SoftHSM v2: https://github.com/opendnssec/SoftHSMv2
PKCS11 Proxy + TLS: https://github.com/SUNET/pkcs11-proxy
PKCS11 Golang lib: github.com/miekg/pkcs11
crypto/signer PKCS11-based Golang lib: github.com/ThalesIgnite/crypto11
psk=$(openssl rand -base64 18 | xxd -p)
echo "test:$psk" > test.psk
docker build -f softhsm-v2.Dockerfile -t softhsmv2 .
docker build -f pkcs11-client.Dockerfile -t pkcs11-client .
docker run -it -p 5657:5657 --name hsm softhsmv2
docker run -it --link=hsm:hsm pkcs11-client bash
./pkcs11-go-client -module=/usr/local/lib/libpkcs11-proxy.so -pin=1234
./crypto11-go-client -module /usr/local/lib/libpkcs11-proxy.so -token-label=lamassuHSM -pin=1234
pkcs11-tool --module=/usr/local/lib/libpkcs11-proxy.so -L