Checking for PKCS11_MODULE_PATH etc. is also useful for the non-SoftHSM workflow, but the other variables are specific to SoftHSM. Split off the SoftHSM checks up into a separate function.
Signed-off-by: Roland Hieber <r...@pengutronix.de> --- PATCH v2: no changes PATCH v1: https://lore.ptxdist.org/ptxdist/20210809144030.22764-2-...@pengutronix.de --- scripts/lib/ptxd_lib_code_signing.sh | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh index 5579161cd5cf..f012f8e194c7 100644 --- a/scripts/lib/ptxd_lib_code_signing.sh +++ b/scripts/lib/ptxd_lib_code_signing.sh @@ -32,13 +32,8 @@ cs_export_pin() { } cs_export_pin +# internal cs_check_env() { - if [ -z "${SOFTHSM2_CONF}" ]; then - ptxd_bailout "SOFTHSM2_CONF is not defined. Maybe \$(CODE_SIGNING_ENV) is not used." - fi - if [ ! -e "${SOFTHSM2_CONF}" ]; then - ptxd_bailout "'${SOFTHSM2_CONF}' is missing." - fi if [ -z "${PKCS11_MODULE_PATH}" ]; then ptxd_bailout "PKCS11_MODULE_PATH is not defined. Maybe \$(CODE_SIGNING_ENV) is not used." fi @@ -48,6 +43,18 @@ cs_check_env() { } export -f cs_check_env +# internal +cs_check_env_softhsm() { + cs_check_env + if [ -z "${SOFTHSM2_CONF}" ]; then + ptxd_bailout "SOFTHSM2_CONF is not defined. Maybe \$(CODE_SIGNING_ENV) is not used." + fi + if [ ! -e "${SOFTHSM2_CONF}" ]; then + ptxd_bailout "'${SOFTHSM2_CONF}' is missing." + fi +} +export -f cs_check_env_softhsm + # # softhsm_pkcs11_tool_init <args> # @@ -88,7 +95,7 @@ export -f cs_init_variables # Initialize SoftHSM and set the initial pin # cs_init_softhsm() { - cs_check_env + cs_check_env_softhsm cs_init_variables local shsm_keys="${sysroot}/var/cache/softhsm/${keyprovider}" -- 2.30.2 _______________________________________________ ptxdist mailing list ptxdist@pengutronix.de To unsubscribe, send a mail with subject "unsubscribe" to ptxdist-requ...@pengutronix.de
