[PATCH v3 0/9] ima-evm-utils: Add support for signing with pkcs11 URIs

[Stefan Berger <stefanb@linux.vnet.ibm.com>]

From: Stefan Berger <stefanb@linux.ibm.com>

This series of patches adds support for signing with pkcs11 URIs so that
pkcs11-enabled devices can also be used for file signing.

A test program is provided setting up SoftHSM for test cases to use. I added
two test cases for testing with SoftHSM.

  Stefan

v3:
  - Used commit messages Mimi suggested
  - 7/9: Split off imported script into own patch
  - 8/9: Added missing EVMCTL_ENGINE variable that allowed to enable Debian
         and Ubuntu testing in 9/9; improvements on setup and teardown
         functions
  - 9/9: Installation of required packages on Debian and Ubuntu

Stefan Berger (9):
  evmctl: Implement support for EVMCTL_KEY_PASSWORD environment variable
  evmctl: Handle failure to initialize the openssl engine
  evmctl: Implement function for setting up an OpenSSL engine
  evmctl: Define and use an ENGINE field in libimaevm_params
  evmctl: use the pkcs11 engine for pkcs11: prefixed URIs
  libimaevm: Add support for pkcs11 private keys for signing a v2 hash
  tests: Import softhsm_setup script to enable pkcs11 test case
  tests: Extend sign_verify test with pkcs11-specific test
  tests: Get the packages for pkcs11 testing on the CI/CD system

 README                 |   5 +
 ci/alt.sh              |   3 +
 ci/debian.sh           |   3 +-
 ci/fedora.sh           |   8 ++
 ci/tumbleweed.sh       |   3 +
 src/evmctl.c           |  54 +++++---
 src/imaevm.h           |   2 +
 src/libimaevm.c        |  47 +++++--
 tests/functions.sh     |  45 +++++++
 tests/sign_verify.test |  52 ++++++--
 tests/softhsm_setup    | 297 +++++++++++++++++++++++++++++++++++++++++
 11 files changed, 478 insertions(+), 41 deletions(-)
 create mode 100755 tests/softhsm_setup

-- 
2.31.1