Use EVMCTL_ENGINE to pass --provider or --engine to evmctl. Before, when gost tests were running, EVMCTL_ENGINE was still set to '--engine gost' and was used on the command line for evmctl by a pkcs11 tests as well. Note: Ubuntu 22.04 (Noble) currently seems to have an issue when softhsm is used via --engine pkcs11. In this case ENGINE_finish() in evmctl causes a crash/segfault. However, when pkcs11-provider is installed and used by evcmtl then this issue does not occur. Therefore, we cannot currently run tests on Ubuntu 22.04 that use softhsm via pkcs11 engine. Users should install and use the pkcs11-provider instead and not force usage of the engine by passing '--engine pkcs11' to the command line. Fixes: ffde173250 ("tests: Add pkcs11 test using provider") Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> --- tests/sign_verify.test | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/sign_verify.test b/tests/sign_verify.test index f9522e0..4e7945a 100755 --- a/tests/sign_verify.test +++ b/tests/sign_verify.test @@ -440,8 +440,8 @@ expect_fail \ _softhsm_setup "${WORKDIR}" if [ -n "${PKCS11_KEYURI}" ]; then if evmctl --help 2>/dev/null | grep -q engine; then - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS="--keyid=aabbccdd --engine pkcs11" - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS="--keyid=aabbccdd --engine pkcs11" + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS="--keyid=aabbccdd" EVMCTL_ENGINE="--engine pkcs11" + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS="--keyid=aabbccdd" EVMCTL_ENGINE="--engine pkcs11" else __skip() { echo "pkcs11 test with engine is skipped since there is no engine support"; return "$SKIP"; } expect_pass __skip @@ -453,8 +453,8 @@ if [ -n "${PKCS11_KEYURI}" ]; then openssl list -providers -provider pkcs11 2>/dev/null; then PKCS11_PRIVKEYURI=${PKCS11_KEYURI//type=public/type=private} - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_PRIVKEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS="--keyid=aabbccdd --provider pkcs11" - expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_PRIVKEYURI}" ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS="--keyid=aabbccdd --provider pkcs11" + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_PRIVKEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS="--keyid=aabbccdd" EVMCTL_ENGINE="--provider pkcs11" + expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_PRIVKEYURI}" ALG=sha1 PREFIX=0x030202aabbccdd0100 OPTS="--keyid=aabbccdd" EVMCTL_ENGINE="--provider pkcs11" else __skip() { echo "pkcs11 test with provider is skipped since no provider support or pkcs11 not installed"; return "$SKIP"; } expect_pass __skip -- 2.45.0