On 2/26/24 13:20, Stefan Berger wrote:
This series deprecates the sign_hash function and introduces
imaevm_signhash that requires the necessary parameters to be passed rather
than relying on the global imaevm_params variable. This way we can remove
the usage of imaevm_params for the OpenSSL engine and the keyid.
Add support for an OpenSSL provider. The choice of engine versus provider
is implemented using a struct imaevm_ossl_access that wraps the engine or
provider parameters. It also provides a type field where the user can
choose one or the other. imaevm_signhash takes this structure as an optional
parameter to support engines and providers.
Also extend existing test cases with tests with a pkcs11 provider.
Regards,
Stefan
v3:
- Added patch checking for engine support in evmctl before trying to run
pkcs11 test (1/7)
- Updated README with new --provider option (5/7)
- Added 2 more skip's to pkcs11 test in case neither engine nor provider
are supported (6/7)
Correction:
- Added 2 more skip's to pkcs11 test in case softhsm is not installed
(6/7)
