commit 30f428de5e750933fb26e75e3069d786bf05f41a5fac6a88926f3f6a5ed201c9 Author: Adrian Schröter Date: Tue Oct 1 08:46:46 2024 +0200 Sync from SUSE:SLFO:Main libp11 revision c4769ee71e5e8b4ec03c5db6f84cb0c9 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..918743f --- /dev/null +++ b/baselibs.conf @@ -0,0 +1 @@ +libp11-3 diff --git a/libp11-0.4.12.tar.gz b/libp11-0.4.12.tar.gz new file mode 100644 index 0000000..85ecc72 --- /dev/null +++ b/libp11-0.4.12.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1e1a2533b3fcc45fde4da64c9c00261b1047f14c3f911377ebd1b147b3321cfd +size 516414 diff --git a/libp11-0.4.12.tar.gz.asc b/libp11-0.4.12.tar.gz.asc new file mode 100644 index 0000000..9989632 --- /dev/null +++ b/libp11-0.4.12.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEK8fk5n48wMG+py+MLvx/8NQW4BQFAmLs03oACgkQLvx/8NQW +4BRLfw//RpRc/93cRtlekgf7VwwtO+5MaO3/4umfpkb5jRXq5zOYPGjIBzzZibRS +pX1y9nnG7pDx65EdyEOM/kI8HcZp4Jkn8PQ0UqT0Ozwm1JrMfGCeRadrYvg2mQY6 +5fHQ7SCub/eofeB9NNN0nHkW28B2r1Y/x728BSbuBixqq9+ZzKPzzah+VgDp+NQ1 +SZ8ummmeZ+kyp3o5FOtrKjBPqo5VzWzucTiq5dH/QYeHl7YcuL/QSgpR0r+G9ei5 +3tirwtxstWHMNFChquI+OLqe2++I+Cq5/Gcz9C/BKKHd00CWWRH4rZrStl8q8kM8 +tIVTIH7Rcf4h4isGBl70TIOIGtxY/9IYLRhoL4aCwy0DtNKYWF5G7zSN5JN/2xvC +4CFe3Th7sEY65Z8aimwi6/wRi6lQ/sUWcQ/wUJLWL6XepMcgFLogZYgC67sidvyV +GFlZt4w8PvclfLw4wMZB6u4TkWIKu1uMl00d0rWXNaQWeYgF9aQqHMWMzi0FQzpf +J4rOcR+knBP1XvtbaAfFdm5q+HFy3HWXNsftMEGbehxy2M1sRBT9tOQv/R4pNtkP +7oWD7bKHa1kvy5qqiCB9zNQpN2LJKM/kCANQAqmQno1S8ktDYqqd08+U5966Qgis +UOs/+sOXykEMW+0NmNCA3rQ1ZZ3F9doSsaWBqzZVaEeE6WBEeWk= +=WqLA +-----END PGP SIGNATURE----- diff --git a/libp11-configure-treat-all-openssl-3.x-releases-the-same.patch b/libp11-configure-treat-all-openssl-3.x-releases-the-same.patch new file mode 100644 index 0000000..2c17356 --- /dev/null +++ b/libp11-configure-treat-all-openssl-3.x-releases-the-same.patch @@ -0,0 +1,25 @@ +From 74497e0fa5b69b15790d6697e1ebce13af842d4c Mon Sep 17 00:00:00 2001 +From: Mike Gilbert +Date: Thu, 13 Jul 2023 13:52:54 -0400 +Subject: [PATCH] configure: treat all openssl-3.x releases the same + +OpenSSL's soversion will not change for any 3.x minor release. + +https://www.openssl.org/policies/general/versioning-policy.html +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index b96979d9..c344e84a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -33,7 +33,7 @@ AC_C_BIGENDIAN + # issues with applications linking to new openssl, old libp11, and vice versa + case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \ + $PKG_CONFIG --modversion openssl`" in +- 3.1.*|3.0.*) # Predicted engines directory prefix for OpenSSL 3.x ++ 3.