Message ID | 20231219155119.3859157-1-niko.mauno@vaisala.com |
---|---|
State | New |
Headers | show |
Series | [meta-oe] pkcs11-provider: Add recipe | expand |
Niko Mauno via lists.openembedded.org <niko.mauno= vaisala.com@lists.openembedded.org> escreveu no dia terça, 19/12/2023 à(s) 15:51: > From: Niko Mauno <niko.mauno@vaisala.com> > > Starting with version 3.0 the OpenSSL project introduced a new modular > system to extend OpenSSL that replaces the deprecated Engine modules. > > Providers are loaded via configuration directives in the openssl > configuration file (or directly loaded by applications). > > The pkcs11 provider allows applications linked to openssl to use keys > and cryptographic operations from a hardware or software token via > their PKCS #11 driver and the use of PCKS #11 URIs. > > The pkcs11 provider can be configured to be automatically loaded via > openssl.cnf > > For more details, visit > > https://github.com/latchset/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md > > Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> > --- > .../pkcs11-provider/pkcs11-provider_git.bb | 29 +++++++++++++++++++ > 1 file changed, 29 insertions(+) > create mode 100644 meta-oe/recipes-support/pkcs11-provider/ > pkcs11-provider_git.bb > > diff --git a/meta-oe/recipes-support/pkcs11-provider/ > pkcs11-provider_git.bb b/meta-oe/recipes-support/pkcs11-provider/ > pkcs11-provider_git.bb > new file mode 100644 > index 000000000..12c0f5fae > --- /dev/null > +++ b/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb > @@ -0,0 +1,29 @@ > +SUMMARY = "An OpenSSL provider that allows direct interfacing with pkcs11 > drivers" > +DESCRIPTION = "\ > +This is an Openssl 3.x provider to access Hardware or Software Tokens > using \ > +the PKCS#11 Cryptographic Token Interface\ > +\ > +This code targets version 3.1 of the interface but should be backwards \ > +compatible to previous versions as well.\ > +" > +HOMEPAGE = "https://github.com/latchset/pkcs11-provider" > +SECTION = "libs" > +LICENSE = "Apache-2.0" > +LIC_FILES_CHKSUM = "file://COPYING;md5=b53b787444a60266932bd270d1cf2d45" > +DEPENDS = "\ > + autoconf-archive \ > + openssl \ > + p11-kit \ > +" > + > +SRCREV = "e2abc4a7ae33159f2fb21b9d87a05ea9e79ef584" > +PV = "0.2+gitr${SRCPV}" > +PKGV = "0.2+gitr${GITPKGV}" > + > +SRC_URI = "git:// > github.com/latchset/${BPN}.git;branch=main;protocol=https > <http://github.com/latchset/$%7BBPN%7D.git;branch=main;protocol=https>" > + > +S = "${WORKDIR}/git" > + > +inherit autotools gitpkgv pkgconfig > Hi Niko, Can the gitpkgv be removed and used with a bbappend on a custom layer? This is not strictly necessary for the package and looks more aligned with the product. Jose > + > +FILES:${PN} += "${libdir}/ossl-modules/pkcs11.so" > -- > 2.39.2 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#107634): > https://lists.openembedded.org/g/openembedded-devel/message/107634 > Mute This Topic: https://lists.openembedded.org/mt/103264418/5052612 > Group Owner: openembedded-devel+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [ > quaresma.jose@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
On 19.12.2023 18.05, Jose Quaresma via lists.openembedded.org wrote: > Hi Niko, > > Can the gitpkgv be removed and used with a bbappend on a custom layer? > This is not strictly necessary for the package and looks more > aligned with the product. > > Jose Hi Jose, certainly, I have now submitted v2 which omits gitpkgv usage. On related note, I have so far assumed using gitpkgv makes sense as it helps to avoid non-deterministic package versioning for recipes that bump SRCREV value without changing the base version. So I assume this is not considered an issue from the Yocto project perspective. Kind regards, Niko
diff --git a/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb b/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb new file mode 100644 index 000000000..12c0f5fae --- /dev/null +++ b/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb @@ -0,0 +1,29 @@ +SUMMARY = "An OpenSSL provider that allows direct interfacing with pkcs11 drivers" +DESCRIPTION = "\ +This is an Openssl 3.x provider to access Hardware or Software Tokens using \ +the PKCS#11 Cryptographic Token Interface\ +\ +This code targets version 3.1 of the interface but should be backwards \ +compatible to previous versions as well.\ +" +HOMEPAGE = "https://github.com/latchset/pkcs11-provider" +SECTION = "libs" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=b53b787444a60266932bd270d1cf2d45" +DEPENDS = "\ + autoconf-archive \ + openssl \ + p11-kit \ +" + +SRCREV = "e2abc4a7ae33159f2fb21b9d87a05ea9e79ef584" +PV = "0.2+gitr${SRCPV}" +PKGV = "0.2+gitr${GITPKGV}" + +SRC_URI = "git://github.com/latchset/${BPN}.git;branch=main;protocol=https" + +S = "${WORKDIR}/git" + +inherit autotools gitpkgv pkgconfig + +FILES:${PN} += "${libdir}/ossl-modules/pkcs11.so"