On Wed, Jan 08, 2025 at 01:56:48PM +0100, Ladislav Michl wrote: > On Wed, Jan 08, 2025 at 11:27:50AM +0100, Rouven Czerwinski wrote: > > Add pkcs11-provider as a new package to support PKCS11 in openssl. > > Providers are the new interface for openssl to support this and replace > > the old engine interface. > > > > Signed-off-by: Rouven Czerwinski <[email protected]> > > --- > > rules/pkcs11-provider.in | 11 +++++++ > > rules/pkcs11-provider.make | 59 ++++++++++++++++++++++++++++++++++++++ > > 2 files changed, 70 insertions(+) > > create mode 100644 rules/pkcs11-provider.in > > create mode 100644 rules/pkcs11-provider.make > > > > diff --git a/rules/pkcs11-provider.in b/rules/pkcs11-provider.in > > new file mode 100644 > > index 000000000..5f4d920ac > > --- /dev/null > > +++ b/rules/pkcs11-provider.in > > @@ -0,0 +1,11 @@ > > +## SECTION=security > > + > > +config PKCS11_PROVIDER > > + tristate > > + select OPENSSL > > + select HOST_MESON > > + default y if ALLYES > > + prompt "PKCS11 Provider " > > + help > > + A pkcs#11 provider for OpenSSL 3.0+. This will require adjustments > > + to the openssl configuration file. > > diff --git a/rules/pkcs11-provider.make b/rules/pkcs11-provider.make > > new file mode 100644 > > index 000000000..61a1d2940 > > --- /dev/null > > +++ b/rules/pkcs11-provider.make > > @@ -0,0 +1,59 @@ > > +# -*-makefile-*- > > +# > > +# Copyright (C) 2024 by Rouven Czerwinski <[email protected]> > > +# > > +# For further information about the PTXdist project and license conditions > > +# see the README file. > > +# > > + > > +# > > +# We provide this package > > +# > > +PACKAGES-$(PTXCONF_PKCS11_PROVIDER) += pkcs11-provider > > + > > +# > > +# Paths and names > > +# > > +PKCS11_PROVIDER_VERSION := 0.6 > > +PKCS11_PROVIDER_MD5 := 7e5dc3c81d12c4670615dbd9a7342248 > > +PKCS11_PROVIDER := pkcs11-provider-$(PKCS11_PROVIDER_VERSION) > > +PKCS11_PROVIDER_SUFFIX := tar.xz > > +PKCS11_PROVIDER_URL := > > https://github.com/latchset/pkcs11-provider/releases/download/v$(PKCS11_PROVIDER_VERSION)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX) > > +PKCS11_PROVIDER_SOURCE := > > $(SRCDIR)/$(PKCS11_PROVIDER).$(PKCS11_PROVIDER_SUFFIX) > > +PKCS11_PROVIDER_DIR := $(BUILDDIR)/$(PKCS11_PROVIDER) > > +PKCS11_PROVIDER_LICENSE := Apache-2.0 > > +PKCS11_PROVIDER_LICENSE_FILES := > > file://LICENSES/Apache-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 > > + > > +# > > ---------------------------------------------------------------------------- > > +# Prepare > > +# > > ---------------------------------------------------------------------------- > > +PKCS11_PROVIDER_CONF_ENV := \ > > + PTXDIST_PKG_CONFIG_VAR_NO_SYSROOT=modulesdir > > + > > +# > > +# meson > > +# > > +PKCS11_PROVIDER_CONF_TOOL := meson > > +PKCS11_PROVIDER_CONF_OPT := \ > > + $(CROSS_MESON_USR) \ > extra backslash -----------^
Good catch. I does not hurt in this case, but I'll remove it while applying the patch. Michael > > +# > > ---------------------------------------------------------------------------- > > +# Target-Install > > +# > > ---------------------------------------------------------------------------- > > + > > +$(STATEDIR)/pkcs11-provider.targetinstall: > > + @$(call targetinfo) > > + > > + @$(call install_init, pkcs11-provider) > > + @$(call install_fixup, pkcs11-provider,PRIORITY,optional) > > + @$(call install_fixup, pkcs11-provider,SECTION,base) > > + @$(call install_fixup, pkcs11-provider,AUTHOR,"Rouven Czerwinski > > <[email protected]>") > > + @$(call install_fixup, pkcs11-provider,DESCRIPTION,missing) > > + > > + @$(call install_copy, pkcs11-provider, 0, 0, 0755, -, > > /usr/lib/ossl-modules/pkcs11.so) > > + > > + @$(call install_finish, pkcs11-provider) > > + > > + @$(call touch) > > + > > +# vim: syntax=make > > -- > > 2.39.5 > > > > -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
