From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Wed, 23 Jun 2021 07:08:50 +0200
Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33])
	by lore.white.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1lvv86-00051l-CU
	for lore@lore.pengutronix.de; Wed, 23 Jun 2021 07:08:50 +0200
Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de)
	by metis.ext.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1lvv85-0005hL-Te; Wed, 23 Jun 2021 07:08:49 +0200
Received: from enterprise01.smtp.diehl.com ([193.201.238.219])
 by metis.ext.pengutronix.de with esmtps
 (TLS1.2:DHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <prvs=801edff85=denis.osterland@diehl.com>)
 id 1lvv7T-0005h0-Jb; Wed, 23 Jun 2021 07:08:12 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=diehl.com; i=@diehl.com; q=dns/txt; s=default;
 t=1624424891; x=1655960891;
 h=from:to:subject:date:message-id:references:in-reply-to:
 content-id:content-transfer-encoding:mime-version;
 bh=8KzO/T/dEGmvkPBBgxvyHO3HVhOXulykyMahDUGWOiI=;
 b=ZCzKHhh7rhCRjqioguzvjT6i8YOrC2e+wv6iYpRgYvGoja4Ftje/0+ty
 ApTan3nVYqu9/IDMrxRF+XDRWX0x3VqKSmU9Tp3rqyOHCGdehjkmHlZ4J
 G9T2XDPD7GjTOEXp06JLdE3JaU07dGxT3nyX42H11/mHt4uy7V91E3lJu
 i5tlQsj2VGUdyUK/YZaUEN/8zcc0ZsMzyitqeszy8qvrK9s68kkXmIAnb
 /Hau5hm14zR5jnwhZZ78gM5z9ATWfPO9ZsiYRbX0lUpSfQUtIYIJeWJxk
 ftF+Rw7TQI1kRKNQk9z4nMnSCjJxGN312FVniKWFsU6ujPeCvIN6qZzu8 g==;
IronPort-SDR: 8BM96JpL/BkCuaEWVCDseuj9L7go/8Fs8CaLz8TZw/moANvKRPIuo4FsL78cGB/8qjkrc7ukBD
 4yQaPK1BgQh275PjlQI/tycA+l1BsUyLySnu3UQIuw+rnhN5FPveWj6xTSMP3dR8Ik/O8414fe
 1/mH7cpNrsb6zIgeIYXknL0urrXh76n2JXZSEyOBtLnCh3ZKwjOw4sXiK/qb1HaOOjSQvt3nnu
 3jtFghfl3Jg1DwsBJgyW5wJCJghXPA7FvultEkzOGuR2wLDh1kUGplDlJdts/mBJ+5AD7tG2cw
 sME=
IronPort-HdrOrdr: A9a23:Y3QJd62pgFlhAtHy0IrRhwqjBKskLtp133Aq2lEZdPU1SL36qy
 nKpp8mPHDP5Qr5NEtLpTn4Asi9qBDnlaKdn7N/AV7KZmCPhILCFu1fBOXZrQHdJw==
X-IronPort-AV: E=Sophos;i="5.83,293,1616454000"; d="scan'208";a="11769238"
From: Denis Osterland-Heim <denis.osterland@diehl.com>
To: "ptxdist@pengutronix.de" <ptxdist@pengutronix.de>, "mkl@pengutronix.de"
 <mkl@pengutronix.de>
Thread-Topic: [ptxdist] allow network access to HSM in order to sign
Thread-Index: AQHXZtoLc9TqAIgIikaFVb2aKEt5+qsfUQ0AgACOIQCAAQ0ZAA==
Date: Wed, 23 Jun 2021 05:08:09 +0000
Message-ID: <d39756b9b6cb79845fa9bc041cead0a81e73c343.camel@diehl.com>
