From 1b8b4f44f65201cd317c0fe1e54eb04f62106b8d Mon Sep 17 00:00:00 2001
From: "Vasilyev, Viacheslav" <viacheslav.vasilyev@accenture.com>
Date: Thu, 30 Sep 2021 23:31:18 +0300
Subject: [PATCH] add crypto-config-path command line parameter

---
 cmd/app/createca.go  | 2 +-
 cmd/app/root.go      | 1 +
 pkg/pkcs11/pkcs11.go | 3 ++-
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/cmd/app/createca.go b/cmd/app/createca.go
index f807918b2..6e26cd4a3 100644
--- a/cmd/app/createca.go
+++ b/cmd/app/createca.go
@@ -46,7 +46,7 @@ such as organization, country etc. This can then be used as the root
 certificate authority for an instance of sigstore fulcio`,
 	Run: func(cmd *cobra.Command, args []string) {
 		log.Logger.Info("binding to PKCS11 HSM")
-		p11Ctx, err := crypto11.ConfigureFromFile("config/crypto11.conf")
+		p11Ctx, err := crypto11.ConfigureFromFile(viper.GetString("crypto-config-path"))
 		if err != nil {
 			log.Logger.Fatal(err)
 		}
diff --git a/cmd/app/root.go b/cmd/app/root.go
index 2672c25b1..ee5cf2b3a 100644
--- a/cmd/app/root.go
+++ b/cmd/app/root.go
@@ -51,6 +51,7 @@ func init() {
 	rootCmd.PersistentFlags().String("hsm-caroot-id", "", "HSM ID for Root CA (only used with --ca fulcio)")
 	rootCmd.PersistentFlags().String("ct-log-url", "http://localhost:6962/test", "host and path (with log prefix at the end) to the ct log")
 	rootCmd.PersistentFlags().String("config-path", "/etc/fulcio-config/config.json", "path to fulcio config json")
+	rootCmd.PersistentFlags().String("crypto-config-path", "config/crypto11.conf", "path to fulcio pkcs11 config file")
 
 	if err := viper.BindPFlags(rootCmd.PersistentFlags()); err != nil {
 		log.Logger.Fatal(err)
diff --git a/pkg/pkcs11/pkcs11.go b/pkg/pkcs11/pkcs11.go
index 17e745948..9f4b8a2d5 100644
--- a/pkg/pkcs11/pkcs11.go
+++ b/pkg/pkcs11/pkcs11.go
@@ -17,10 +17,11 @@ package pkcs11
 
 import (
 	"github.com/ThalesIgnite/crypto11"
+	"github.com/spf13/viper"
 )
 
 func InitHSMCtx() (*crypto11.Context, error) {
-	p11Ctx, err := crypto11.ConfigureFromFile("config/crypto11.conf")
+	p11Ctx, err := crypto11.ConfigureFromFile(viper.GetString("crypto-config-path"))
 	if err != nil {
 		return nil, err
 	}