Add initial code signing support

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>

2 files changed, 32 insertions, 0 deletions

diff --git a/rules/pre/010-code-signing.make b/rules/pre/010-code-signing.make
new file mode 100644
index 000000000..ac3bdbc56
--- /dev/null
+++ b/rules/pre/010-code-signing.make
@@ -0,0 +1,14 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2019 by Sascha Hauer <s.hauer@pengutronix.de>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+CODE_SIGNING_ENV = \
+	SO_PATH=$(PTXDIST_SYSROOT_HOST)/lib/engines-1.1/pkcs11.so \
+	OPENSSL_CONF="$(PTXDIST_SYSROOT_HOST)/ssl/openssl.cnf" \
+	OPENSSL_ENGINES="$(PTXDIST_SYSROOT_HOST)/lib/engines-1.1"
+
+# vim: syntax=make
diff --git a/rules/pre/020-code-signing-softhsm.make b/rules/pre/020-code-signing-softhsm.make
new file mode 100644
index 000000000..7d9cae556
--- /dev/null
+++ b/rules/pre/020-code-signing-softhsm.make
@@ -0,0 +1,18 @@
+# -*-makefile-*-
+#
+# Copyright (C) 2019 by Sascha Hauer <s.hauer@pengutronix.de>
+#
+# For further information about the PTXdist project and license conditions
+# see the README file.
+#
+
+ifdef PTXCONF_HOST_SOFTHSM
+SOFTHSM_CODE_SIGNING_ENV = \
+	SOFTHSM2_CONF="$(PTXDIST_SYSROOT_HOST)/etc/softhsm2.conf" \
+	PKCS11_MODULE_PATH=$(PTXDIST_SYSROOT_HOST)/lib/softhsm/libsofthsm2.so
+
+CODE_SIGNING_ENV += \
+	$(SOFTHSM_CODE_SIGNING_ENV)
+endif
+
+# vim: syntax=make