References: <20210621201347.ewjj47rlzi2cqolh@pengutronix.de>
 <b60d7d8c3041662b0b73b552151972657bca0820.camel@diehl.com>
 <d26d6a31-a074-a6a3-bbdf-42d01bf9a583@pengutronix.de>
In-Reply-To: <d26d6a31-a074-a6a3-bbdf-42d01bf9a583@pengutronix.de>
Accept-Language: de-DE, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2 
x-ms-exchange-messagesentrepresentingtype: 1
x-disclaimerprocessed: True
Content-ID: <07880411CD5BFE4CA7E1A1EF95B59186@diehl.internal>
MIME-Version: 1.0
X-GBS-PROC: 5x5xXKsZ7k4sJw6jWwvS4naRArMuNh/KwIB3EzWwTvVnMPhK8GYodGN/70Qokc5s
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 metis.ext.pengutronix.de
X-Spam-Level: 
X-Spam-Status: No, score=-105.6 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
 RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS,
 USER_IN_WELCOMELIST,USER_IN_WHITELIST autolearn=ham autolearn_force=no
 version=3.4.2
Subject: Re: [ptxdist] allow network access to HSM in order to sign
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false

SGksDQoNCkFtIERpZW5zdGFnLCBkZW4gMjIuMDYuMjAyMSwgMTU6MDUgKzAyMDAgc2NocmllYiBN
YXJjIEtsZWluZS1CdWRkZToNCj4gT24gNi8yMi8yMSA2OjM2IEFNLCBEZW5pcyBPc3RlcmxhbmQt
SGVpbSB3cm90ZToNCj4gPiBQbGVhc2UgaGF2ZSBhIGxvb2sgYXQgaHR0cHM6Ly9naXQucGVuZ3V0
cm9uaXguZGUvY2dpdC9wdHhkaXN0L2NvbW1pdC8/aWQ9NGIzYmU4MjI1ZjM4OWM3ZGIwZTJkNjY1
ZThlNjAwY2IyY2Y1MmI5MSAuDQo+ID4gVGhpcyBzaG91bGQgYW5zd2VyIHlvdXIgcXVlc3Rpb24u
DQo+DQo+IFRoYW5rcy4NCllvdSdyZSB3ZWxjb21lLg0KDQo+DQo+IEhvd2V2ZXIgdGhhdCBkb2Vz
bid0IHdvcmssIGFzIHRoZSBwcm9wcmlldGFyeSBJJ20gdXNpbmcgcmVmdXNlcyB0byB3b3JrIHdp
dGgNCj4gaHR0cHNfcHJveHk9IiIgYW5kIEkgZG9uJ3Qgd2FudCB0byBhZGQgbW9yZSBiaW5hcnkg
cGF0Y2hlcyB0byB0aGUgbGliLg0KOi0vDQoNCk1heWJlIGl0IHdvdWxkIGJlIGFuIG9wdGlvbiB0
byBhZGQgYSBjb25maWd1cmF0aW9uIHN3aXRjaCB0byBkaXNhYmxlIHRoaXMgYmVoYXZpb3IuDQpT
byB5b3VyIGNvZGUtc2lnbmluZy1wcm92aWRlciBtYXkgc2VsZWN0IHRoaXMuDQoNCi0tLSBhL3Nj
cmlwdHMvbGliL3B0eGRfbWFrZV93b3JsZF9jb21tb24uc2gNCisrKyBiL3NjcmlwdHMvbGliL3B0
eGRfbWFrZV93b3JsZF9jb21tb24uc2gNCkBAIC0zOTcsNyArMzk3LDcgQEAgcHR4ZF9tYWtlX3dv
cmxkX2luaXQoKSB7DQogICAgICMNCiAgICAgIyB0cnkgdG8gcHJldmVudCBkb3dubG9hZHMgb3V0
c2lkZSB0aGUgZ2V0IHN0YWdlDQogICAgICMNCi0gICAgaWYgWyAiJHtwa2dfc3RhZ2V9IiAhPSAi
Z2V0IiBdOyB0aGVuDQorICAgIGlmIFsgIiR7cGtnX3N0YWdlfSIgIT0gImdldCIgXSAmJiBbIC16
ICIke1BUWENPTkZfRElTQUJMRV9ET1dOTE9BRF9DSEVDS30iIF07IHRoZW4NCiAgICAgICAgcGtn
X2Vudj0iSFRUUFNfUFJPWFk9LSBIVFRQX1BST1hZPS0gaHR0cHNfcHJveHk9LSBodHRwX3Byb3h5
PS0gJHtwa2dfZW52fSINCiAgICAgZmkNCg0KTm90IHN1cmUgaWYgdGhpcyBpcyByZWFsbHkgd29y
a3MuDQoNClJlZ2FyZHMsIERlbmlzDQoNCj4NCj4gcmVnYXJkcywNCj4gTWFyYw0KPg0KRGllaGwg
Q29ubmVjdGl2aXR5IFNvbHV0aW9ucyBHbWJIDQpHZXNjaMOkZnRzZsO8aHJ1bmc6IEhvcnN0IExl
b25iZXJnZXINClNpdHogZGVyIEdlc2VsbHNjaGFmdDogTsO8cm5iZXJnIC0gUmVnaXN0ZXJnZXJp
Y2h0OiBBbXRzZ2VyaWNodA0KTsO8cm5iZXJnOiBIUkIgMzIzMTUNCg0KX19fX19fX19fX19fX19f
X19fX19fX19fX19fX19fX18NCg0KRGVyIEluaGFsdCBkZXIgdm9yc3RlaGVuZGVuIEUtTWFpbCBp
c3QgbmljaHQgcmVjaHRsaWNoIGJpbmRlbmQuIERpZXNlIEUtTWFpbCBlbnRoYWVsdCB2ZXJ0cmF1
bGljaGUgdW5kL29kZXIgcmVjaHRsaWNoIGdlc2NodWV0enRlIEluZm9ybWF0aW9uZW4uDQpJbmZv
cm1pZXJlbiBTaWUgdW5zIGJpdHRlLCB3ZW5uIFNpZSBkaWVzZSBFLU1haWwgZmFlbHNjaGxpY2hl
cndlaXNlIGVyaGFsdGVuIGhhYmVuLiBCaXR0ZSBsb2VzY2hlbiBTaWUgaW4gZGllc2VtIEZhbGwg
ZGllIE5hY2hyaWNodC4NCkplZGUgdW5lcmxhdWJ0ZSBGb3JtIGRlciBSZXByb2R1a3Rpb24sIEJl
a2FubnRnYWJlLCBBZW5kZXJ1bmcsIFZlcnRlaWx1bmcgdW5kL29kZXIgUHVibGlrYXRpb24gZGll
c2VyIEUtTWFpbCBpc3Qgc3RyZW5nc3RlbnMgdW50ZXJzYWd0Lg0KDQotIEluZm9ybWF0aW9uZW4g
enVtIERhdGVuc2NodXR6LCBpbnNiZXNvbmRlcmUgenUgSWhyZW4gUmVjaHRlbiwgZXJoYWx0ZW4g
U2llIHVudGVyOg0KDQpodHRwczovL3d3dy5kaWVobC5jb20vZ3JvdXAvZGUvdHJhbnNwYXJlbnot
dW5kLWluZm9ybWF0aW9uc3BmbGljaHRlbi8NCg0KVGhlIGNvbnRlbnRzIG9mIHRoZSBhYm92ZSBt
ZW50aW9uZWQgZS1tYWlsIGlzIG5vdCBsZWdhbGx5IGJpbmRpbmcuIFRoaXMgZS1tYWlsIGNvbnRh
aW5zIGNvbmZpZGVudGlhbCBhbmQvb3IgbGVnYWxseSBwcm90ZWN0ZWQgaW5mb3JtYXRpb24uIFBs
ZWFzZSBpbmZvcm0gdXMgaWYgeW91IGhhdmUgcmVjZWl2ZWQgdGhpcyBlLW1haWwgYnkNCm1pc3Rh
a2UgYW5kIGRlbGV0ZSBpdCBpbiBzdWNoIGEgY2FzZS4gRWFjaCB1bmF1dGhvcml6ZWQgcmVwcm9k
dWN0aW9uLCBkaXNjbG9zdXJlLCBhbHRlcmF0aW9uLCBkaXN0cmlidXRpb24gYW5kL29yIHB1Ymxp
Y2F0aW9uIG9mIHRoaXMgZS1tYWlsIGlzIHN0cmljdGx5IHByb2hpYml0ZWQuDQoNCi0gRm9yIGdl
bmVyYWwgaW5mb3JtYXRpb24gb24gZGF0YSBwcm90ZWN0aW9uIGFuZCB5b3VyIHJlc3BlY3RpdmUg
cmlnaHRzIHBsZWFzZSB2aXNpdDoNCg0KaHR0cHM6Ly93d3cuZGllaGwuY29tL2dyb3VwL2VuL3Ry
YW5zcGFyZW5jeS1hbmQtaW5mb3JtYXRpb24tb2JsaWdhdGlvbnMvDQoNCg0KX19fX19fX19fX19f
X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KcHR4ZGlzdCBtYWlsaW5nIGxpc3QK
cHR4ZGlzdEBwZW5ndXRyb25peC5kZQpUbyB1bnN1YnNjcmliZSwgc2VuZCBhIG1haWwgd2l0aCBz
dWJqZWN0ICJ1bnN1YnNjcmliZSIgdG8gcHR4ZGlzdC1yZXF1ZXN0QHBlbmd1dHJvbml4LmRlCg==