diff options
author | Rob Austein <sra@hactrn.net> | 2017-05-04 17:41:44 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2017-05-04 17:41:44 -0400 |
commit | ae322afdec65e7d8c180fa761c0bbb3c682ef5c0 (patch) | |
tree | 2ce777eafc9c5810c500014b31d4fc6acdbb8db6 | |
parent | f110c617c706e3a0b21daf29802e44668e202740 (diff) |
Add pkcs11-spy support, remove cryptech_probe invocation.
-rw-r--r-- | environment.sh | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/environment.sh b/environment.sh index a842d81..f3f5c75 100644 --- a/environment.sh +++ b/environment.sh @@ -14,9 +14,18 @@ export PKCS11_PIN=fnord export OPENSSL_CONF=`pwd`/openssl.conf -# If we don't already have the cryptech UART environment variables set, do that now. - -if test "X${CRYPTECH_RPC_CLIENT_SERIAL_DEVICE}" = "X" +# If USE_PKCS11SPY is set, it should be an absolute path to the OpenSC +# pkcs11-spy.so debugging tool, which we will splice between OpenSSL +# and the real PKCS #11 library. This is not something you would want +# to do in production, but can be useful when testing. See +# +# https://github.com/OpenSC/OpenSC/wiki/Using-OpenSC +# +# By default, pkcs11-spy writes to stderr, but you can override this +# by setting PKCS11SPY_OUTPUT. + +if test "X$USE_PKCS11SPY" != "X" && test -r "$USE_PKCS11SPY" then - eval `cryptech_probe` + export PKCS11SPY="$PKCS11_MODULE" + export PKCS11_MODULE="$USE_PKCS11SPY" fi |