From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 10 Jan 2025 09:57:33 +0100 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tWAph-000J0L-0Y for lore@lore.pengutronix.de; Fri, 10 Jan 2025 09:57:33 +0100 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1tWAph-0005fO-IQ; Fri, 10 Jan 2025 09:57:33 +0100 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1tWApU-0005f3-6a; Fri, 10 Jan 2025 09:57:20 +0100 Received: from dude05.red.stw.pengutronix.de ([2a0a:edc0:0:1101:1d::54]) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1tWApT-00083w-2l; Fri, 10 Jan 2025 09:57:19 +0100 Received: from mol by dude05.red.stw.pengutronix.de with local (Exim 4.96) (envelope-from ) id 1tWApT-002h3J-2b; Fri, 10 Jan 2025 09:57:19 +0100 Date: Fri, 10 Jan 2025 09:57:19 +0100 From: Michael Olbrich To: Ladislav Michl Message-ID: References: <20250108102750.4051249-1-r.czerwinski@pengutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Sent-From: Pengutronix Hildesheim X-URL: http://www.pengutronix.de/ X-IRC: #ptxdist @freenode X-Accept-Language: de,en X-Accept-Content-Type: text/plain Subject: Re: [ptxdist] [PATCH] pkcs11-provider: new package X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false On Wed, Jan 08, 2025 at 01:56:48PM +0100, Ladislav Michl wrote: > On Wed, Jan 08, 2025 at 11:27:50AM +0100, Rouven Czerwinski wrote: > > Add pkcs11-provider as a new package to support PKCS11 in openssl. > > Providers are the new interface for openssl to support this and replace > > the old engine interface. > > > > Signed-off-by: Rouven Czerwinski > > --- > > rules/pkcs11-provider.in | 11 +++++++ > > rules/pkcs11-provider.make | 59 ++++++++++++++++++++++++++++++++++++++ > > 2 files changed, 70 insertions(+) > > create mode 100644 rules/pkcs11-provider.in > > create mode 100644 rules/pkcs11-provider.make > > > > diff --git a/rules/pkcs11-provider.in b/rules/pkcs11-provider.in > > new file mode 100644 > > index 000000000..5f4d920ac > > --- /dev/null > > +++ b/rules/pkcs11-provider.in > > @@ -0,0 +1,11 @@ > > +## SECTION=security > > + > > +config PKCS11_PROVIDER > > + tristate > > + select OPENSSL > > + select HOST_MESON > > + default y if ALLYES > > + prompt "PKCS11 Provider " > > + help > > + A pkcs#11 provider for OpenSSL 3.0+. This will require adjustments > > + to the openssl configuration file. > > diff --git a/rules/pkcs11-provider.make b/rules/pkcs11-provider.make > > new file mode 100644 > > index 000000000..61a1d2940 > > --- /dev/null > > +++ b/rules/pkcs11-provider.make > > @@ -0,0 +1,59 @@ > > +# -*-makefile-*- > > +# > > +# Copyright (C) 2024 by Rouven Czerwinski > > +# > > +# For further information about the PTXdist project and license conditions > > +# see the README file. > > +# > > + > > +# > > +# We provide this package > > +# > > +PACKAGES-$(PTXCONF_PKCS11_PROVIDER) += pkcs11-provider > > + > > +# > > +# Paths and names > > +# > > +PKCS11_PROVIDER_VERSION := 0.6 > > +PKCS11_PROVIDER_MD5 := 7e5dc3c81d12c4670615dbd9a7342248 > > +PKCS11_PROVIDER := pkcs11-provider-$(PKCS11_PROVIDER_VERSION) > > +PKCS11_PROVIDER_SUFFIX := tar.xz > > +PKCS11_PROVIDER_URL := https://github.com/latchset/pkcs11-provider/releases/download/v$(PKCS11_PROVIDER_VERSION)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX) > > +PKCS11_PROVIDER_SOURCE := $(SRCDIR)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX) > > +PKCS11_PROVIDER_DIR := $(BUILDDIR)/$(PKCS11_PROVIDER) > > +PKCS11_PROVIDER_LICENSE := Apache-2.0 > > +PKCS11_PROVIDER_LICENSE_FILES := file://LICENSES/Apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 > > + > > +# ---------------------------------------------------------------------------- > > +# Prepare > > +# ---------------------------------------------------------------------------- > > +PKCS11_PROVIDER_CONF_ENV := \ > > + PTXDIST_PKG_CONFIG_VAR_NO_SYSROOT=modulesdir > > + > > +# > > +# meson > > +# > > +PKCS11_PROVIDER_CONF_TOOL := meson > > +PKCS11_PROVIDER_CONF_OPT := \ > > + $(CROSS_MESON_USR) \ > extra backslash -----------^ Good catch. I does not hurt in this case, but I'll remove it while applying the patch. Michael > > +# ---------------------------------------------------------------------------- > > +# Target-Install > > +# ---------------------------------------------------------------------------- > > + > > +$(STATEDIR)/pkcs11-provider.targetinstall: > > + @$(call targetinfo) > > + > > + @$(call install_init, pkcs11-provider) > > + @$(call install_fixup, pkcs11-provider,PRIORITY,optional) > > + @$(call install_fixup, pkcs11-provider,SECTION,base) > > + @$(call install_fixup, pkcs11-provider,AUTHOR,"Rouven Czerwinski ") > > + @$(call install_fixup, pkcs11-provider,DESCRIPTION,missing) > > + > > + @$(call install_copy, pkcs11-provider, 0, 0, 0755, -, /usr/lib/ossl-modules/pkcs11.so) > > + > > + @$(call install_finish, pkcs11-provider) > > + > > + @$(call touch) > > + > > +# vim: syntax=make > > -- > > 2.39.5 > > > > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |