gen-key

command

v0.0.0-...-d6a33d1 Latest Latest Go to latest Published: Jan 19, 2018 License: MPL-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bouk/boulder

Links

Open Source Insights

Documentation ¶

Overview ¶

gen-key is a tool for generating RSA or ECDSA keys on a HSM using PKCS#11. After generating the key pair it attempts to extract and construct the public key and verifies a test message that was signed using the generated private key. Any action it takes should be thoroughly logged and documented.

When generating a key this tool follows the following steps:

Constructs templates for the private and public keys consisting of the appropriate PKCS#11 attributes.
Executes a PKCS#11 GenerateKeyPair operation with the constructed templates and either CKM_RSA_PKCS_KEY_PAIR_GEN or CKM_EC_KEY_PAIR_GEN (or CKM_ECDSA_KEY_PAIR_GEN for pre-PKCS#11 v2.11 devices).
Extracts the public key components from the returned public key object handle and construct a Golang public key object from them.
Generates 4 bytes of random data from the HSM using a PKCS#11 GenerateRandom operation.
Signs the random data with the private key object handle using a PKCS#11 SignInit/Sign operation.
Verifies the returned signature of the random data with the constructed public key.
Marshals the public key into a PEM public key object and print it to STDOUT.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL