tests: Get the packages for pkcs11 testing on the CI/CD system

Get the packages for pkcs11 testing on the CI/CD system, where available. On those system where it is not available, skip the two tests. The following distros cannot run the pkcs11 tests: - Alpine: package with pkcs11 engine not available - CentOS7: softhsm 2.1.0 is too old for tests to work; tests also fail when trying to sign with pkcs11 URI using openssl command line tool - OpenSuSE Leap: softhsm package not available in main repo Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2025-04-29 07:03:37 +02:00 · 2021-09-13 18:18:13 -04:00 · 2021-09-13 18:18:13 -04:00 · ebcdbfe91e
commit ebcdbfe91e
parent e5b3097821
4 changed files with 16 additions and 1 deletions
--- a/ci/alt.sh
+++ b/ci/alt.sh
@ -12,12 +12,15 @@ apt-get install -y \
 		asciidoc \
 		attr \
 		docbook-style-xsl \
+		gnutls-utils \
 		libattr-devel \
 		libkeyutils-devel \
+		libp11 \
 		libssl-devel \
 		openssl \
 		openssl-gost-engine \
 		rpm-build \
+		softhsm \
 		wget \
 		xsltproc \
 		xxd \
--- a/ci/debian.sh
+++ b/ci/debian.sh
@ -48,7 +48,8 @@ $apt \
 	procps \
 	sudo \
 	wget \
-	xsltproc \
+	xsltproc

 $apt xxd || $apt vim-common
 $apt libengine-gost-openssl1.1$ARCH || true
+$apt softhsm gnutls-bin libengine-pkcs11-openssl1.1$ARCH || true
--- a/ci/fedora.sh
+++ b/ci/fedora.sh
@ -25,6 +25,7 @@ yum -y install \
 	automake \
 	diffutils \
 	docbook-xsl \
+	gnutls-utils \
 	gzip \
 	keyutils-libs-devel \
 	libattr-devel \
@ -33,6 +34,7 @@ yum -y install \
 	make \
 	openssl \
 	openssl-devel \
+	openssl-pkcs11 \
 	pkg-config \
 	procps \
 	sudo \
@ -42,3 +44,9 @@ yum -y install \

 yum -y install docbook5-style-xsl || true
 yum -y install swtpm || true
+
+# SoftHSM is available via EPEL on CentOS
+if [ -f /etc/centos-release ]; then
+	yum -y install epel-release
+fi
+yum -y install softhsm || true
--- a/ci/tumbleweed.sh
+++ b/ci/tumbleweed.sh
@ -42,6 +42,9 @@ zypper --non-interactive install --force-resolution --no-recommends \
 	which \
 	xsltproc

+zypper --non-interactive install --force-resolution --no-recommends \
+	gnutls openssl-engine-libp11 softhsm || true
+
 if [ -f /usr/lib/ibmtss/tpm_server -a ! -e /usr/local/bin/tpm_server ]; then
 	ln -s /usr/lib/ibmtss/tpm_server /usr/local/bin
 fi