*) # Predicted engines directory prefix for OpenSSL 3.x + LIBP11_LT_OLDEST="3" + debian_ssl_prefix="openssl-3.0.0";; + 1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x diff --git a/libp11-openssl-3.1.patch b/libp11-openssl-3.1.patch new file mode 100644 index 0000000..ffea110 --- /dev/null +++ b/libp11-openssl-3.1.patch @@ -0,0 +1,13 @@ +Index: libp11-0.4.12/configure.ac +=================================================================== +--- libp11-0.4.12.orig/configure.ac ++++ libp11-0.4.12/configure.ac +@@ -33,7 +33,7 @@ AC_C_BIGENDIAN + # issues with applications linking to new openssl, old libp11, and vice versa + case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \ + $PKG_CONFIG --modversion openssl`" in +- 3.0.*) # Predicted engines directory prefix for OpenSSL 3.x ++ 3.1.*|3.0.*) # Predicted engines directory prefix for OpenSSL 3.x + LIBP11_LT_OLDEST="3" + debian_ssl_prefix="openssl-3.0.0";; + 1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x diff --git a/libp11-rpmlintrc b/libp11-rpmlintrc new file mode 100644 index 0000000..cbe3c02 --- /dev/null +++ b/libp11-rpmlintrc @@ -0,0 +1,2 @@ +# Check is poorly written, it apparently depends on libp11-1. +addFilter("no-dependency-on") diff --git a/libp11.changes b/libp11.changes new file mode 100644 index 0000000..83e2980 --- /dev/null +++ b/libp11.changes @@ -0,0 +1,263 @@ +------------------------------------------------------------------- +Fri Jan 19 10:43:16 UTC 2024 - Otto Hollmann + +- Add support for OpenSSL 3.x: + Add libp11-configure-treat-all-openssl-3.x-releases-the-same.patch + +------------------------------------------------------------------- +Wed Sep 27 09:58:37 UTC 2023 - Otto Hollmann + +- Replace openssl-ibmpkcs11 with openssl-engine-libp11 (jsc#PED-3327) + Add Obsoletes: openssl-ibmpkcs11 <= 1.0.1 + and Provides: openssl-ibmpkcs11 = 1.0.1 + +------------------------------------------------------------------- +Tue Jun 6 12:24:11 UTC 2023 - Dominique Leuenberger + +- Add support for openSSL 3.1: + + Add libp11-openssl-3.1.patch: handle openSSL 3.1 the same as 3.0 + + Add libtool BuildRequires and call autoreconf: abobe patch + touches the build system. + + Add baselibs.conf + +------------------------------------------------------------------- +Mon Feb 6 10:41:29 UTC 2023 - Dominique Leuenberger + +- Fix build against openSSL 3. + +------------------------------------------------------------------- +Mon Oct 17 01:22:26 UTC 2022 - Jason Sikes + +- Update to 0.4.12: + * Fixed using an explicitly provided PIN regardless of the secure login flag (Alon Bar-Lev) + * Fixed RSA_PKCS1_PADDING handling (Michał Trojnara) + * Fixed a crash on LLP64, including 