From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Fri, 03 Sep 2021 14:47:21 +0200
Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33])
	by lore.white.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1mM8bJ-00077v-OI
	for lore@lore.pengutronix.de; Fri, 03 Sep 2021 14:47:21 +0200
Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de)
	by metis.ext.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1mM8bJ-0005UE-C8; Fri, 03 Sep 2021 14:47:21 +0200
Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2])
 by metis.ext.pengutronix.de with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <mol@pengutronix.de>)
 id 1mM8al-0005U0-1z; Fri, 03 Sep 2021 14:46:47 +0200
Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de)
 by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.92)
 (envelope-from <mol@pengutronix.de>)
 id 1mM8ak-0008J0-IF; Fri, 03 Sep 2021 14:46:46 +0200
Received: from mol by dude03.red.stw.pengutronix.de with local (Exim 4.92)
 (envelope-from <mol@pengutronix.de>)
 id 1mM8ak-00Gv7f-Hg; Fri, 03 Sep 2021 14:46:46 +0200
Date: Fri, 3 Sep 2021 14:46:46 +0200
From: Michael Olbrich <m.olbrich@pengutronix.de>
To: Roland Hieber <rhi@pengutronix.de>, ptxdist@pengutronix.de
Message-ID: <20210903124646.GA4027748@pengutronix.de>
Mail-Followup-To: Roland Hieber <rhi@pengutronix.de>,
	ptxdist@pengutronix.de
References: <20210809080608.23475-1-rhi@pengutronix.de>
 <20210809080608.23475-3-rhi@pengutronix.de>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20210809080608.23475-3-rhi@pengutronix.de>
X-Sent-From: Pengutronix Hildesheim
X-URL: http://www.pengutronix.de/
X-IRC: #ptxdist @freenode
X-Accept-Language: de,en
X-Accept-Content-Type: text/plain
User-Agent: Mutt/1.10.1 (2018-07-13)
Subject: Re: [ptxdist] [PATCH v2 3/5] ptxd_lib_code_signing: refactor
 hard-coded SoftHSM PIN in PKCS11 URIs
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false

On Mon, Aug 09, 2021 at 10:06:06AM +0200, Roland Hieber wrote:
> We'll need this type of function more often later.

I don't see another user of this function in the rest of the series.

> 
> Signed-off-by: Roland Hieber <rhi@pengutronix.de>
> ---
> PATCH v2: no changes
> 
> PATCH v1: https://lore.ptxdist.org/ptxdist/20210804142330.32739-3-rhi@pengutronix.de
> ---
>  scripts/lib/ptxd_lib_code_signing.sh | 14 +++++++++++++-
>  1 file changed, 13 insertions(+), 1 deletion(-)
> 
> diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh
> index 5ba1a4666af4..66a2cab81395 100644
> --- a/scripts/lib/ptxd_lib_code_signing.sh
> +++ b/scripts/lib/ptxd_lib_code_signing.sh
> @@ -49,6 +49,17 @@ softhsm_pkcs11_tool() {
>  }
>  export -f softhsm_pkcs11_tool
>  
> +#
> +# softhsm_pkcs11_uri <uri>
> +#
> +# Add the SoftHSM PIN to the given URI.
> +#
> +softhsm_pkcs11_uri() {
> +    local role="$1"

Why is 'role' passed as argument and 'keyprovider' is not?

> +    printf "pkcs11:token=%s;object=%s;pin-value=1111\n" "${keyprovider}" "${role}"

Why not just:

    echo "pkcs11:token=${keyprovider};object=${role};pin-value=1111"

> +}
> +export -f softhsm_pkcs11_uri
> +
>  #
>  # cs_init_variables
>  #
> @@ -95,7 +106,8 @@ cs_define_role() {
>  
>      mkdir -p "${keydir}/${role}" &&
>      # default for SoftHSM
> -    cs_set_uri "${role}" "pkcs11:token=${keyprovider};object=${role};pin-value=1111"
> +    local uri=$(softhsm_pkcs11_uri "${role}")

Why the extra local variable?

Michael

> +    cs_set_uri "${role}" "${uri}"
>  }
>  export -f cs_define_role
>  
> -- 
> 2.30.2
> 
> 
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
> To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de
To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de