From 4e6f52333f1b2fb29d01f54dffe68c75faddc3c5 Mon Sep 17 00:00:00 2001
From: Casper Gielen <cgielen@uvt.nl>
Date: Tue, 5 Apr 2011 09:27:42 +0200
Subject: [PATCH] doc: add USAGE file

Signed-off-by: Corentin Chary <corentin.chary@gmail.com>
---
 THANKS |  2 ++
 USAGE  | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 THANKS
 create mode 100644 USAGE

diff --git a/THANKS b/THANKS
new file mode 100644
index 0000000..dcf22ed
--- /dev/null
+++ b/THANKS
@@ -0,0 +1,2 @@
+Gnome Project - gnome keyring http://live.gnome.org/GnomeKeyring
+Casper Gielen <cgielen@uvt.nl> - documentation
\ No newline at end of file
diff --git a/USAGE b/USAGE
new file mode 100644
index 0000000..c1784c7
--- /dev/null
+++ b/USAGE
@@ -0,0 +1,32 @@
+PKCS11-Proxy is a proxy for the PKCS11-library.
+
+This project is based on a stripped down Gnome Keyring without all gnome
+dependencies and other features.
+
+The proxy tunnels PKCS11-requests over the network.  One possible use
+is to store cryptograhic information on a seperate server.  This way
+the crypto it can be isolated from the rest of the system.  Beware:
+the connection is not encrypted and can easily be sniffed.  You should
+use a secure communication-channel, for example stunnel.
+
+Here is an example of using pkcs11-proxy together with SoftHSM (from the
+OpenDNSSEC project).  The benefit of this setup is that no extra hardware
+is needed at all.  This could also be considered the greatest weakeness.
+For demonstration purposes, however, security is not a consideration.
+
+$ sudo adduser cgielen pkcs11
+$ sudo adduser cgielen softhsm
+
+$ softhsm --init-token --slot 0 --label test
+The SO PIN must have a length between 4 and 255 characters.
+Enter SO PIN:
+The user PIN must have a length between 4 and 255 characters.
+Enter user PIN:
+The token has been initialized.
+
+$ PKCS11_DAEMON_SOCKET="tcp://127.0.0.1:2345" pkcs11-daemon /usr/lib/libsofthsm.so
+$ PKCS11_PROXY_SOCKET="tcp://127.0.0.1:2345" pkcs11-tool --module=/usr/lib/libpkcs11-proxy.so -L Available
+slots: Slot 0           SoftHSM
+  token label:   test token manuf:   SoftHSM token model:   SoftHSM
+  token flags:   rng, login required, PIN initialized, token initialized,
+  other flags=0x40 serial num  :  1
-- 
GitLab