Package p11token

const (
    CKS_RO_PUBLIC_SESSION = 0
    CKS_RO_USER_FUNCTIONS = 1
    CKS_RW_PUBLIC_SESSION = 2
    CKS_RW_USER_FUNCTIONS = 3
    CKS_RW_SO_FUNCTIONS   = 4

    CKA_ID            = pkcs11.CKA_ID
    CKA_LABEL         = pkcs11.CKA_LABEL
    CKA_SERIAL_NUMBER = pkcs11.CKA_SERIAL_NUMBER

    CKK_RSA   = pkcs11.CKK_RSA
    CKK_ECDSA = pkcs11.CKK_ECDSA
)

func List ¶

func List(provider string, output io.Writer) error

type Key ¶

type Key struct {
    PgpCertificate  string
    X509Certificate string
    // contains filtered or unexported fields
}

func (*Key) Config ¶

func (key *Key) Config() *config.KeyConfig

func (*Key) GetID ¶

func (key *Key) GetID() []byte

func (*Key) ImportCertificate ¶

func (key *Key) ImportCertificate(cert *x509.Certificate) error

func (*Key) Public ¶

func (key *Key) Public() crypto.PublicKey

func (*Key) Sign ¶

func (key *Key) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

type Token ¶

type Token struct {
    // contains filtered or unexported fields
}

func Open ¶

func Open(config *config.Config, tokenName string, pinProvider passprompt.PasswordGetter) (*Token, error)

Load a PKCS#11 provider, open a session, and login

func (*Token) Close ¶

func (tok *Token) Close() error

Close the token session

func (*Token) Config ¶

func (tok *Token) Config() *config.TokenConfig

func (*Token) Generate ¶

func (tok *Token) Generate(keyName string, keyType token.KeyType, bits uint) (token.Key, error)

Generate an RSA or ECDSA key in the token

func (*Token) GetKey ¶

func (token *Token) GetKey(keyName string) (token.Key, error)

func (*Token) Import ¶

func (tok *Token) Import(keyName string, privKey crypto.PrivateKey) (token.Key, error)

Import an RSA or ECDSA private key into the token

func (*Token) ImportCertificate ¶

func (tk *Token) ImportCertificate(cert *x509.Certificate, labelBase string) error

func (*Token) ListKeys ¶

func (tok *Token) ListKeys(opts token.ListOptions) error

func (*Token) Ping ¶

func (tok *Token) Ping() error