From: Stefan Berger <stefanb@xxxxxxxxxxxxx> This series of patches adds support for signing with pkcs11 URIs and the keyid explicitly provided via a command line option. A test program is provided setting up softhsm for test cases to use. Tests are passing on gitub actions with some distros not enabled (Debian, Ubuntu) where I could not reproduce the github actions failure on the same type of container locally (debian:stable). Stefan v2: - Use global imaevm_params.eng field for the ENGINE - Fix bug on engine initialization in existing code Stefan Berger (8): evmctl: Implement support for EVMCTL_KEY_PASSWORD environment variable evmctl: Handle engine initialization properly evmctl: Move code setting up engine to own funtion evmctl: Extend libimaevm_params with ENGINE field and use it evmctl: Setup the pkcs11 engine if key has pkcs11: prefix libimaevm: Add support for pkcs11 private keys for signing a v2 hash tests: Extend sign_verify test with pkcs11-specific test tests: Get the packages for pkcs11 testing on the CI/CD system README | 5 + ci/alt.sh | 3 + ci/fedora.sh | 8 ++ ci/tumbleweed.sh | 3 + src/evmctl.c | 54 +++++--- src/imaevm.h | 2 + src/libimaevm.c | 47 +++++-- tests/functions.sh | 26 ++++ tests/sign_verify.test | 50 +++++-- tests/softhsm_setup | 290 +++++++++++++++++++++++++++++++++++++++++ 10 files changed, 448 insertions(+), 40 deletions(-) create mode 100755 tests/softhsm_setup -- 2.31.1
