Skip to content

Commit

Permalink
wip: try to use pkcs11
Browse files Browse the repository at this point in the history
  • Loading branch information
@edouardparis
edouardparis committed Jan 15, 2025
1 parent ba01c78 commit 321cb73
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 5 deletions.
14 changes: 14 additions & 0 deletions contrib/release/openssl-pkcs11.cnf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# openssl-pkcs11.cnf
openssl_conf = openssl_init

[openssl_init]
engines = engine_section

[engine_section]
pkcs11 = pkcs11_section

[pkcs11_section]
engine_id = pkcs11
dynamic_path = /nix/store/drl8sclg3kyanl2fpya48b0l8kgznr5m-libp11-0.4.12/lib/engines/pkcs11.so
MODULE_PATH = /nix/store/cr9w0d4gvcqfb3ri4pvm48n5ig8aidiz-opensc-0.26.0/lib/opensc-pkcs11.so
INIT = 0
8 changes: 4 additions & 4 deletions flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

13 changes: 12 additions & 1 deletion flake.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
description = "Dev shell to help contributing to liana";

inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
flake-utils.url = "github:numtide/flake-utils";
crane.url = "github:ipetkov/crane";
fenix = {
Expand Down Expand Up @@ -168,7 +168,18 @@
pkgs.gnutar
pkgs.dpkg
pkgs.rcodesign
pkgs.opensc # Provides pkcs11 tools and module (opensc-pkcs11.so)
pkgs.pcsclite # Smartcard support
pkgs.osslsigncode # For signing Windows executables
pkgs.openssl # To have the PKCS#11 engine available (lib/engines)
pkgs.libp11
];

shellHook = ''
export OPENSSL_CONF=${toString ./contrib/release/openssl-pkcs11.cnf}
echo "OPENSSL_CONF is set to ${toString ./contrib/release/openssl-pkcs11.cnf}"
echo "PKCS#11 environment ready."
'';
};

in {
Expand Down

0 comments on commit 321cb73

Please sign in to comment.