Add upx for all binaries

Author: ryarnyah

.github/workflows/go-release.yml

@@ -24,13 +24,19 @@ jobs:
           curl -o protoc.zip -L 'https://github.com/protocolbuffers/protobuf/releases/download/v27.0/protoc-27.0-linux-x86_64.zip'
           unzip protoc.zip
           popd
+          mkdir -p $HOME/upx && pushd $HOME/upx
+          curl -o upx.tar.xz -L 'https://github.com/upx/upx/releases/download/v4.2.4/upx-4.2.4-amd64_linux.tar.xz'
+          tar xJf upx.tar.xz
+          cp upx-*/upx .
+          popd
       - name: Build
         run: |
-          export PATH=$HOME/.local/bin:$HOME/protobuf/bin:$PATH
+          export PATH=$HOME/.local/bin:$HOME/protobuf/bin:$HOME/upx:$PATH
           make dev-dependencies
           make
+          chmod +x pkcs11-proxy* && find . -maxdepth 1 -type f -name "pkcs11-proxy-*" -exec sh -c 'upx --best -o s$(basename {}) {}' \;
       - uses: softprops/action-gh-release@v2
         with:
-          files: "pkcs11-proxy-*"
+          files: "*pkcs11-proxy-*"
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -3,6 +3,7 @@ pkcs11-proxy-module.dll
 pkcs11-proxy-module.h
 pkcs11-proxy-server
 pkcs11-proxy-server.exe
+spkcs11-proxy*
 *.crt
 *.key
 *.csr

Makefile

@@ -2,7 +2,7 @@
 all: pkcs11-proxy-module.so pkcs11-proxy-module.dll pkcs11-proxy-server pkcs11-proxy-server.exe
 
 clean:
-	rm -f *.so *.dll pkcs11-proxy-module.*
+	rm -f *.so *.dll pkcs11-proxy-server* spkcs11-proxy-server*
 
 .PHONY: pkcs11-proxy-server
 pkcs11-proxy-server: protoc

README.md

@@ -2,6 +2,8 @@
 
 Can be used to make a bridge with PKCS#11 windows-only module to use it on linux.
 
+(Info) You can get small binaries compressed with UPX (prefixed by 's' in releases).
+
 ## Usage
 ### Generate certs
 ```bash
@@ -38,6 +40,62 @@ p11tool --provider=$(pwd)/pkcs11-proxy-module.so --generate-random=256
 p11tool --provider=$(pwd)/pkcs11-proxy-module.so --list-mechanisms
 ```
 
+### Example usage
+```bash
+# Install softhsm2
+sudo apt-get update
+sudo apt-get install -y softhsm2 gnutls-bin curl
+# Initialize softhsm2 token
+mkdir -p $HOME/.local/softhsm2/tokens
+cat > $HOME/.softhsm2.conf <<EOF
+# SoftHSM v2 configuration file
+
+directories.tokendir = $HOME/.local/softhsm2/tokens/
+objectstore.backend = file
+
+# ERROR, WARNING, INFO, DEBUG
+log.level = ERROR
+
+# If CKF_REMOVABLE_DEVICE flag should be set
+slots.removable = false
+
+# Enable and disable PKCS#11 mechanisms using slots.mechanisms.
+slots.mechanisms = ALL
+
+# If the library should reset the state on fork
+library.reset_on_fork = false
+EOF
+softhsm2-util --init-token --slot 0 --label "My token 1" --pin 1234 --so-pin 1234
+export SOFTHSM2_CONF=$HOME/.softhsm2.conf
+# Install server
+curl -LO https://github.com/ryarnyah/pkcs11-go-proxy/releases/latest/download/spkcs11-proxy-server
+chmod +x pkcs11-proxy-server
+
+# Install client
+curl -LO https://github.com/ryarnyah/pkcs11-go-proxy/releases/latest/download/spkcs11-proxy-module.so
+
+# Generate tls keys
+curl -LO https://github.com/ryarnyah/pkcs11-go-proxy/raw/main/generate-keys.sh
+chmod +x generate-keys.sh
+./generate-keys.sh
+
+# Launch server
+export PKCS11_PROXY_ALLOWED_MODULES="/usr/lib/softhsm/libsofthsm2.so"
+export PKCS11_PROXY_URI="localhost:8080"
+export PKCS11_PROXY_CACERT=$(pwd)/ca.crt
+export PKCS11_PROXY_KEY=$(pwd)/server.key
+export PKCS11_PROXY_CERT=$(pwd)/server.crt
+./pkcs11-proxy-server &
+
+# Test client
+export PKCS11_PROXY_URI="localhost:8080"
+export PKCS11_PROXY_CACERT=$(pwd)/ca.crt
+export PKCS11_PROXY_KEY=$(pwd)/client.key
+export PKCS11_PROXY_CERT=$(pwd)/client.crt
+export PKCS11_MODULE="/usr/lib/softhsm/libsofthsm2.so"
+p11tool --provider=$(pwd)/spkcs11-proxy-module.so --list-mechanisms
+```
+
 ## Build
 ```bash
 sudo apt-get update && sudo apt-get install gcc-multilib curl unzip gcc gcc-mingw-w64 -y