Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add lint for crypto11 use in signers #247

Closed
g-k opened this issue Mar 6, 2019 · 2 comments · Fixed by #389
Closed

add lint for crypto11 use in signers #247

g-k opened this issue Mar 6, 2019 · 2 comments · Fixed by #389
Labels
code quality code improvements and tidiness

Comments

@g-k
Copy link
Contributor

g-k commented Mar 6, 2019

Remove remaining crypto11 usage from signers and add a lint to fail in CI if it's added back.

refs: #235 (comment)

Eventually, it'd be nice to mprotect crypto11 as either its own process or to run signers in separate processes.
@g-k
Copy link
Contributor Author

g-k commented Jul 25, 2019

The only uses are in the MAR signer:

signer/mar/mar.go:17:   "github.com/ThalesIgnite/crypto11"
signer/mar/mar.go:61:   case *crypto11.PKCS11PrivateKeyRSA:
signer/mar/mar.go:72:   case *crypto11.PKCS11PrivateKeyECDSA:

@g-k g-k added the code quality code improvements and tidiness label Sep 24, 2019
@g-k g-k mentioned this issue Oct 8, 2019
Merged
@g-k
Copy link
Contributor Author

g-k commented Nov 1, 2019

We're using it in the mar signer, but I can add a lint for that (probably just grepping for crypto11 in signer/**/) after switching that one to GetKeysAndRand.

@g-k g-k mentioned this issue Nov 1, 2019
Merged
@g-k g-k closed this as completed in #389 Nov 1, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
code quality code improvements and tidiness
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix 247 lint for crypto11 use in signers mozilla-services/autograph
1 participant
@g-k