Sign data with SoftHSM - sign

I want to sign (or encrypt) some data using SoftHSMv2 and pkcs11-tool.
So far, I generated a RSA keypair with :
pkcs11-tool --module=/usr/local/lib/softhsm/libsofthsm2.so -l --pin mypin -k --key-type rsa:1024 --id 01 --label mykey
But when I try to sign something :
echo "some text" > input.txt
pkcs11-tool --module=/usr/local/lib/softhsm/libsofthsm2.so -l --pin mypin -s -i input.txt
I get the following error message :
Using slot 0 with a present token (0x0)
error: Sign mechanism not supported
Aborting.
From what I understood reading the documentation, I should be able to sign with SoftHSM, but maybe I'm wrong ?
Is there an option to add during compilation or something else to fix my problem ? If not, is there other SSM products in the market ?

You seem to have forgotten -m (--mechanism) option. Read more here.

Related

Change From Header using Mutt

I'm trying to send HTML email with an attachment using mutt. But I also have to set the From header to a custom email address. That part's not working.
Here is the command I'm trying to use:
echo $mail_body | mutt -e "set from=cloudops#noreply.company.com" -e "set content_type=text/html" -a "$ofile" -s "AWS Key Rotation Needed" -- $email_address
The HTML format, and attachment are working. How do I set the custom from header correctly?
I assume the custom email address you are speaking of is one of your configured mail accounts in mutt (account1). Simply load the corresponding configuration.
echo $mail_body | mutt -e "source ~/.mutt/accounts/account1" -e "set content_type=text/html" -a "$ofile" -s "AWS Key Rotation Needed" -- $email_address

How to retrieve the most recent file in cloud storage bucket?

Is this something that can be done with gsutil?
https://cloud.google.com/storage/docs/gsutil/commands/ls does not seem to mention any sorting functionality - only filtering by a date - which wouldn't work for my use case.
Hello this still doesn't seems to exists, but there is a solution in this post: enter link description here
The command used is this one:
gsutil ls -l gs://[bucket-name]/ | sort -k 2
As it allow you to filter by date you can get the most recent result in the bucket and recuperating the last line using another pipe if you need.
gsutil ls -l gs://<bucket-name> | sort -k 2 | tail -n 2 | head -1 | cut -d ' ' -f 7
It will not work well if there is less then two objects in the bucket though
By using gsutil from a host machine this will populate the response array:
response=(`gsutil ls -l gs://some-bucket-name|sort -k 2|tail -2|head -1`)
Or by gsutil from docker container:
response=(`docker run --name some-container-name --rm --volumes-from gcloud-config -it google/cloud-sdk:latest gsutil ls -l gs://some-bucket-name|sort -k 2|tail -2|head -1`)
Afterwards, to get the whole response, run:
echo ${response[#]}
will print for example:
33 2021-08-11T09:24:55Z gs://some-bucket-name/filename-37.txt
Or to get separate info from the response, (e.g. filename)
echo ${response[2]}
will print the filename only
gs://some-bucket-name/filename-37.txt
For my use case, I wanted to find the most recent directory in my bucket. I number them in ascending order (with leading zeros), so all I need to get the most recent one is this:
gsutil ls -l gs://[bucket-name] | sort | tail -n 1 | cut -d '/' -f 4
list the directory
sort alphabetically (probably unnecessary)
take the last line
tokenise it with "/" delimiter
get the 4th token, which is the directory name

Python: invalid syntax error while using es2csv

This is the query I am trying to use in order to connect to elasticsearch, which is in (172.21.150.230) in order to pull out information in a csv format:
es2csv -u http://xxx.xx.xxx.xxx:5601/ -f _all -d doc -i test2 -r -q '{"query": {"match": {"NAME": "xxx"}}}' -o database.csv
However, I get SyntaxError: invalid syntax
Thanks
Which version are you using?
This error raised when your json query is not valid or when you forget to add -r argument.

Regex syntax error with Sed command in Ubuntu 9.04

I have the sed command like this:
radius_clientsfile=clients.conf
iface_netsize="/64"
wireless_prefix=fd04:bd3:80e8:3::
sed -i "/client $wireless_prefix\\$iface_netsize/ {n s/\(\W*secret\W*=\W\).*/\1$key/}" $radius_clientsfile
clients.conf has the content like this:
client fd04:bd3:80e8:3::/64 {
secret = 00000000000000000000000000000001
}
which aim to replace value of secret by key in clients.conf file. For Example, if key is 00000000000000000000000000000002, the content of clients.conf should be changed as following:
client fd04:bd3:80e8:3::/64 {
secret = 00000000000000000000000000000002
}
This script work on OpenWRT attitude adjustment r35400 for armv5tejl
However, it can not work in Ubuntu 9.04 with error:
sed: -e expression #1, char 36: extra characters after command
Could anyone help me for this situation?
I think you need add a ; between command n and command s, like this
sed -i "/client $wireless_prefix\\$iface_netsize/ {n; s/\(\W*secret\W*=\W\).*/\1$key/}" $radius_clientsfile
This working in my cygwin environment.
You need to separate the commands in the command block with a semi-colon, so add a ; after the n command to separate it from the following command.
Like this:
{n;s/\(\W*secret\W*=\W\).*/\1$key/}

Varnishlog log only specified IP

I want to log varnish backend request which matches specified IP (for example 127.0.0.1).
So i have
"varnishlog -b -I BereqHeader:X-Forwarded-For: 127.0.0.1'"
Which actualy logs only the "BereqHeader:X-Forwarded-For:" part. I want to log full request, not only IP part.
That was first question, the second one is: how to disable loging empty request? I mean, if i have regex filter then i have a lot of request looking like this "* << BeReq >> 307454" and i obviously dont want to see them.
I have a solution. Log the data by
varnishlog -b -I BereqHeader:'X-Forwarded-For: 123.215.32.76' -i [other tags to log] > file.varnishlog
and then grep it by
cat file.varnishlog | grep -Pzo '* {3}<< BeReq {4}>>.\n- BereqHeader.+\n(-.\n)*'
which'll give us expected results.