From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Wed, 08 Sep 2021 16:02:06 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mNy9O-0007X8-Gb for lore@lore.pengutronix.de; Wed, 08 Sep 2021 16:02:06 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mNy9O-0004zA-85; Wed, 08 Sep 2021 16:02:06 +0200 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mNy99-0004qp-VT; Wed, 08 Sep 2021 16:01:52 +0200 Received: from [2a0a:edc0:0:1101:1d::39] (helo=dude03.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1mNy99-0004Yy-AU; Wed, 08 Sep 2021 16:01:51 +0200 Received: from mol by dude03.red.stw.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1mNy99-00FVKt-9j; Wed, 08 Sep 2021 16:01:51 +0200 Date: Wed, 8 Sep 2021 16:01:51 +0200 From: Michael Olbrich To: Roland Hieber Message-ID: <20210908140151.GP4027748@pengutronix.de> Mail-Followup-To: Roland Hieber , ptxdist@pengutronix.de References: <20210809080608.23475-1-rhi@pengutronix.de> <20210809080608.23475-3-rhi@pengutronix.de> <20210903124646.GA4027748@pengutronix.de> <20210908112711.jq7m547swsksvhu7@pengutronix.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20210908112711.jq7m547swsksvhu7@pengutronix.de> X-Sent-From: Pengutronix Hildesheim X-URL: http://www.pengutronix.de/ X-IRC: #ptxdist @freenode X-Accept-Language: de,en X-Accept-Content-Type: text/plain User-Agent: Mutt/1.10.1 (2018-07-13) Subject: Re: [ptxdist] [PATCH v2 3/5] ptxd_lib_code_signing: refactor hard-coded SoftHSM PIN in PKCS11 URIs X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: ptxdist@pengutronix.de Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false On Wed, Sep 08, 2021 at 01:27:11PM +0200, Roland Hieber wrote: > On Fri, Sep 03, 2021 at 02:46:46PM +0200, Michael Olbrich wrote: > > On Mon, Aug 09, 2021 at 10:06:06AM +0200, Roland Hieber wrote: > > > We'll need this type of function more often later. > > > > I don't see another user of this function in the rest of the series. > > Huh yes. I think I used it multiple times in a previous version of the > series. I think this patch can be dropped. > > > > > > > > > Signed-off-by: Roland Hieber > > > --- > > > PATCH v2: no changes > > > > > > PATCH v1: https://lore.ptxdist.org/ptxdist/20210804142330.32739-3-rhi@pengutronix.de > > > --- > > > scripts/lib/ptxd_lib_code_signing.sh | 14 +++++++++++++- > > > 1 file changed, 13 insertions(+), 1 deletion(-) > > > > > > diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh > > > index 5ba1a4666af4..66a2cab81395 100644 > > > --- a/scripts/lib/ptxd_lib_code_signing.sh > > > +++ b/scripts/lib/ptxd_lib_code_signing.sh > > > @@ -49,6 +49,17 @@ softhsm_pkcs11_tool() { > > > } > > > export -f softhsm_pkcs11_tool > > > > > > +# > > > +# softhsm_pkcs11_uri > > > +# > > > +# Add the SoftHSM PIN to the given URI. > > > +# > > > +softhsm_pkcs11_uri() { > > > + local role="$1" > > > > Why is 'role' passed as argument and 'keyprovider' is not? > > > > > + printf "pkcs11:token=%s;object=%s;pin-value=1111\n" "${keyprovider}" "${role}" > > > > Why not just: > > > > echo "pkcs11:token=${keyprovider};object=${role};pin-value=1111" > > Force of habit from using C and Python. And depending on the actual echo > implementation (POSIX sh, bash, or /bin/echo), there are different > behaviours regarding things like printing a literal -e, or interpolation > of \r, \t etc., and I've never encountered this with printf. So I > usually use printf instead of echo. In ptxdist, the shell is always bash and we use 'echo' everywhere else, so I prefer it here as well. Michael > > > +} > > > +export -f softhsm_pkcs11_uri > > > + > > > # > > > # cs_init_variables > > > # > > > @@ -95,7 +106,8 @@ cs_define_role() { > > > > > > mkdir -p "${keydir}/${role}" && > > > # default for SoftHSM > > > - cs_set_uri "${role}" "pkcs11:token=${keyprovider};object=${role};pin-value=1111" > > > + local uri=$(softhsm_pkcs11_uri "${role}") > > > > Why the extra local variable? > > Michael > > > > > + cs_set_uri "${role}" "${uri}" > > > } > > > export -f cs_define_role > > > > > > -- > > > 2.30.2 > > -- > Roland Hieber, Pengutronix e.K. | r.hieber@pengutronix.de | > Steuerwalder Str. 21 | https://www.pengutronix.de/ | > 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | > Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | > > _______________________________________________ > ptxdist mailing list > ptxdist@pengutronix.de > To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-request@pengutronix.de