Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot use the gradle module plugin with Yubikey or other PKCS11 signing. #41

Closed
pturmel opened this issue May 30, 2023 · 11 comments
Closed

Cannot use the gradle module plugin with Yubikey or other PKCS11 signing. #41

pturmel opened this issue May 30, 2023 · 11 comments
Assignees
@brianeray

Comments

@pturmel
Copy link

pturmel commented May 30, 2023

I would like to migrate to gradle builds (from ant, skipping maven) but the properties for configuring module signing do not support the Module Signer's -pkcs11-cfg option. Is there any chance this can be added?
@PerryAJ
Copy link
Member

PerryAJ commented Jun 1, 2023

Hey Phil,

I'm going to have to do some looking before I can commit, but if there's no inherent technical limitation, I'd like to get this done. I'm a bit time strapped at the moment, but will make it a top priority when I've cleared a bit off the old plate (assuming someone else doesn't notice this and beat me to it).

Appreciate you pointing out the gap in support, will follow up when I can say something more specific.

@pturmel
Copy link
Author

pturmel commented Jun 2, 2023

I may beat you to it, then. (I supplied the code Kevin committed to add pkcs11 to the module signer.)

@PerryAJ
Copy link
Member

PerryAJ commented Jun 2, 2023

PRs are always welcome!

I'll try and look at this over the next couple days though if you don't beat me to it. I haven't seen the the changes you're mentioning about the signer, where can I find those? KevinH?

@kevinherron
Copy link

This commit: inductiveautomation/module-signer@7a3df1e

@PerryAJ
Copy link
Member

PerryAJ commented Jun 2, 2023

This commit: inductiveautomation/module-signer@7a3df1e

Oh, I'm following now, thx for the tip - I thought Phil was talking about a more recent change.

With that context, it doesn't seem like we'd need an update to the signer dependency at all (and noticed we have some old/outstanding PRs on that lib that prob should get looked at @kevinherron). We'll need to update the SignModule tasks's implementation. Looks like it might just be a minor change in the setup/invocation of the signer around here.

Will see if I can get a PR up (or find someone with some time and interest) in the next few days.

@PerryAJ
Copy link
Member

PerryAJ commented Jun 12, 2023

Haven't had time to get to this, but we did open an internal ticket with high priority today to start getting some eyes on this. No timeline/eta, but something that is going to get looked at in the near-term (IGN-7871 is our internal ticket to get this some attention).

@pturmel
Copy link
Author

pturmel commented Jun 12, 2023

Much appreciated (I've been sidetracked for a few days).

@brianeray
Copy link
Collaborator

@pturmel , I'm going to try to take a look at this before the end of the current month (August). 🤞

@brianeray
Copy link
Collaborator

November is the new August. I'm looking at this now.

@brianeray brianeray self-assigned this Nov 29, 2023
@brianeray
Copy link
Collaborator

Iterating on this in my fork.

@brianeray brianeray mentioned this issue Feb 20, 2024
Merged
@brianeray
Copy link
Collaborator

Associated PR merged and io.ia.sdk.modl Gradle plugin published.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brianeray brianeray

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@PerryAJ @kevinherron @pturmel @brianeray