blob: a5e4cea4b40c1e5efcfea978522e587108712e88 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
# p11p is a PKCS #11 proxy
## Install dependencies
### p11-kit
$ git clone https://github.com/p11-glue/p11-kit && cd p11-kit
$ sh autogen.sh && ./configure
$ make
$ sudo make install
Tested with commit 787888e1 (2019-06-19).
## Compile
If you don't have rebar3 installed, install it. See
https://www.rebar3.org/docs/ .
If you don't have rebar3 in PATH, add it. Example:
$ export PATH=$PATH:~/.cache/rebar3/bin
Compile:
$ make
## Configure
For now, see config/sys.config.
## Run
To start an Erlang shell running the p11p application:
$ make shell
Quite by typing in "q()." in the shell.
To start a "release", running in the background logging to files under
_build/default/rel/p11p/log:
$ make start
To stop it again:
$ make stop
A socket per configured token, /run/user/$EUID/p11p/$TOKEN-$PID, can
now be used by a client. Example:
$ P11_KIT_SERVER_ADDRESS=unix:path=/run/user/1000/p11p/vtoken0-26585 P11_KIT_DEBUG=none p11tool --provider /usr/lib/pkcs11/p11-kit-client.so --list-tokens
Token 0:
URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=b4a861d362dbd386;token=mytoken
Label: mytoken
Type: Generic token
Manufacturer: SoftHSM project
Model: SoftHSM v2
Serial: b4a861d362dbd386
Module: (null)
## Known bugs and limitations
- Multiple p11 applications using the same vtoken in a given
p11p-daemon will result in undefined behaviour. We should either
make this work, or prohibit it by rejecting a second user of the
same vtoken.
|
