From: Michael Olbrich <m.olbrich@pengutronix.de>
To: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Cc: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH] softhsm: add target package
Date: Mon, 13 Jan 2025 11:51:47 +0100 [thread overview]
Message-ID: <Z4TwQ7bfGa7I9WDc@pengutronix.de> (raw)
In-Reply-To: <20250108102408.4041769-1-r.czerwinski@pengutronix.de>
On Wed, Jan 08, 2025 at 11:24:09AM +0100, Rouven Czerwinski wrote:
> We had softhsm as a host-package, add it as a target package. This is
> useful to provide a development pkcs11 environment. Also remove the
> duplicate SOFTHSM definitions from the host package.
>
> Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
> ---
> rules/host-softhsm.make | 13 -------
> rules/softhsm.in | 20 +++++++++++
> rules/softhsm.make | 76 +++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 96 insertions(+), 13 deletions(-)
> create mode 100644 rules/softhsm.in
> create mode 100644 rules/softhsm.make
>
> diff --git a/rules/host-softhsm.make b/rules/host-softhsm.make
> index b352f8162..67d9c5ab8 100644
> --- a/rules/host-softhsm.make
> +++ b/rules/host-softhsm.make
> @@ -11,19 +11,6 @@
> #
> HOST_PACKAGES-$(PTXCONF_HOST_SOFTHSM) += host-softhsm
>
> -#
> -# Paths and names
> -#
> -HOST_SOFTHSM_VERSION := 2.6.1
> -HOST_SOFTHSM_MD5 := 040b93ca327cbe0a3a8661e7c371ab16
> -HOST_SOFTHSM := softhsm-$(HOST_SOFTHSM_VERSION)
> -HOST_SOFTHSM_SUFFIX := tar.gz
> -HOST_SOFTHSM_URL := https://dist.opendnssec.org/source/$(HOST_SOFTHSM).$(HOST_SOFTHSM_SUFFIX)
> -HOST_SOFTHSM_SOURCE := $(SRCDIR)/$(HOST_SOFTHSM).$(HOST_SOFTHSM_SUFFIX)
> -HOST_SOFTHSM_DIR := $(HOST_BUILDDIR)/$(HOST_SOFTHSM)
> -HOST_SOFTHSM_LICENSE := BSD-2-Clause
> -HOST_SOFTHSM_LICENSE_FILES := file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210
> -
> # ----------------------------------------------------------------------------
> # Prepare
> # ----------------------------------------------------------------------------
> diff --git a/rules/softhsm.in b/rules/softhsm.in
> new file mode 100644
> index 000000000..953d8868e
> --- /dev/null
> +++ b/rules/softhsm.in
> @@ -0,0 +1,20 @@
> +## SECTION=security
> +
> +config SOFTHSM
> + tristate
> + select OPENSSL
> + select SQLITE
> + default y if ALLYES
> + prompt "SoftHSMv2 "
> + help
> + SoftHSM emulates an HSM (e.g. Hardware Security Module) device and
> + provides the regular API to be work in conjunction with PKCS#11.
> + https://www.opendnssec.org/download/
> +
> +if SOFTHSM
> +
> +config SOFTHSM_P11_KIT
> + bool
> + default P11_KIT
Indent with tabs.
> +
> +endif
> diff --git a/rules/softhsm.make b/rules/softhsm.make
> new file mode 100644
> index 000000000..93c5e6c79
> --- /dev/null
> +++ b/rules/softhsm.make
> @@ -0,0 +1,76 @@
> +# -*-makefile-*-
> +#
> +# Copyright (C) 2018 by Juergen Borleis <jbe@pengutronix.de>
> +#
> +# For further information about the PTXdist project and license conditions
> +# see the README file.
> +#
> +
> +#
> +# We provide this package
> +#
> +PACKAGES-$(PTXCONF_SOFTHSM) += softhsm
> +
> +#
> +# Paths and names
> +#
> +SOFTHSM_VERSION := 2.6.1
> +SOFTHSM_MD5 := 040b93ca327cbe0a3a8661e7c371ab16
> +SOFTHSM := softhsm-$(SOFTHSM_VERSION)
> +SOFTHSM_SUFFIX := tar.gz
> +SOFTHSM_URL := https://dist.opendnssec.org/source/$(SOFTHSM).$(SOFTHSM_SUFFIX)
> +SOFTHSM_SOURCE := $(SRCDIR)/$(SOFTHSM).$(SOFTHSM_SUFFIX)
> +SOFTHSM_DIR := $(BUILDDIR)/$(SOFTHSM)
> +SOFTHSM_LICENSE := BSD-2-Clause
> +SOFTHSM_LICENSE_FILES := file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210
> +
> +# ----------------------------------------------------------------------------
> +# Prepare
> +# ----------------------------------------------------------------------------
> +
> +#
> +# autoconf
> +#
> +SOFTHSM_CONF_TOOL := autoconf
> +SOFTHSM_CONF_OPT := \
> + $(CROSS_AUTOCONF_USR) \
> + --disable-non-paged-memory \
> + --disable-gost \
> + --with-crypto-backend=openssl \
> + --with-objectstore-backend-db \
> + --with-migrate \
> + --with-sqlite3=$(SYSROOT)/usr \
> + --$(call ptx/endis, PTXCONF_SOFTHSM_P11_KIT)-p11-kit \
> + --with-p11-kit=/usr/share/p11-kit/modules
> +
> +SOFTHSM_CPPFLAGS := \
> + -DDEBUG_LOG_STDERR=1
> +
> +$(STATEDIR)/softhsm.targetinstall:
> + @$(call targetinfo)
> +
> + @$(call install_init, softhsm)
> + @$(call install_fixup, softhsm,PRIORITY,optional)
> + @$(call install_fixup, softhsm,SECTION,base)
> + @$(call install_fixup, softhsm,AUTHOR,"Rouven Czerwinski <r.czerwinski@pengutronix.de>")
> + @$(call install_fixup, softhsm,DESCRIPTION,missing)
> +
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-dump-db)
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-dump-file)
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-keyconv)
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/bin/softhsm2-util)
> +
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/lib/softhsm/libsofthsm2.so)
> +
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /etc/softhsm2.conf)
0644 not 0755 right?
> +
> +ifdef PTXCONF_SOFTHSM_P11_KIT
> + @$(call install_copy, softhsm, 0, 0, 0755, -, /usr/share/p11-kit/modules/softhsm2.module)
Same here.
Michael
> +endif
> +
> + @$(call install_finish, softhsm)
> +
> + @$(call touch)
> +
> +# vim: syntax=make
> +# vim: syntax=make
> --
> 2.39.5
>
>
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
prev parent reply other threads:[~2025-01-13 10:52 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-08 10:24 Rouven Czerwinski
2025-01-13 10:51 ` Michael Olbrich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z4TwQ7bfGa7I9WDc@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=ptxdist@pengutronix.de \
--cc=r.czerwinski@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox