From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 25 Jun 2021 13:55:12 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lwkQS-0004WU-Ll for lore@lore.pengutronix.de; Fri, 25 Jun 2021 13:55:12 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1lwkQS-0006YW-7K; Fri, 25 Jun 2021 13:55:12 +0200 Received: from enterprise01.smtp.diehl.com ([193.201.238.219]) by metis.ext.pengutronix.de with esmtps (TLS1.2:DHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lwkPo-0006YN-Jx for ptxdist@pengutronix.de; Fri, 25 Jun 2021 13:54:33 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=diehl.com; i=@diehl.com; q=dns/txt; s=default; t=1624622072; x=1656158072; h=from:to:subject:date:message-id:references:in-reply-to: content-id:content-transfer-encoding:mime-version; bh=wrFBMkvnQ28xOL2y07h10ZXXUXBJJikw4b2tyV1r+X8=; b=ZvESWOKMpTnJNCBedlUbryKAxOkHsQo3rHFAb+Qj0s3KS0IHKoTbeV+w PIC75oBY3HfYn4GWNJ7V0wHTFkXy8DHsT9GVs0FTAr6NMMDuP2Y7CRzIv 4pobCedxqF2uI6EZdDRQ6JzfStK9lH+qwMLLTvwpc9OzKgIToZ0a00de6 rUuA9NNyr4SV9VR+/hZ0VRNVlPM2OB2+Hdbiw2gerzfdRxKte+FW2y/qX e0WNC5b3ycQ2g816OuFWo9wNhixYCLL2SZtUvvLfsfFMYhe928re+q8Eq yFDT7kqgrJWcD8pwyAzHUnHtF+VhoQ0LOQnK9XgsCR6QdZENHf8fY/HCJ w==; IronPort-SDR: IwmXn3Yno1xxaGewJOxaNJrZuRD9MURlLls9yeNw2iyEFvo475eQ1fuNauuUKwAJugK3WlUejc d5Gsq96oYXM2yoyd5Vx+2O5dWtJ9zGEM7APNkSv2x9KnOF4LlbP/gDa02cHkBXjvK7XNttU8oT POPjCqT3u2Ni9rX5ryLQkfJ8YUfowRsDKPb5R8awpdWbLiiKcpPjHlb58V23sDqvkknzz72wPl gm363kO5J437qP+IB7VyG2YPvSNHBvXJJhH6O+runb2UwbC7M0w+IVrpI92ea6cluSejlxdiDW l+w= IronPort-HdrOrdr: A9a23:gAtE7Knv8aa1BWAX+aSSt7PF28/pDfLw3DAbv31ZSRFFG/Fw9v re58jzsCWetN9/Yh8dcLy7VZVoAkmskaKdmLNxAV76ZmnbUQiTXeNfBOnZskXd8kTFn4Y26U 4HSdkaNDSaNzdHZKjBjDVQXOxQp+VvXZrY49v23jNGdykvQadl9gJ4AgGQHglNQhVcD5ZRLu v+2iMCnUvYRUgq X-IronPort-AV: E=Sophos;i="5.83,298,1616454000"; d="scan'208";a="11950628" From: Denis Osterland-Heim To: "ptxdist@pengutronix.de" Thread-Topic: [ptxdist] allow network access to HSM in order to sign Thread-Index: AQHXZtoLc9TqAIgIikaFVb2aKEt5+qsfUQ0AgACOIQCAAQ0ZAIADcpQAgAAjnoA= Date: Fri, 25 Jun 2021 11:54:30 +0000 Message-ID: References: <20210621201347.ewjj47rlzi2cqolh@pengutronix.de> <20210625094700.GB4015839@pengutronix.de> In-Reply-To: <20210625094700.GB4015839@pengutronix.de> Accept-Language: de-DE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: Evolution 3.28.5-0ubuntu0.18.04.2 x-ms-exchange-messagesentrepresentingtype: 1 x-disclaimerprocessed: True Content-ID: MIME-Version: 1.0 X-GBS-PROC: 5x5xXKsZ7k4sJw6jWwvS4q1rUEOrp2taYoGRvBk2QcBN4sA7ngkctZYU+E7Y8pub X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-105.6 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_IN_WELCOMELIST,USER_IN_WHITELIST autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [ptxdist] allow network access to HSM in order to sign X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false SGksDQoNCmRpZmYgLS1naXQgYS9ydWxlcy9wcmUvMDEwLWNvZGUtc2lnbmluZy5tYWtlIGIvcnVs ZXMvcHJlLzAxMC1jb2RlLXNpZ25pbmcubWFrZQ0KaW5kZXggMzcwNTk1NjAwLi41NTdmNDkxM2Ug MTAwNjQ0DQotLS0gYS9ydWxlcy9wcmUvMDEwLWNvZGUtc2lnbmluZy5tYWtlDQorKysgYi9ydWxl cy9wcmUvMDEwLWNvZGUtc2lnbmluZy5tYWtlDQpAQCAtMTYsNiArMTYsNiBAQCBDT0RFX1NJR05J TkdfRU5WID0gXA0KICMgdG8gY29tbXVuaWNhdGUgd2l0aCBhIHNlcnZlciBpbiBhbiBvdGhlciBz dGFnZSB0aGFuIGdldA0KICMNCiBwdHgvb25saW5lLWNvZGUtc2lnbmluZy1wcm92aWRlciA9ICQo ZXZhbCBDT0RFX1NJR05JTkdfRU5WICs9IFwNCi0gICAgICAgSFRUUFNfUFJPWFk9IEhUVFBfUFJP WFk9IGh0dHBzX3Byb3h5PSBodHRwX3Byb3h5PSkNCisgICAgICAgcHR4ZF9hbGxvd19uZXR3b3Jr X2FjY2Vzcz1jb2RlLXNpZ25pbmcpDQoNCiAjIHZpbTogc3ludGF4PW1ha2UNCmRpZmYgLS1naXQg YS9zY3JpcHRzL2xpYi9wdHhkX21ha2Vfd29ybGRfY29tbW9uLnNoIGIvc2NyaXB0cy9saWIvcHR4 ZF9tYWtlX3dvcmxkX2NvbW1vbi5zaA0KaW5kZXggN2QxZGI2N2JmLi45MGQwOTc5MzEgMTAwNjQ0 DQotLS0gYS9zY3JpcHRzL2xpYi9wdHhkX21ha2Vfd29ybGRfY29tbW9uLnNoDQorKysgYi9zY3Jp cHRzL2xpYi9wdHhkX21ha2Vfd29ybGRfY29tbW9uLnNoDQpAQCAtMzk3LDcgKzM5Nyw3IEBAIHB0 eGRfbWFrZV93b3JsZF9pbml0KCkgew0KICAgICAjDQogICAgICMgdHJ5IHRvIHByZXZlbnQgZG93 bmxvYWRzIG91dHNpZGUgdGhlIGdldCBzdGFnZQ0KICAgICAjDQotICAgIGlmIFsgIiR7cGtnX3N0 YWdlfSIgIT0gImdldCIgXTsgdGhlbg0KKyAgICBpZiBbICIke3BrZ19zdGFnZX0iICE9ICJnZXQi IF0gJiYgISBncmVwIC1FcSAnXHNwdHhkX2FsbG93X25ldHdvcmtfYWNjZXNzPVxTKycgPDw8ICIk e3BrZ19lbnZ9IjsgdGhlbg0KICAgICAgICBwa2dfZW52PSJIVFRQU19QUk9YWT0tIEhUVFBfUFJP WFk9LSBodHRwc19wcm94eT0tIGh0dHBfcHJveHk9LSAke3BrZ19lbnZ9Ig0KICAgICBmaQ0KDQoN Ck1pZ2h0IGRvIGl0LCB3aXRob3V0IHRvdWNoaW5nIHRoZSBjb2RlLXNpZ25lciB1c2VyIGZpbGVz Lg0KDQpSZWdhcmRzLCBEZW5pcw0KDQpBbSBGcmVpdGFnLCBkZW4gMjUuMDYuMjAyMSwgMTE6NDcg KzAyMDAgc2NocmllYiBNaWNoYWVsIE9sYnJpY2g6DQo+IE9uIFdlZCwgSnVuIDIzLCAyMDIxIGF0 IDA1OjA4OjA5QU0gKzAwMDAsIERlbmlzIE9zdGVybGFuZC1IZWltIHdyb3RlOg0KPiA+IEFtIERp ZW5zdGFnLCBkZW4gMjIuMDYuMjAyMSwgMTU6MDUgKzAyMDAgc2NocmllYiBNYXJjIEtsZWluZS1C dWRkZToNCj4gPiA+IE9uIDYvMjIvMjEgNjozNiBBTSwgRGVuaXMgT3N0ZXJsYW5kLUhlaW0gd3Jv dGU6DQo+ID4gPiA+IFBsZWFzZSBoYXZlIGEgbG9vayBhdCBodHRwczovL2dpdC5wZW5ndXRyb25p eC5kZS9jZ2l0L3B0eGRpc3QvY29tbWl0Lz9pZD00YjNiZTgyMjVmMzg5YzdkYjBlMmQ2NjVlOGU2 MDBjYjJjZjUyYjkxIC4NCj4gPiA+ID4gVGhpcyBzaG91bGQgYW5zd2VyIHlvdXIgcXVlc3Rpb24u DQo+ID4gPg0KPiA+ID4gVGhhbmtzLg0KPiA+DQo+ID4gWW91J3JlIHdlbGNvbWUuDQo+ID4NCj4g PiA+DQo+ID4gPiBIb3dldmVyIHRoYXQgZG9lc24ndCB3b3JrLCBhcyB0aGUgcHJvcHJpZXRhcnkg SSdtIHVzaW5nIHJlZnVzZXMgdG8gd29yayB3aXRoDQo+ID4gPiBodHRwc19wcm94eT0iIiBhbmQg SSBkb24ndCB3YW50IHRvIGFkZCBtb3JlIGJpbmFyeSBwYXRjaGVzIHRvIHRoZSBsaWIuDQo+ID4N Cj4gPiA6LS8NCj4gPg0KPiA+IE1heWJlIGl0IHdvdWxkIGJlIGFuIG9wdGlvbiB0byBhZGQgYSBj b25maWd1cmF0aW9uIHN3aXRjaCB0byBkaXNhYmxlIHRoaXMgYmVoYXZpb3IuDQo+ID4gU28geW91 ciBjb2RlLXNpZ25pbmctcHJvdmlkZXIgbWF5IHNlbGVjdCB0aGlzLg0KPiA+DQo+ID4gLS0tIGEv c2NyaXB0cy9saWIvcHR4ZF9tYWtlX3dvcmxkX2NvbW1vbi5zaA0KPiA+ICsrKyBiL3NjcmlwdHMv bGliL3B0eGRfbWFrZV93b3JsZF9jb21tb24uc2gNCj4gPiBAQCAtMzk3LDcgKzM5Nyw3IEBAIHB0 eGRfbWFrZV93b3JsZF9pbml0KCkgew0KPiA+ICAgICAgIw0KPiA+ICAgICAgIyB0cnkgdG8gcHJl dmVudCBkb3dubG9hZHMgb3V0c2lkZSB0aGUgZ2V0IHN0YWdlDQo+ID4gICAgICAjDQo+ID4gLSAg ICBpZiBbICIke3BrZ19zdGFnZX0iICE9ICJnZXQiIF07IHRoZW4NCj4gPiArICAgIGlmIFsgIiR7 cGtnX3N0YWdlfSIgIT0gImdldCIgXSAmJiBbIC16ICIke1BUWENPTkZfRElTQUJMRV9ET1dOTE9B RF9DSEVDS30iIF07IHRoZW4NCj4gPiAgICAgICAgIHBrZ19lbnY9IkhUVFBTX1BST1hZPS0gSFRU UF9QUk9YWT0tIGh0dHBzX3Byb3h5PS0gaHR0cF9wcm94eT0tICR7cGtnX2Vudn0iDQo+ID4gICAg ICBmaQ0KPiA+DQo+ID4gTm90IHN1cmUgaWYgdGhpcyBpcyByZWFsbHkgd29ya3MuDQo+DQo+IEkn ZCBsaWtlIHRvIGF2b2lkIGRpc2FibGluZyB0aGlzIGdsb2JhbGx5LiBNYXliZSBzb21ldGhpbmcg bGlrZSB0aGlzOg0KPg0KPiBJbiB0aGUgc2lnbmluZyBwcm92aWRlciBydWxlcy9wcmUgbWFrZWZp bGU6DQo+DQo+IENPREVfU0lHTklOR19ORVRXT1JLX0FDQ0VTUyA6PSBZRVMNCj4NCj4gSW4gdGhl IHBhY2thZ2VzIHRoYXQgdXNlIGl0Og0KPg0KPiA8UEtHPl9ORVRXT1JLX0FDQ0VTUyA6PSAkKENP