From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Thu, 16 Jan 2025 17:13:24 +0100
Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104])
	by lore.white.stw.pengutronix.de with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1tYSUl-000f7k-1E
	for lore@lore.pengutronix.de;
	Thu, 16 Jan 2025 17:13:24 +0100
Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de)
	by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1tYSUl-0006BB-QM; Thu, 16 Jan 2025 17:13:23 +0100
Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2])
 by metis.whiteo.stw.pengutronix.de with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <mol@pengutronix.de>)
 id 1tYSRL-0001uZ-NM; Thu, 16 Jan 2025 17:09:51 +0100
Received: from dude05.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::54])
 by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96)
 (envelope-from <mol@pengutronix.de>) id 1tYSRL-000HUv-1i;
 Thu, 16 Jan 2025 17:09:51 +0100
Received: from mol by dude05.red.stw.pengutronix.de with local (Exim 4.96)
 (envelope-from <mol@pengutronix.de>) id 1tYSRL-001nOg-1a;
 Thu, 16 Jan 2025 17:09:51 +0100
From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Date: Thu, 16 Jan 2025 17:09:51 +0100
Message-Id: <20250116160951.428203-1-m.olbrich@pengutronix.de>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250108102750.4051249-1-r.czerwinski@pengutronix.de>
References: <20250108102750.4051249-1-r.czerwinski@pengutronix.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: Re: [ptxdist] [APPLIED] pkcs11-provider: new package
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <https://metis.pengutronix.de/mailman/options/ptxdist>,
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <https://metis.pengutronix.de/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <https://metis.pengutronix.de/mailman/listinfo/ptxdist>,
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Cc: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false

Thanks, applied as 7537a0f76a3cd3275bcfbafe0050c0999508817f.

Michael

[sent from post-receive hook]

On Thu, 16 Jan 2025 17:09:51 +0100, Rouven Czerwinski <r.czerwinski@pengutronix.de> wrote:
> Add pkcs11-provider as a new package to support PKCS11 in openssl.
> Providers are the new interface for openssl to support this and replace
> the old engine interface.
> 
> Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
> Message-Id: <20250108102750.4051249-1-r.czerwinski@pengutronix.de>
> [mol: remove extra \ at the end of PKCS11_PROVIDER_CONF_OPT ]
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/pkcs11-provider.in b/rules/pkcs11-provider.in
> new file mode 100644
> index 000000000000..5f4d920ac50b
> --- /dev/null
> +++ b/rules/pkcs11-provider.in
> @@ -0,0 +1,11 @@
> +## SECTION=security
> +
> +config PKCS11_PROVIDER
> +	tristate
> +	select OPENSSL
> +	select HOST_MESON
> +	default y if ALLYES
> +	prompt "PKCS11 Provider               "
> +	help
> +	  A pkcs#11 provider for OpenSSL 3.0+. This will require adjustments
> +	  to the openssl configuration file.
> diff --git a/rules/pkcs11-provider.make b/rules/pkcs11-provider.make
> new file mode 100644
> index 000000000000..b8a4777ad355
> --- /dev/null
> +++ b/rules/pkcs11-provider.make
> @@ -0,0 +1,59 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2024 by Rouven Czerwinski <r.czerwinski@pengutronix.de>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_PKCS11_PROVIDER) += pkcs11-provider
> +
> +#
> +# Paths and names
> +#
> +PKCS11_PROVIDER_VERSION	:= 0.6
> +PKCS11_PROVIDER_MD5	:= 7e5dc3c81d12c4670615dbd9a7342248
> +PKCS11_PROVIDER		:= pkcs11-provider-$(PKCS11_PROVIDER_VERSION)
> +PKCS11_PROVIDER_SUFFIX	:= tar.xz
> +PKCS11_PROVIDER_URL	:= https://github.com/latchset/pkcs11-provider/releases/download/v$(PKCS11_PROVIDER_VERSION)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX)
> +PKCS11_PROVIDER_SOURCE	:= $(SRCDIR)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX)
> +PKCS11_PROVIDER_DIR	:= $(BUILDDIR)/$(PKCS11_PROVIDER)
> +PKCS11_PROVIDER_LICENSE	:= Apache-2.0
> +PKCS11_PROVIDER_LICENSE_FILES	:= file://LICENSES/Apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +PKCS11_PROVIDER_CONF_ENV := \
> +	PTXDIST_PKG_CONFIG_VAR_NO_SYSROOT=modulesdir
> +
> +#
> +# meson
> +#
> +PKCS11_PROVIDER_CONF_TOOL	:= meson
> +PKCS11_PROVIDER_CONF_OPT	:= \
> +	$(CROSS_MESON_USR)
> +
> +# ----------------------------------------------------------------------------
> +# Target-Install
> +# ----------------------------------------------------------------------------
> +
> +$(STATEDIR)/pkcs11-provider.targetinstall:
> +	@$(call targetinfo)
> +
> +	@$(call install_init, pkcs11-provider)
> +	@$(call install_fixup, pkcs11-provider,PRIORITY,optional)
> +	@$(call install_fixup, pkcs11-provider,SECTION,base)
> +	@$(call install_fixup, pkcs11-provider,AUTHOR,"Rouven Czerwinski <r.czerwinski@pengutronix.de>")
> +	@$(call install_fixup, pkcs11-provider,DESCRIPTION,missing)
> +
> +	@$(call install_copy, pkcs11-provider, 0, 0, 0755, -, /usr/lib/ossl-modules/pkcs11.so)
> +
> +	@$(call install_finish, pkcs11-provider)
> +
> +	@$(call touch)
> +
> +# vim: syntax=make