields.io/badge/godoc-reference-blue.svg)](http://godoc.org/github.com/miekg/pkcs11)
+
+This is a Go implementation of the PKCS#11 API. It wraps the library closely, but uses Go idiom were
+it makes sense. It has been tested with SoftHSM.
+
+## SoftHSM
+
+ * Make it use a custom configuration file `export SOFTHSM_CONF=$PWD/softhsm.conf`
+
+ * Then use `softhsm` to init it
+
+ ~~~
+ softhsm --init-token --slot 0 --label test --pin 1234
+ ~~~
+
+ * Then use `libsofthsm.so` as the pkcs11 module:
+
+ ~~~ go
+ p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so")
+ ~~~
+
+## Examples
+
+A skeleton program would look somewhat like this (yes, pkcs#11 is verbose):
+
+~~~ go
+p := pkcs11.New("/usr/lib/softhsm/libsofthsm.so")
+err := p.Initialize()
+if err != nil {
+ panic(err)
+}
+
+defer p.Destroy()
+defer p.Finalize()
+
+slots, err := p.GetSlotList(true)
+if err != nil {
+ panic(err)
+}
+
+session, err := p.OpenSession(slots[0], pkcs11.CKF_SERIAL_SESSION|pkcs11.CKF_RW_SESSION)
+if err != nil {
+ panic(err)
+}
+defer p.CloseSession(session)
+
+err = p.Login(session, pkcs11.CKU_USER, "1234")
+if err != nil {
+ panic(err)
+}
+defer p.Logout(session)
+
+p.DigestInit(session, []*pkcs11.Mechanism{pkcs11.NewMechanism(pkcs11.CKM_SHA_1, nil)})
+hash, err := p.Digest(session, []byte("this is a string"))
+if err != nil {
+ panic(err)
+}
+
+for _, d := range hash {
+ fmt.Printf("%x", d)
+}
+fmt.Println()
+~~~
+
+Further examples are included in the tests.
+
+To expose PKCS#11 keys using the [crypto.Signer interface](https://golang.org/pkg/crypto/#Signer),
+please see [github.com/thalesignite/crypto11](https://github.com/thalesignite/crypto11).