hatter/external-signer-pkcs11
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d70f25cdc5b87261c8c0d887fc2670f48297cc3a
external-signer-pkcs11/README.md
Hatter Jiang d1d91e0618 feat: update readme
2025-05-24 10:42:11 +08:00

2.6 KiB
Raw Blame History

external-signer-pkcs11

Specification: https://openwebstandard.org/rfc1

Cross compile:

CGO_ENABLED=1 GOOS=linux GOARCH=amd64 CC="zig cc -target x86_64-linux" CXX="zig c++ -target x86_64-linux" go build  -o external-signer-pkcs11-linux-x86_64

List private objects:

pkcs11-tool --module /usr/local/lib/libykcs11.dylib --login --list-objects --type privkey

external-signer-pkcs11 external_spec

{
  "success": true,
  "agent": "external-signer-pkc11/0.1.0",
  "specification": "External/1.0.0-alpha",
  "commands": [
    "external_public_key",
    "external_sign"
  ]
}

external-signer-pkcs11 external_public_key --parameter "ewogICJsaWJyYXJ5IjogIi91c3IvbG9jYWwvbGliL2xpYnlrY3MxMS5keWxpYiIsCiAgInRva2VuX2xhYmVsIjogIll1YmlLZXkgUElWICM1MDEwMjIwIiwKICAicGluIjogIiIsCiAgImtleV9sYWJlbCI6ICJQcml2YXRlIGtleSBmb3IgUElWIEF1dGhlbnRpY2F0aW9uIgp9Cg=="

{
  "success": true,
  "public_key_base64": "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE8XMmwYi50M/+3dj/k18k8gdLvvEorFsEucrAXeln312/0GVpjc47jB9FG7mhWTrOEzYLvEnFH1ITd3/Yc5Mu+kR2O/zBx2SxIqiol3vLPgrQmdZS5j2xxaG9oCEgoW3F"
}

external-signer-pkcs11 external_sign --parameter "ewogICJsaWJyYXJ5IjogIi91c3IvbG9jYWwvbGliL2xpYnlrY3MxMS5keWxpYiIsCiAgInRva2VuX2xhYmVsIjogIll1YmlLZXkgUElWICM1MDEwMjIwIiwKICAicGluIjogIiIsCiAgImtleV9sYWJlbCI6ICJQcml2YXRlIGtleSBmb3IgUElWIEF1dGhlbnRpY2F0aW9uIgp9Cg==" --message-base64 "$(echo aaaa |base64)" --alg ES384

{
  "success": true,
  "signature_base64": "MGUCMHiHNZ8cx5hNZNPQCfBEiX93go5YEr/6zvNXlcpoRP2bvc6Zmn8s6Taq1KhRQc0ChgIxAO3Qqo+XViaDauaGM+TyBF3Y2pJ6ojL/m24ftzyvtaIvG7CnAaao2l2oLyCpyTehJg=="
}

Via card-cli

card-cli external_public_key --parameter "key://external-signer-pkcs11:external_command/p384::hmac_enc:saHbpo0kKNk9m3y81qERoA:Yx6dB0hsT7MOXdwXrJ4t1g:5wDzlJf/qYHPo5oVcAykaUV8eTCFnSLb7n+AnLoaXVeJkih1BcBlZ8H01EB74I4qiCC95PWN4IIQOxLrPAigbhJ7l0rK62DV/DWS+TcdB+EqbyBi01z2cNRmznREITvlxjgc+YMshK7N/Pc6QjDzNIMP+8AEJyzOuFY5eK1hZihO3pz4ctakjAG3W5kvrW1rehdwfdV/qD8hZfO1nvhlaEnzRomUWn5bHcahjd5V4straxPS/mxNefp7y8dpDAxPLlQz2YPLfkspRoWU0q1NeYTw91dIvNpP"

card-cli external_sign --parameter "key://external-signer-pkcs11:external_command/p384::hmac_enc:saHbpo0kKNk9m3y81qERoA:Yx6dB0hsT7MOXdwXrJ4t1g:5wDzlJf/qYHPo5oVcAykaUV8eTCFnSLb7n+AnLoaXVeJkih1BcBlZ8H01EB74I4qiCC95PWN4IIQOxLrPAigbhJ7l0rK62DV/DWS+TcdB+EqbyBi01z2cNRmznREITvlxjgc+YMshK7N/Pc6QjDzNIMP+8AEJyzOuFY5eK1hZihO3pz4ctakjAG3W5kvrW1rehdwfdV/qD8hZfO1nvhlaEnzRomUWn5bHcahjd5V4straxPS/mxNefp7y8dpDAxPLlQz2YPLfkspRoWU0q1NeYTw91dIvNpP" --alg ES384 --message-base64 "$(echo 'hello world' | base64)"
Reference in New Issue View Git Blame Copy Permalink