From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Wed, 08 Sep 2021 13:27:43 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mNvjy-0002e2-WA for lore@lore.pengutronix.de; Wed, 08 Sep 2021 13:27:43 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mNvjy-00013o-Gq; Wed, 08 Sep 2021 13:27:42 +0200 Received: from ptx.hi.pengutronix.de ([2001:67c:670:100:1d::c0]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mNvjT-00013g-RB for ptxdist@pengutronix.de; Wed, 08 Sep 2021 13:27:11 +0200 Received: from rhi by ptx.hi.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1mNvjT-0001qg-IR for ptxdist@pengutronix.de; Wed, 08 Sep 2021 13:27:11 +0200 Date: Wed, 8 Sep 2021 13:27:11 +0200 From: Roland Hieber To: ptxdist@pengutronix.de Message-ID: <20210908112711.jq7m547swsksvhu7@pengutronix.de> References: <20210809080608.23475-1-rhi@pengutronix.de> <20210809080608.23475-3-rhi@pengutronix.de> <20210903124646.GA4027748@pengutronix.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20210903124646.GA4027748@pengutronix.de> User-Agent: NeoMutt/20180716 Subject: Re: [ptxdist] [PATCH v2 3/5] ptxd_lib_code_signing: refactor hard-coded SoftHSM PIN in PKCS11 URIs X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false On Fri, Sep 03, 2021 at 02:46:46PM +0200, Michael Olbrich wrote: > On Mon, Aug 09, 2021 at 10:06:06AM +0200, Roland Hieber wrote: > > We'll need this type of function more often later. > > I don't see another user of this function in the rest of the series. Huh yes. I think I used it multiple times in a previous version of the series. I think this patch can be dropped. > > > > > Signed-off-by: Roland Hieber > > --- > > PATCH v2: no changes > > > > PATCH v1: https://lore.ptxdist.org/ptxdist/20210804142330.32739-3-rhi@pengutronix.de > > --- > > scripts/lib/ptxd_lib_code_signing.sh | 14 +++++++++++++- > > 1 file changed, 13 insertions(+), 1 deletion(-) > > > > diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh > > index 5ba1a4666af4..66a2cab81395 100644 > > --- a/scripts/lib/ptxd_lib_code_signing.sh > > +++ b/scripts/lib/ptxd_lib_code_signing.sh > > @@ -49,6 +49,17 @@ softhsm_pkcs11_tool() { > > } > > export -f softhsm_pkcs11_tool > > > > +# > > +# softhsm_pkcs11_uri > > +# > > +# Add the SoftHSM PIN to the given URI. > > +# > > +softhsm_pkcs11_uri() { > > + local role="$1" > > Why is 'role' passed as argument and 'keyprovider' is not? > > > + printf "pkcs11:token=%s;object=%s;pin-value=1111\n" "${keyprovider}" "${role}" > > Why not just: > > echo "pkcs11:token=${keyprovider};object=${role};pin-value=1111" Force of habit from using C and Python. And depending on the actual echo implementation (POSIX sh, bash, or /bin/echo), there are different behaviours regarding things like printing a literal -e, or interpolation of \r, \t etc., and I've never encountered this with printf. So I usually use printf instead of echo. - Roland > > +} > > +export -f softhsm_pkcs11_uri > > + > > # > > # cs_init_variables > > # > > @@ -95,7 +106,8 @@ cs_define_role() { > > > > mkdir -p "${keydir}/${role}" && > > # default for SoftHSM > > - cs_set_uri "${role}" "pkcs11:token=${keyprovider};object=${role};pin-value=1111" > > + local uri=$(softhsm_pkcs11_uri "${role}") > > Why the extra local variable? > Michael > > > + cs_set_uri "${role}" "${uri}" > > } > > export -f cs_define_role > > > > -- > > 2.30.2 -- Roland Hieber, Pengutronix e.K. | r.hieber@pengutronix.de | Steuerwalder Str. 21 | https://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de