Skip to content

Improve token path handling #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
julek-wolfssl merged 1 commit into from
Jun 5, 2025
Merged

Improve token path handling #85

julek-wolfssl merged 1 commit into from
Jun 5, 2025

Conversation

@LinuxJedi
Copy link
Member

@LinuxJedi LinuxJedi commented Jun 4, 2025
edited
Loading

Old behaviour for token persistent storage:

  1. If WOLFPKCS11_TOKEN_PATH env var is set and wolfPKCS11 was not compiled with WOLFPKCS11_NO_ENV, this path is used.
  2. Otherwise /tmp is used.

New behaviour:

  1. If WOLFPKCS11_TOKEN_PATH env var is set and wolfPKCS11 was not compiled with WOLFPKCS11_NO_ENV, this path is used.
  2. $HOME/.wolfPKCS11 in *nix and %APPDATA%/wolfPKCS11 is used in Windows.
  3. WOLFPKCS11_DEFAULT_TOKEN_PATH is used if set, this can be set with --with-default-token-path.
  4. /tmp is used as a lowest priority fallback.

@LinuxJedi
Copy link
Member Author

LinuxJedi commented Jun 4, 2025

Draft for now. Requires new GH action and PR #84 to be merged for the Windows issue.

@LinuxJedi LinuxJedi force-pushed the token-path branch 3 times, most recently from 7034d1d to 7625e61 Compare June 4, 2025 11:17
@LinuxJedi
Copy link
Member Author

LinuxJedi commented Jun 4, 2025

Windows build failure is fixed in PR #74 in master and PR #84 in NSS branch, it is due to changes in wolfTPM.

@LinuxJedi LinuxJedi marked this pull request as ready for review June 4, 2025 11:20
@LinuxJedi LinuxJedi requested a review from julek-wolfssl June 4, 2025 11:21
julek-wolfssl
julek-wolfssl requested changes Jun 4, 2025
View reviewed changes
@LinuxJedi
Improve token path handling
1bc86f7 
Old behaviour for token persistent storage:
1. If `WOLFPKCS11_TOKEN_PATH` env var is set and wolfPKCS11 was not
  compiled with `WOLFPKCS11_NO_ENV`, this path is used.
2. Otherwise `/tmp` is used.

New behaviour:
1. If `WOLFPKCS11_TOKEN_PATH` env var is set and wolfPKCS11 was not
  compiled with `WOLFPKCS11_NO_ENV`, this path is used.
2. `$HOME/.wolfPKCS11` in *nix and `%APPDIR%/wolfPKCS11` is used
   in Windows.
3. `WOLFPKCS11_DEFAULT_TOKEN_PATH` is used if set, this can be set with
   `--with-default-token-path`.
4. `/tmp` is used as a lowest priority fallback.
@LinuxJedi LinuxJedi requested a review from julek-wolfssl June 5, 2025 06:48
@LinuxJedi LinuxJedi assigned julek-wolfssl and unassigned LinuxJedi Jun 5, 2025
@julek-wolfssl
Copy link
Member

julek-wolfssl commented Jun 5, 2025

Windows failing on some unresolved tpm symbols

@julek-wolfssl julek-wolfssl merged commit 8f8d8d8 into wolfSSL:nss Jun 5, 2025
18 of 19 checks passed
@julek-wolfssl
Copy link
Member

julek-wolfssl commented Jun 5, 2025

Windows failure to be fixed in #84

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@julek-wolfssl julek-wolfssl Awaiting requested review from julek-wolfssl

Assignees

@LinuxJedi LinuxJedi

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LinuxJedi @julek-wolfssl