64-bit Windows (Małgorzata Olszówka) + * Fixed searching objects when both ID and label are specified (minfrin) + * Fixed the OAEP "source" parameter (S-P Chan) + * Fixed object searching by label (Michał Trojnara) + * Fixed thread safety in slot enumeration (Michał Trojnara) + * Fixed storing certificates on tokens (Mateusz Kwiatkowski) + * Fixed several memory leaks (Michał Trojnara, Jakub Jelen, Timo Teräs) + * Fixed OpenSSL 3.0 compatibility (Jakub Jelen) + * Fixed LibreSSL compatibility (orbea, patchMonkey156) + * Major concurrency improvements and refactoring (Timo Teräs) + * Added re-numeration of slots as an engine control command (Markus Koetter) + * Added the PKCS11_update_slots() API function (Timo Teräs) + * Added support for the SHA3 hash function (alegon01) + * Added a self-test for engine RSA operations (Uri Blumenthal) + +------------------------------------------------------------------- +Thu Nov 26 12:00:19 UTC 2020 - Dirk Mueller + +- update to 0.4.11: + * Fixed "EVP_PKEY_derive:buffer too small" EC errors (Luka Logar) + * Fixed various memory leaks (Mateusz Kwiatkowski) + * Fixed Windows VERSIONINFO (Pavol Misik) + * Fixed builds with OpenSSL older than 1.0.2 (Michał Trojnara) + * Fixed a double free in EVP_PKEY_meth_free() (Mikhail Durnev) + * Added CKA_VALUE_LEN to EC key derivation template (Michał Trojnara) + * Fixed handling keys without label attribute (efternavn) + * Updated the tests (Anderson Toshiyuki Sasaki) + * Made ECDH-derived keys extractable (Bent Bisballe Nyeng) + * Added support for pin-source within PKCS#11 URI (Stanislav Levin) + * Improved LibreSSL compatibility (patchMonkey156) + * Fixed handling RSA private keys in BIND (Stanislav Levin) + * Added macOS testing support (Stanislav Levin) + * Fixed engine object search algorithm (Anderson Toshiyuki Sasaki) + +------------------------------------------------------------------- +Tue Oct 22 04:23:31 UTC 2019 - Jason Sikes + +- Update to version 0.4.10: + + * Added EC signing through EVP API + * Added an empty EC private key required by OpenSSL 1.1.1 + * Stored additional certificate attributes + * Engine allowed to use private keys without a PIN + * Lazy binding used as a workaround for buggy modules + * MinGW build fixes and documentation + * LibreSSL 2.8.3 build fixes + * Error handling fixes + +------------------------------------------------------------------- +Tue Mar 12 16:15:22 UTC 2019 - Marketa Calabkova + +- Add p11-kit-devel to BuildRequires (boo#1122413) + +------------------------------------------------------------------- +Tue Jan 29 22:44:39 UTC 2019 - Stanislav Brabec + +- Update to version 0.4.9: + * Fix EVP_PKEY ENGINE reference count with the EC + EVP_PKEY_METHOD. + * Fix a leak of RSA object in pkcs11_store_key() + * Add atfork checks for RSA and EC_KEY method + * RSA key generation on the token + * PSS signature support + * RSA-OAEP and RSA-PKCS encryption support + * Engine no longer set as default for all methods + * Add PKCS11_remove_key and PKCS11_remove_certificate + * Add PKCS11_find_next_token interface + * Add support for OpenSSL 1.1.1 beta + * Remove support for OpenSSL 0.9.8 + * Case insensitive PKCS#11 URI scheme + * Testing framework improvements + * Coverity scanning and defect fixes + * Backward compatibility for new error handling introduced + in libp11 0.4.7 + * Memory leak fixes + * Add an integer overflow protection + * Several bugfixes + +------------------------------------------------------------------- +Wed Jan 17 11:31:42 UTC 2018 - dimstar@opensuse.org + +- Conditionalize libname to libp11-2 for suse_version < 1500 (using + openssl 1.0) / libp11-3 for suse_version >= 1500 (using + openssl 1.1). +- Create baselibs.conf dynamically, since the library name can be + different. Drop the static baselibs.conf. + +------------------------------------------------------------------- +Wed Jul 19 12:41:16 UTC 2017 - jengelh@inai.de + +- Remove --with-pic which is only for static libs. + +------------------------------------------------------------------- +Mon Jul 17 09:18:06 UTC 2017 - tchvatal@suse.com + +- Version update to 0.4.7: + * Added OpenSSL-style engine error reporting (Michał Trojnara) + * Added the FORCE_LOGIN engine ctrl command (Michał Trojnara) + * Implemented the QUIET engine ctrl command (Michał Trojnara) + * Modified CKU_CONTEXT_SPECIFIC PIN requests to be based + on the CKA_ALWAYS_AUTHENTICATE attribute rather than the + CKR_USER_NOT_LOGGED_IN error (Michał Trojnara) + * Fixed printing hex values (Michał Trojnara) + * Fixed build error with OPENSSL_NO_EC (Kai Kang) + +------------------------------------------------------------------- +Fri Jun 23 14:52:22 UTC 2017 - mpluskal@suse.com + +- Update to verion 0.4.6 + * For full list of changes since version 0.3.0 see NEWS +- Create openssl-engine-libp11 subpackage +- Add gpg signature + +------------------------------------------------------------------- +Wed Dec 2 00:18:59 UTC 2015 - p.drouand@gmail.com + +- Update to version 0.3.0 + * Added small test suite based on softhsm (run on make check) + * Memory leak fixes + * On module initialization tell the module that the OS locking + primitives are OK to use + * Transparently handle applications that fork. That is call C_Initialize() + and reopen any handles if a fork