REVfU0lHTklOR19ORVRXT1JLX0FDQ0VTUykNCj4NCj4gQWRkIGl0IHRvIHB0eC9lbnYgYW5kIHRo ZW4gY2hlY2sgZm9yIGl0IGluIHB0eGRfbWFrZV93b3JsZF9pbml0KCkuDQo+DQo+IE1pY2hhZWwN Cj4NCkRpZWhsIENvbm5lY3Rpdml0eSBTb2x1dGlvbnMgR21iSA0KR2VzY2jDpGZ0c2bDvGhydW5n OiBIb3JzdCBMZW9uYmVyZ2VyDQpTaXR6IGRlciBHZXNlbGxzY2hhZnQ6IE7DvHJuYmVyZyAtIFJl Z2lzdGVyZ2VyaWNodDogQW10c2dlcmljaHQNCk7DvHJuYmVyZzogSFJCIDMyMzE1DQoNCl9fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fDQoNCkRlciBJbmhhbHQgZGVyIHZvcnN0ZWhlbmRl biBFLU1haWwgaXN0IG5pY2h0IHJlY2h0bGljaCBiaW5kZW5kLiBEaWVzZSBFLU1haWwgZW50aGFl bHQgdmVydHJhdWxpY2hlIHVuZC9vZGVyIHJlY2h0bGljaCBnZXNjaHVldHp0ZSBJbmZvcm1hdGlv bmVuLg0KSW5mb3JtaWVyZW4gU2llIHVucyBiaXR0ZSwgd2VubiBTaWUgZGllc2UgRS1NYWlsIGZh ZWxzY2hsaWNoZXJ3ZWlzZSBlcmhhbHRlbiBoYWJlbi4gQml0dGUgbG9lc2NoZW4gU2llIGluIGRp ZXNlbSBGYWxsIGRpZSBOYWNocmljaHQuDQpKZWRlIHVuZXJsYXVidGUgRm9ybSBkZXIgUmVwcm9k dWt0aW9uLCBCZWthbm50Z2FiZSwgQWVuZGVydW5nLCBWZXJ0ZWlsdW5nIHVuZC9vZGVyIFB1Ymxp a2F0aW9uIGRpZXNlciBFLU1haWwgaXN0IHN0cmVuZ3N0ZW5zIHVudGVyc2FndC4NCg0KLSBJbmZv cm1hdGlvbmVuIHp1bSBEYXRlbnNjaHV0eiwgaW5zYmVzb25kZXJlIHp1IElocmVuIFJlY2h0ZW4s IGVyaGFsdGVuIFNpZSB1bnRlcjoNCg0KaHR0cHM6Ly93d3cuZGllaGwuY29tL2dyb3VwL2RlL3Ry YW5zcGFyZW56LXVuZC1pbmZvcm1hdGlvbnNwZmxpY2h0ZW4vDQoNClRoZSBjb250ZW50cyBvZiB0 aGUgYWJvdmUgbWVudGlvbmVkIGUtbWFpbCBpcyBub3QgbGVnYWxseSBiaW5kaW5nLiBUaGlzIGUt bWFpbCBjb250YWlucyBjb25maWRlbnRpYWwgYW5kL29yIGxlZ2FsbHkgcHJvdGVjdGVkIGluZm9y bWF0aW9uLiBQbGVhc2UgaW5mb3JtIHVzIGlmIHlvdSBoYXZlIHJlY2VpdmVkIHRoaXMgZS1tYWls IGJ5DQptaXN0YWtlIGFuZCBkZWxldGUgaXQgaW4gc3VjaCBhIGNhc2UuIEVhY2ggdW5hdXRob3Jp emVkIHJlcHJvZHVjdGlvbiwgZGlzY2xvc3VyZSwgYWx0ZXJhdGlvbiwgZGlzdHJpYnV0aW9uIGFu ZC9vciBwdWJsaWNhdGlvbiBvZiB0aGlzIGUtbWFpbCBpcyBzdHJpY3RseSBwcm9oaWJpdGVkLg0K DQotIEZvciBnZW5lcmFsIGluZm9ybWF0aW9uIG9uIGRhdGEgcHJvdGVjdGlvbiBhbmQgeW91ciBy ZXNwZWN0aXZlIHJpZ2h0cyBwbGVhc2UgdmlzaXQ6DQoNCmh0dHBzOi8vd3d3LmRpZWhsLmNvbS9n cm91cC9lbi90cmFuc3BhcmVuY3ktYW5kLWluZm9ybWF0aW9uLW9ibGlnYXRpb25zLw0KDQoNCl9f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCnB0eGRpc3QgbWFp bGluZyBsaXN0CnB0eGRpc3RAcGVuZ3V0cm9uaXguZGUKVG8gdW5zdWJzY3JpYmUsIHNlbmQgYSBt YWlsIHdpdGggc3ViamVjdCAidW5zdWJzY3JpYmUiIHRvIHB0eGRpc3QtcmVxdWVzdEBwZW5ndXRy b25peC5kZQo=