From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Mon, 09 Aug 2021 10:07:19 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mD0Jb-00038W-I5 for lore@lore.pengutronix.de; Mon, 09 Aug 2021 10:07:19 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mD0Ja-0006TQ-NB; Mon, 09 Aug 2021 10:07:18 +0200 Received: from dude.hi.pengutronix.de ([2001:67c:670:100:1d::7]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mD0Ia-00065c-9m; Mon, 09 Aug 2021 10:06:16 +0200 Received: from rhi by dude.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1mD0IZ-0006Af-RM; Mon, 09 Aug 2021 10:06:15 +0200 From: Roland Hieber To: ptxdist@pengutronix.de Date: Mon, 9 Aug 2021 10:06:06 +0200 Message-Id: <20210809080608.23475-3-rhi@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210809080608.23475-1-rhi@pengutronix.de> References: <20210809080608.23475-1-rhi@pengutronix.de> MIME-Version: 1.0 Mail-Followup-To: Roland Hieber , ptxdist@pengutronix.de Subject: [ptxdist] [PATCH v2 3/5] ptxd_lib_code_signing: refactor hard-coded SoftHSM PIN in PKCS11 URIs X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Roland Hieber Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false We'll need this type of function more often later. Signed-off-by: Roland Hieber --- PATCH v2: no changes PATCH v1: https://lore.ptxdist.org/ptxdist/20210804142330.32739-3-rhi@pengutronix.de --- scripts/lib/ptxd_lib_code_signing.sh | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh index 5ba1a4666af4..66a2cab81395 100644 --- a/scripts/lib/ptxd_lib_code_signing.sh +++ b/scripts/lib/ptxd_lib_code_signing.sh @@ -49,6 +49,17 @@ softhsm_pkcs11_tool() { } export -f softhsm_pkcs11_tool +# +# softhsm_pkcs11_uri +# +# Add the SoftHSM PIN to the given URI. +# +softhsm_pkcs11_uri() { + local role="$1" + printf "pkcs11:token=%s;object=%s;pin-value=1111\n" "${keyprovider}" "${role}" +} +export -f softhsm_pkcs11_uri + # # cs_init_variables # @@ -95,7 +106,8 @@ cs_define_role() { mkdir -p "${keydir}/${role}" && # default for SoftHSM - cs_set_uri "${role}" "pkcs11:token=${keyprovider};object=${role};pin-value=1111" + local uri=$(softhsm_pkcs11_uri "${role}") + cs_set_uri "${role}" "${uri}" } export -f cs_define_role -- 2.30.2 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de