[v4,ima-evm-utils,1/7] tests: Skip pkcs11 test if no engine support in evmctl

Commit Message

Stefan Berger Feb. 28, 2024, 4:14 p.m. UTC

Check the evmctl help screen for engine support and skip the pkcs11
test if no engine support is compiled into evmctl.

Fixes: c1635add22af ("Disable use of OpenSSL "engine" support")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 tests/sign_verify.test | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

Patch

diff --git a/tests/sign_verify.test b/tests/sign_verify.test
index 1b6cf2a..16c7ada 100755
--- a/tests/sign_verify.test
+++ b/tests/sign_verify.test
@@ -439,8 +439,14 @@  expect_fail \
 # Test signing with key described by pkcs11 URI
 _softhsm_setup "${WORKDIR}"
 if [ -n "${PKCS11_KEYURI}" ]; then
-  expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS=--keyid=aabbccdd
-  expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha1   PREFIX=0x030202aabbccdd0100 OPTS=--keyid=aabbccdd
+  if evmctl --help 2>/dev/null | grep -q engine; then
+    expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha256 PREFIX=0x030204aabbccdd0100 OPTS="--keyid=aabbccdd --engine pkcs11"
+    expect_pass check_sign FILE=pkcs11test TYPE=ima KEY="${PKCS11_KEYURI}" ALG=sha1   PREFIX=0x030202aabbccdd0100 OPTS="--keyid=aabbccdd --engine pkcs11"
+  else
+    __skip() { echo "pkcs11 test with engine is skipped since there is no engine support"; return "$SKIP"; }
+    expect_pass __skip
+    expect_pass __skip
+  fi
 else
   # to have a constant number of tests, skip these two tests
   __skip() { echo "pkcs11 test is skipped: could not setup softhsm"; return $SKIP; }