From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Cc: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Subject: Re: [ptxdist] [APPLIED] softhsm: add target package
Date: Fri, 17 Jan 2025 17:01:09 +0100 [thread overview]
Message-ID: <20250117160109.1379785-1-m.olbrich@pengutronix.de> (raw)
In-Reply-To: <20250113122357.3498138-1-r.czerwinski@pengutronix.de>
Thanks, applied as b6017bdde7ad268d4df170da61242a68cc0ad23a.
Michael
[sent from post-receive hook]
On Fri, 17 Jan 2025 17:01:09 +0100, Rouven Czerwinski <r.czerwinski@pengutronix.de> wrote:
> We had softhsm as a host-package, add it as a target package. This is
> useful to provide a development pkcs11 environment. Also remove the
> duplicate SOFTHSM definitions from the host package.
>
> Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
> Message-Id: <20250113122357.3498138-1-r.czerwinski@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/host-softhsm.make b/rules/host-softhsm.make
> index b352f81628b4..67d9c5ab8f96 100644
> --- a/rules/host-softhsm.make
> +++ b/rules/host-softhsm.make
> @@ -11,19 +11,6 @@
> #
> HOST_PACKAGES-$(PTXCONF_HOST_SOFTHSM) += host-softhsm
>
> -#
> -# Paths and names
> -#
> -HOST_SOFTHSM_VERSION := 2.6.1
> -HOST_SOFTHSM_MD5 := 040b93ca327cbe0a3a8661e7c371ab16
> -HOST_SOFTHSM := softhsm-$(HOST_SOFTHSM_VERSION)
> -HOST_SOFTHSM_SUFFIX := tar.gz
> -HOST_SOFTHSM_URL := https://dist.opendnssec.org/source/$(HOST_SOFTHSM).$(HOST_SOFTHSM_SUFFIX)
> -HOST_SOFTHSM_SOURCE := $(SRCDIR)/$(HOST_SOFTHSM).$(HOST_SOFTHSM_SUFFIX)
> -HOST_SOFTHSM_DIR := $(HOST_BUILDDIR)/$(HOST_SOFTHSM)
> -HOST_SOFTHSM_LICENSE := BSD-2-Clause
> -HOST_SOFTHSM_LICENSE_FILES := file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210
> -
> # ----------------------------------------------------------------------------
> # Prepare
> # ----------------------------------------------------------------------------
> diff --git a/rules/softhsm.in b/rules/softhsm.in
> new file mode 100644
> index 000000000000..180131580089
> --- /dev/null
> +++ b/rules/softhsm.in
> @@ -0,0 +1,20 @@
> +## SECTION=security
> +
> +config SOFTHSM
> + tristate
> + select OPENSSL
> + select SQLITE
> + default y if ALLYES
> + prompt "SoftHSMv2 "
> + help
> + SoftHSM emulates an HSM (e.g. Hardware Security Module) device and
> + provides the regular API to be work in conjunction with PKCS#11.
> + https://www.opendnssec.org/download/
> +
> +if SOFTHSM
> +
> +config SOFTHSM_P11_KIT
> + bool
> + default P11_KIT
> +
> +endif
> diff --git a/rules/softhsm.make b/rules/softhsm.make
> new file mode 100644
> index 000000000000..bc16dc6a5bee
> --- /dev/null
> +++ b/rules/softhsm.make
> @@ -0,0 +1,76 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2018 by Juergen Borleis <jbe@pengutronix.de>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_SOFTHSM) += softhsm
> +
> +#
> +# Paths and names
> +#
> +SOFTHSM_VERSION := 2.6.1
> +SOFTHSM_MD5 := 040b93ca327cbe0a3a8661e7c371ab16
> +SOFTHSM := softhsm-$(SOFTHSM_VERSION)
> +SOFTHSM_SUFFIX := tar.gz
> +SOFTHSM_URL := https://dist.opendnssec.org/source/$(SOFTHSM).$(SOFTHSM_SUFFIX)
> +SOFTHSM_SOURCE := $(SRCDIR)/$(SOFTHSM).$(SOFTHSM_SUFFIX)
> +SOFTHSM_DIR := $(BUILDDIR)/$(SOFTHSM)
> +SOFTHSM_LICENSE := BSD-2-Clause
> +SOFTHSM_LICENSE_FILES := file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +SOFTHSM_CONF_TOOL := autoconf
> +SOFTHSM_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + --disable-non-paged-memory \
> + --disable-gost \
> + --with-crypto-backend=openssl \
> + --with-objectstore-backend-db \
> + --with-migrate \
> + --with-sqlite3=$(SYSROOT)/usr \
> + --$(call ptx/endis, PTXCONF_SOFTHSM_P11_KIT)-p11-kit \
> + --with-p11-kit=/usr/share/p11-kit/modules
> +
> +SOFTHSM_CPPFLAGS := \
> + -DDEBUG_LOG_STDERR=1
> +
> +$(STATEDIR)/softhsm.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, softhsm)
> + @$(call install_fixup, softhsm,PRIORITY,optional)
> + @$(call install_fixup, softhsm,SECTION,base)
> + @$(call install_fixup, softhsm,AUTHOR,"Rouven Czerwinski <r.czerwinski@pengutronix.de>")
> + @$(call install_fixup, softhsm,DESCRIPTION,missing)
> +
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-dump-db)
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-dump-file)
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-keyconv)
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-util)
> +
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/lib/softhsm/libsofthsm2.so)
> +
> + @$(call install_copy, softhsm, 0, 0, 0644, -, /etc/softhsm2.conf)
> +
> +ifdef PTXCONF_SOFTHSM_P11_KIT
> + @$(call install_copy, softhsm, 0, 0, 0644, -, /usr/share/p11-kit/modules/softhsm2.module)
> +endif
> +
> + @$(call install_finish, softhsm)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> +# vim: syntax=make
prev parent reply other threads:[~2025-01-17 16:01 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-13 12:23 [ptxdist] [PATCH v2] " Rouven Czerwinski
2025-01-17 16:01 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250117160109.1379785-1-m.olbrich@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
--cc=r.czerwinski@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox