samples: Add support for pkcs11 module environment variables to confi…

…g file

Add support for pkcs11 module environment variables to the config file.
These variables may have the following format:

   env:VARNAME=VALUE

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

man/man8/swtpm-localca.conf.pod

@@ -52,6 +52,16 @@ used.
 This variable can be set to the port on which  B<tcsd> is listening for
 connections. By default port I<30003> will be used.
 
+=item B<env:<environment variables>>
+
+Additional environment variables that may be needed by pkcs11 modules can
+be set using this format. An example for such an environment variable may
+look like this:
+
+    env:MY_MODULE_PKCS11_CONFIG = /tmp/mymodule-pkcs11.conf
+
+The line must not contain any trailing spaces.
+
 =back
 
 =head1 EXAMPLE

samples/py_swtpm_localca/swtpm_localca.py

@@ -96,6 +96,21 @@ def get_config_value(lines, configname, default=None):
     return default
 
 
+def get_config_envvars(lines):
+    """ Extract all environment variables from the config file and return a map.
+        Environment variable lines must start with 'env:' and must not contain
+        trailing spaces or a comment starting with '#' """
+    res = {}
+
+    regex = r"^env:([^=\s]*)\s*=\s*([^\n]*).*"
+    for line in lines:
+        match = re.match(regex, line)
+        if match:
+            res[match.group(1)] = match.group(2)
+
+    return res
+
+
 def write_file(filename, text):
     """ Write some text to a file """
     try:
@@ -629,6 +644,8 @@ def main():
             swtpm_pkcs11_pin = get_config_value(lines, "SWTPM_PKCS11_PIN", "swtpm-tpmca")
             swtpm_cert_env["SWTPM_PKCS11_PIN"] = swtpm_pkcs11_pin
             logit(LOGFILE, "CA uses a PKCS#11 key; using SWTPM_PKCS11_PIN\n")
+        # Get additional environment variables pkcs11 modules may need
+        swtpm_cert_env.update(get_config_envvars(lines))
     else:
         # if signkey does not exists it will be created...
         if not os.access(signkey, os.R_OK):