From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Wed, 08 Jan 2025 13:57:08 +0100 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tVVcR-000k5Z-2y for lore@lore.pengutronix.de; Wed, 08 Jan 2025 13:57:08 +0100 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1tVVcS-0003eQ-5Z; Wed, 08 Jan 2025 13:57:08 +0100 Received: from h3.cmg2.smtp.forpsi.com ([185.129.138.188]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tVVcC-0003dP-7J for ptxdist@pengutronix.de; Wed, 08 Jan 2025 13:56:52 +0100 Received: from lenoch ([91.218.190.200]) by cmgsmtp with ESMTPSA id VVc9tU5VuEiu2VVcAtsWWe; Wed, 08 Jan 2025 13:56:51 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=triops.cz; s=f2019; t=1736341011; bh=Y0IJjR/O/a1+XLLMjQiR1/4GLYEoO6urNNuX5C2vEWY=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type; b=KKUR+2Iz8gGSo9DHtkgB+PTm+X5lz9UOE3ppEDNzqnOPbxZI/5IEZrJ7fbT9MdU+f IfMVa4SbqN983oysszZhF+lHEuHvbnTSivYGXT0iKnFdlOnxGgqK5YZpyg4o+VkVZM iLrTkINuPv51Bndon3xdZQNkwSnise8fNB3IUL+XslB9cf88JE91IXYqZkDISJPGy/ NdjJ6Vc++/dPzOu7c5n2epLDdRYG8TwU+8B4ZeKbFFA9xloTNw7Meq1UGr0a7kmN7G 26kG/bdZLr3e8vBKIQLh7SlPdY3y08n9mw0ghqmcE7piCYwtrgWOxpBlUOLHZk5Wth ywZd2J87P1GXA== Date: Wed, 8 Jan 2025 13:56:48 +0100 From: Ladislav Michl To: ptxdist@pengutronix.de Message-ID: References: <20250108102750.4051249-1-r.czerwinski@pengutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20250108102750.4051249-1-r.czerwinski@pengutronix.de> X-CMAE-Envelope: MS4xfAVJn3akWfWw2O7R3mYJq37Afwz4hW/dPvjSznACO2BidPmSGRXMnEA8waJqnQokRAUIBr/LUQ+LFHYP9HIVxiQrZ2kwUcYLj7zpj3P+WkU0zrBLGdi0 FsR7lSl7yWcn6ma548UUdcArkFBHC509r4BWng5CRv4rzDP2l5Vosbx/FnX4EtjAWcIe9NvxdAIiuw== X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.4 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.2 Subject: Re: [ptxdist] [PATCH] pkcs11-provider: new package X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false On Wed, Jan 08, 2025 at 11:27:50AM +0100, Rouven Czerwinski wrote: > Add pkcs11-provider as a new package to support PKCS11 in openssl. > Providers are the new interface for openssl to support this and replace > the old engine interface. > > Signed-off-by: Rouven Czerwinski > --- > rules/pkcs11-provider.in | 11 +++++++ > rules/pkcs11-provider.make | 59 ++++++++++++++++++++++++++++++++++++++ > 2 files changed, 70 insertions(+) > create mode 100644 rules/pkcs11-provider.in > create mode 100644 rules/pkcs11-provider.make > > diff --git a/rules/pkcs11-provider.in b/rules/pkcs11-provider.in > new file mode 100644 > index 000000000..5f4d920ac > --- /dev/null > +++ b/rules/pkcs11-provider.in > @@ -0,0 +1,11 @@ > +## SECTION=security > + > +config PKCS11_PROVIDER > + tristate > + select OPENSSL > + select HOST_MESON > + default y if ALLYES > + prompt "PKCS11 Provider " > + help > + A pkcs#11 provider for OpenSSL 3.0+. This will require adjustments > + to the openssl configuration file. > diff --git a/rules/pkcs11-provider.make b/rules/pkcs11-provider.make > new file mode 100644 > index 000000000..61a1d2940 > --- /dev/null > +++ b/rules/pkcs11-provider.make > @@ -0,0 +1,59 @@ > +# -*-makefile-*- > +# > +# Copyright (C) 2024 by Rouven Czerwinski > +# > +# For further information about the PTXdist project and license conditions > +# see the README file. > +# > + > +# > +# We provide this package > +# > +PACKAGES-$(PTXCONF_PKCS11_PROVIDER) += pkcs11-provider > + > +# > +# Paths and names > +# > +PKCS11_PROVIDER_VERSION := 0.6 > +PKCS11_PROVIDER_MD5 := 7e5dc3c81d12c4670615dbd9a7342248 > +PKCS11_PROVIDER := pkcs11-provider-$(PKCS11_PROVIDER_VERSION) > +PKCS11_PROVIDER_SUFFIX := tar.xz > +PKCS11_PROVIDER_URL := https://github.com/latchset/pkcs11-provider/releases/download/v$(PKCS11_PROVIDER_VERSION)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX) > +PKCS11_PROVIDER_SOURCE := $(SRCDIR)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX) > +PKCS11_PROVIDER_DIR := $(BUILDDIR)/$(PKCS11_PROVIDER) > +PKCS11_PROVIDER_LICENSE := Apache-2.0 > +PKCS11_PROVIDER_LICENSE_FILES := file://LICENSES/Apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 > + > +# ---------------------------------------------------------------------------- > +# Prepare > +# ---------------------------------------------------------------------------- > +PKCS11_PROVIDER_CONF_ENV := \ > + PTXDIST_PKG_CONFIG_VAR_NO_SYSROOT=modulesdir > + > +# > +# meson > +# > +PKCS11_PROVIDER_CONF_TOOL := meson > +PKCS11_PROVIDER_CONF_OPT := \ > + $(CROSS_MESON_USR) \ extra backslash -----------^ > +# ---------------------------------------------------------------------------- > +# Target-Install > +# ---------------------------------------------------------------------------- > + > +$(STATEDIR)/pkcs11-provider.targetinstall: > + @$(call targetinfo) > + > + @$(call install_init, pkcs11-provider) > + @$(call install_fixup, pkcs11-provider,PRIORITY,optional) > + @$(call install_fixup, pkcs11-provider,SECTION,base) > + @$(call install_fixup, pkcs11-provider,AUTHOR,"Rouven Czerwinski ") > + @$(call install_fixup, pkcs11-provider,DESCRIPTION,missing) > + > + @$(call install_copy, pkcs11-provider, 0, 0, 0755, -, /usr/lib/ossl-modules/pkcs11.so) > + > + @$(call install_finish, pkcs11-provider) > + > + @$(call touch) > + > +# vim: syntax=make > -- > 2.39.5 >