github.com/mre-fog/trillianxx@v1.1.2-0.20180615153820-ae375a99d36a/cmd/createtree/pkcs11.go (about) 1 // +build pkcs11 2 3 // Copyright 2017 Google Inc. All Rights Reserved. 4 // 5 // Licensed under the Apache License, Version 2.0 (the "License"); 6 // you may not use this file except in compliance with the License. 7 // You may obtain a copy of the License at 8 // 9 // http://www.apache.org/licenses/LICENSE-2.0 10 // 11 // Unless required by applicable law or agreed to in writing, software 12 // distributed under the License is distributed on an "AS IS" BASIS, 13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 // See the License for the specific language governing permissions and 15 // limitations under the License. 16 17 package main 18 19 import ( 20 "encoding/json" 21 "errors" 22 "flag" 23 "fmt" 24 "io/ioutil" 25 26 "github.com/golang/protobuf/proto" 27 "github.com/google/trillian/cmd/createtree/keys" 28 "github.com/google/trillian/crypto/keyspb" 29 "github.com/letsencrypt/pkcs11key" 30 ) 31 32 var pkcs11ConfigPath = flag.String("pkcs11_config_path", "", "Path to the PKCS #11 key configuration file") 33 34 func init() { 35 keys.RegisterType("PKCS11ConfigFile", pkcs11ConfigProtoFromFlags) 36 } 37 38 func pkcs11ConfigProtoFromFlags() (proto.Message, error) { 39 if *pkcs11ConfigPath == "" { 40 return nil, errors.New("empty PKCS11 config file path") 41 } 42 43 configBytes, err := ioutil.ReadFile(*pkcs11ConfigPath) 44 if err != nil { 45 return nil, fmt.Errorf("error reading PKCS#11 config file: %v", err) 46 } 47 48 var config pkcs11key.Config 49 if err = json.Unmarshal(configBytes, &config); err != nil { 50 return nil, fmt.Errorf("error parsing PKCS#11 config file: %v", err) 51 } 52 53 pubKeyPEM, err := ioutil.ReadFile(config.PublicKeyPath) 54 if err != nil { 55 return nil, fmt.Errorf("error reading PKCS#11 public key file: %v", err) 56 } 57 58 return &keyspb.PKCS11Config{ 59 TokenLabel: config.TokenLabel, 60 Pin: config.PIN, 61 PublicKey: string(pubKeyPEM), 62 }, nil 63 }