is detected. + * Eliminated any hard coded limits for certificate size + * Added support for ECDSA + * Allow RSA_NO_PADDING padding mode in PKCS11_private_encrypt + * Eliminated several hard-coded limits in parameter sizes. +- Update project and download Urls + +------------------------------------------------------------------- +Tue Sep 25 17:00:26 CEST 2012 - sbrabec@suse.cz + +- Update to version 0.2.8: + * Bumped soname for PKCS11_token struct size changes. + * Display the number of available slots. + * Expose more token flags in PKCS11_token structure. + * Check that private data is not NULL in pkcs11_release_slot. + +------------------------------------------------------------------- +Sun Nov 20 06:13:41 UTC 2011 - coolo@suse.com + +- add libtool as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Tue Jan 11 18:46:59 CET 2011 - sbrabec@suse.cz + +- Updated to version 0.2.7: + * Ignore CKR_CRYPTOKI_ALREADY_INITIALIZED while initializing. + +------------------------------------------------------------------- +Mon Feb 1 11:47:39 UTC 2010 - jengelh@medozas.de + +- Package baselibs.conf + +------------------------------------------------------------------- +Wed Aug 5 14:05:01 CEST 2009 - sbrabec@suse.cz + +- Updated to version 0.2.6: + * Add new symbol to export file. + * Add function to export the slot id. + * Increase library version because of the new function. + +------------------------------------------------------------------- +Wed Apr 8 18:44:53 CEST 2009 - sbrabec@suse.cz + +- Don't call autoreconf on older products. + +------------------------------------------------------------------- +Tue Sep 2 18:04:03 CEST 2008 - sbrabec@suse.cz + +- Call autoreconf to build correctly with new libtool. + +------------------------------------------------------------------- +Tue Sep 2 11:39:55 CEST 2008 - crrodriguez@suse.de + +- fix build, doxygen required. +- kill ".la" files and static libraries +- fix -devel package requires + +------------------------------------------------------------------- +Tue Aug 19 14:53:13 CEST 2008 - sbrabec@suse.cz + +- Updated to version 0.2.4: + * Build system rewritten + * added PKCS11_CTX_init_args + * fix segfault in init_args code + * implemented PKCS11_private_encrypt +- Fixed incorrect API. +- Fixed x86_64 issues. + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Mon Jul 30 00:53:34 CEST 2007 - ro@suse.de + +- provide old name + +------------------------------------------------------------------- +Wed Jul 25 16:40:27 CEST 2007 - sbrabec@suse.cz + +- Updated to version 0.2.3: + * update wiki export script. + * replaced rsa header files from rsalabs (official) with scute + (open source). + * allow CKR_USER_ALREADY_LOGGED_IN on C_Login. + * mark internal functions as static. + * add code to store public keys and generate keys. +- Name package according to shared library packaging policy. + +------------------------------------------------------------------- +Fri Mar 30 01:45:07 CEST 2007 - ro@suse.de + +- added zlib-devel to buildreq + +------------------------------------------------------------------- +Tue Oct 3 17:50:13 CEST 2006 - sbrabec@suse.cz + +- Updated to version 0.2.2: + * bug fixes + * code cleanup + +------------------------------------------------------------------- +Fri May 12 17:17:16 CEST 2006 - sbrabec@suse.cz + +- New SuSE package, version 0.2.1. + diff --git a/libp11.keyring b/libp11.keyring new file mode 100644 index 0000000..ce9addd --- /dev/null +++ b/libp11.keyring @@ -0,0 +1,115 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFTU6YwBEAC6PP7E4J6cRZQsJlFE+o3zdQYo7Mg2sVxDR6K9Cha52wn7P0t0 +hHUd0CSmWyfjmYUy3/7jYjgKe4oiGzeSCVK8b3TiX3ylHi/nW3mixwpDPwFmr5Cf +ce55Ro3TdIeslRGigK8Hl+/l4n9c9z/AiTvcdAEQ34BJhERce4/KFx+/omiaxe7S +fzzU/+52zy+v4FfnclgRQrzrD8sxNag6CQOaQ8lTMczNkBkDlhQTOPYkfNf76PUY +kbWpcH7n9N50nddjEaLf7DPjOETc4OH/g5a99FSEJL7jyEgn+C8RX7RpbbAxCNlX +1231NZoresLmxSulB6fRWLmhJ8pES3sRxE1IfwUfPpUZuTPzwXEFJY6StY5OCVy8 +rNFpkYlEePuVn74XkGbvv7dkkisq4Hp59zfIUaNVRod0Xk2rM8Rx8d5IK801Ywsn +RyzCE02zt3N2O4IdXI1qQ1gMJNyaE/k2Qk8buh8BsKJzZca34WGocHOxz2O5s7FN +Q1pLNpLmuHZIdyvYqcsenLz5EV8X2LztRmJ3Se4ag/XyXPYwS6lXX1YUGVxZpk0E +sQDRdJvYCsGcUy253w+W7Nm/BtjKi6/PJmjEEU7ieHppR9Yp+LI3lyzNBeZAIVqk +4Hco05l4GUKtEDFfOQ58sULDqJWmpH4T72DHeCpfRB0guaPa5TYY7B0umQARAQAB +tCtNaWNoYcWCIFRyb2puYXJhIDxNaWNoYWwuVHJvam5hcmFAbWlydC5uZXQ+iQI4 +BBMBAgAiBQJU1OmMAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCxBIky +3Tqqo4/1D/4w2/uwdzHXLjEfiLKw+aMv4AFOidl5Qhb+PUyWC97yPG1rsCm4ObRY +iAxB3+laCMbzyD/aFKzUNGa6jruk/6/eX4eCaFBqpB71ehpAfLKB+sPAYQoCMDn7 +7qGDzxcXkY25yFShjbAcIsHK7F1ppP3ANJQYfOP5WVBhxpWqvL+7z7BGG7Gvz1q+ +Hud5uPYPDWqQi5Hr7C5pgBTX2ZrPOZ2cMuH/etgdPu9Um3vnUkfLHh+cm0ojt4Nb +GlIZ+FwrrdJa0dOgkqDiNt0hkw5FVW8562lFs+8XyqhHfYtlJ8X+s8m02FaBywtQ +KlmfoTIbqOKDHyaFjZa6lE0e61IRL6oo198IyLt9ulB+XjAmrOU3EkkrXMa7ajHb +nmX59cl5AmHt++9w2J65ACkqE4v6Y7PV/JGdSHH8aMadw6YKBmV1MsQXwN4e66W5 +eAWUNclxfqmiHu/K3e4nXhILKJXVwudeYKjFdGZA2VvjNMagC987D8MUfcTNDjh0 +r9nUc4h8l5ggvF74k/YTxM1dS+v/ByTXbJDyRqoXMdJAFxX7RLj36kimgrjvktWs +6zpL0mOEy3hZV9fg9j4gTzAadnInDWC89d2TU/3yUdH8W/RYb+RaJ6asNc8zW2Oc +hqzoQabPFP+LLAYXi12xUe+IRNWBEakoeAS0H+HCwJ4ZRMCYcNtdBIhKBBARAgAK +BQJU1RaSAwUCeAAKCRD81T6ddMcy0VijAKDekfKc40+78B2Ax2BZWapxJu08uQCf +UbAK5BQ+mC2sOL5U26F9FdZLsTW0Lk1pY2hhxYIgVHJvam5hcmEgPE1pY2hhbC5U +cm9qbmFyYUBzdHVubmVsLm9yZz6JAjgEEwECACIFAlTVDWUCGwMGCwkIBwMCBhUI +AgkKCwQWAgMBAh4BAheAAAoJELEEiTLdOqqjvVMQAJY7fVkg6uScKyCYT3RDTIE9 +gPwIDxoz04s72pVhFH5IpDpUAWf+pYKgb/Pdow5QkkUMyYENNKIZnjeNF5BVzU++ +g1QoVeQPXe+sM0aD4gyv6N5+PL9GQULmt0gA7OXqcxEUfkP8oO2+5dQZ+No302is +LK/lpw5roaKdMUA0dhbv0NK+3R1pMbREWKZVMq0CHyjHEEYZS9n/rRIlPkjenAop +fm3q34tpSBTP/nmnmPfp3KFlOaRfqNXJzOR+MHDL2LaMPyRnXD4RA48bLWEcIdpo +3mS7cGHiGJmuWHydymKk4x44nljvULN78lE7K7eORH/n0u48kttSTA09le4wz4Pg +RjX01YqpYWByyNoXmO5LfrGBuVCh0A5cFlyfMfXhvGVESVY0uEyJv6mIgvQForZy +mmXAn5vNBGTJbOquXnG78B4T99AF15HEvWODh707N6Lg+TPRpyjEiDaZ1HpvfpSk +5Yq8FBhnybhNuxYFGsONzEp66Xs5uyh0WgZO15HGo32CWE136flskB6wbNQ3zp7c +2YKjEJRAxoqWswRVQzBppI5VZg0J/BdJ7jZ0rZmtXimwhgjB+S1OQXrQ3cp4FtOz +v8eFL9Hbb36VAIv3RtwpGK/ZLNy+pHq/vzGducA2bRJf9vozvE0F/yVZfBL1OVH0 +DMDhcLsWo0thMwZXnpOYiEoEEBECAAoFAlTVFpIDBQJ4AAoJEPzVPp10xzLRtFkA +n3XOJUuQUnruzeO2oa4+BJMBsmJLAJ4pc6dtGRcoQrDqUk/vZyliX8Hb0rQvTWlj +aGHFgiBUcm9qbmFyYSA8TWljaGFsLlRyb2puYXJhQG1vYmktY29tLm5ldD6JAjgE +EwECACIFAlTVDTcCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELEEiTLd +OqqjJWQQAK0wdrvHk9DRk0nxOu9V39WtPlRK4fDAXCeexhQ3NJz3mBLBIRo8LfHC +Cz1xfdVGY7BvciIJBDtHQRqYf/J2ZmeV6xsKydqYuXp0SbNLbziWecx3lfTB6naq +rdKVLXP7nBbhmeih1f3wTtHJ5yMxg8sf64CoaqDeccbx46mhIMy8g4m04i8Nz1jq +1s2wFt4ps4LIHsDTxMzNWprJC9fObpBKEdOJytrr2iojOGa7bMgjdlZXCR8QbB64 +3S92hyheKqt6e1zIXcotRf8uigPN0IDG6gl2i+DjUTr2tcRYX/8g/lcFPQtQNPOr +CYF7uc5+gkXZEAeffJKiB0vpY1IZofkHk0rWMZ+WP8ev8cEchhjHzbQ/hoRdLLFs +tBbUXQdaUABD34SaMmyxu/twirYNXYuzcA55jQYBaFN29RV1Wk4b5O5ZFSLrVfCN +Y9++skMfwwSgtFvYyE1F9+V7yFJ0XxM/gI7VMLG1IWzQ1dPUj8drO9pwfO9teykU +Mm9tgmzL6lG86x/ZAJxjnFvrfd25TrT4gcn0Yw5X9mpBHvjjADG7579kelrb6akj +1WlMy4FMwUI5ApuItpywMm0Wqx6dkDKFxNTgM8VrRuQw7rsbCXSyS6TbHz/RHcSA +n0m82WwTPq8FoelaER11TWboUwopmR+jTGfIWv9Y9PrO2L2IpOchiEoEEBECAAoF +AlTVFpIDBQJ4AAoJEPzVPp10xzLRh0kAoKpQzntoEHQwq0Hsjbnx+jKU2gujAJ9Y +xcTGhSfPcCylHN0KLba8h4w0FrkCDQRU1OvDARAA8gIC641dK6ap9W1K3EkqRn0z +6zizdVGr/jvf8xFXeUq+auxixZ0tEY6NM5CBSya5BCK9IGVWmJNbazyWUa4llA6E +vmUxcTeGE7ppQA4Kl1bzvUq5upo+8+0VuqvLC/bVz0DUnFSWJYHAZrPZ+yO0yMq8 +vaGTo5kwKixQ4Ni+N+1EiALKZex1g6UW9d0HAcYEa/lTWhz3J0V1yyY4Vov30gto +o67KkSC/SswZzIR00CQGrz3twlGuB73Sm1YfqDqbY8dQLJeyU0ovIeU95VI5cQF6 +D1H8YdaMWQm6MtVAfIX5WMoH+eq4Ank9hilReGANkIWNSqM21Drdu3crbGIYiZPE +adKfGxwquwvRDTEgD4gjqMvEdxA2W6s4WR36SwMkeOtESj21MiR2YDcbIzIbUh9p +0P8DZGvQcVh45jCgdOcL5th9R076npXHn8FIe2IfAZnX1OnpsKn/YqJ0wNFhGYWx +V/yZA10NbFKFXhD1FGqrOz6lSqmqDz00tXofF432ae+7PzTP9n4cij4k0SYG1l/L +ThnOYL3SNUCG3rCASeWoXmhxCYRGi0Xw3IJrcpVNmNQD+SLLTjVB94AlDjSlx1q0 +V+9ymhGHi51wsBSajMwDexaSI/WM1y9lROwl7eeAD41fPArzTleAqT89akWLevTB +LWvj59mku9vZAW26/1UAEQEAAYkCHwQYAQIACQUCVNTrwwIbDAAKCRCxBIky3Tqq +o2NCEACHJ7e0l8NhS4slfzej1AAXOwL1wDexn6thpgexAyqZLIaibqhIybhSo1LO +L1NY/55ytscbOQL7NliRAXVN6F9lcer+qzxL5JgxzUU6dryapNZYs06u3wfr8ZtS +bvIAON/w89tm9tHxoNUIYZZUZROFBW6fn8RkhboQs0hJFxWfWghOxhS0TXJ8/MZ4 +YcfDy+Ew6LIAym3A1XY+++2VMEHqKcyhU95W5sqAsfO5MkRWa0E9JTS2dWTteNTW +PonywJGX/mSVVMZgOZF6o32Vb9LTnB676YQaPiMlu2qg+vRkRM/zyGjvPx7hilf6 +8CWxZcIHslfp5gJV6RvtlK+muEvIkSmNYyi8hQp1Y5C6uWb9JWt/9ISJ+Xz+n+5n +AHEUzW/LeEDyhjVlS9vOoAAy18r47mQybzJ2q2zOHo9zl3fKOJ2S4SFBKGHuIhPO +xG2CruhxN9U5+RwTDqKECeuCZROMYQLzlmIP2vM/NuFVhQm8iNhbTvEenh4mWD4I +uOHJkqvzKKzAXllosuUK4B0kblh4GaOVmEjaXGw8789rOlQzD5566SgKPDNUtom5 +/eIcy6/UYBoFd7lLltIVSSCA1VUMU4MWJgjwa9gk6MxoNe8dcJ197oQMfhZNjJ80 +S5C+a2al4wrR2vL/3hXhy2M2kG73RLSzxEiVoJsG+hbzNtfIa7kCDQRU1O5ZARAA +1pGrQ1V3YMXF3DzwvA/uWb912pwqUvMAAKvYCDiELIOP07c32+z04N/bOXjiZ2Jb +8AuICj4v92tXAygtf18zxwoU8AOXiuScP3wy1ZprBw8k71dNy0XmEXbiX7tkLoe0 +OzWlCaNTajSXTELT+nYHTOkBsrC4T+y7AwYueQJYUaRkJR/5Tc68UnRSO295pgJd +7EoWWAky3bdH+TKN0MsagCJwa+RrXFGtIKjU0XAKsddTxQKx2SUGF0QVdNZ/14Du +o73btoXtHgB0oxewnsiJp5XKWYm57RSNLv1LKr26iSUtUM1CAIZALuGMAyQXVEo7 +OmzuZmN0yRYM7FSnpG4rIDnDxYhDTaa+xWb738V8uLQDZAVnAuBEhq1RQEDrRM/X +LbibvVBzpd+JI9WneNEp0ehq5sEC6FbKYz0HqVk2SH1Dpb0tgrtxz3c7rPs7vRdm +FMxTuYctSzuqNHpKX+C6rgyAW2sxEKD0ys8OYEa3hvrQFSAznM/j3X8dge1DriHI +Qd/Dt4+LMdPcsQk3vty7pYxZIDRa9hl7ngaesQSZ/7PV/cj7U7qieTr1ulO1Gc5G +cyS2Hu4P9109HX1tBEQvGHpbqe9Lc2d0VKgHVjG9vDLrE1h/qXKbmn0LF1YR4dja +M+sYCfYOO+WzZKUACPdMq3Lid/3oQ71p6eNgu6lQcgEAEQEAAYkEPgQYAQIACQUC +VNTuWQIbAgIpCRCxBIky3Tqqo8FdIAQZAQIABgUCVNTuWQAKCRAu/H/w1BbgFNx6 +EACR7CKB3Mv2lNaRRraVRwjNrumyODqsnX/oe3lad04iCBb9JxGyNyTGF0s6teoa +ocXxIeZ50bF7GuYcnepMGpniMCkE2ymlM6ruFNNTUYC02FsrowKQboC7S5DN2l7l +b4nlgyDX7nOlOMmhTc3D/QsduMyS9H5kjFFKtzLYOwREV/RHI/wQUyTyze8qs/Bx +pT3/HsSJuGZybLSd/fmeM43xghcdfDgKTaGkFkhhW7UWgtOhQtYxr0VD4HEw4C+n +MyksqKAIFMBjJAqtsuWeSgavVrbU8KrzlcJFHSrovZ7Pi0mKMYHGomPstZcZxwr1 +5t3BhDvogMSRscU1mLUigLEGiWxPVxtQlmHTZfMns4Cy04S7jK4Gix0PN4Xi/9rO +cLFCb5zddcLVrqiuT+dt/O/TPKUKHTvLL1gF4Dlypbu8TQWtO7xDSPy7wSdPWUN5 +GBjsxbZfVlWpvvVMmGUuygIl0LkrJLKGxk36AnNpEPqsQ9e9Rsgu5dP9lGPz3igx +E3p+UlhWo5eqJqZwAfEFb+0PQzKSQ6zIFQAf50eSI/pWf+Xp9XOT47d4y8aWzHA7 +T/ja9tbyd+eg71ZOqOFtVP8zFWvmPnoosxrBR7qK/RBY5/PXKhfG10yEYXSjTap4 +dmsy430l8Mcuqo55iixgT5vxZfTeyFjTjHmjuHD1rTTfpXk4D/9GI9cIfrWczhrb +WN8BoP66ImMXpVhZzDt6S5u9dHSNJdqivDzCkktb/psXILvvu3qLmb1nJbsNzN9G +Jm6LoduzCJ4SqaodjhMkNi/Tc95dx0n2cCP2Rh/jvzo7zrqQO09c8at/pFEiF8Lg +Ulc5QaB/GNhXBqJog2yOzUPGKq0OMy/wttW42TCe7V+J8fnn16xfGhnVwmiWRQaq +dCiFDY2IiOHhnRwfJVANrddfuU/AJ8vY8XXzrxI7YZL43V530Wich1VB00XLFU8a +j08FsjdFvR77AAxFU+Cd6sH6yq6jsRXppQ0BOO15aR+wopEvtKwDdRu3TaweC1XM +LLQ4XuN9Ql0bMH0d626uMG2zUfZGO1jNTOS4sUhEqJsImbsL/hgNDKYvfo0wSHPW +mQo9njw7aG8Mey77I3fL1ELj/Tfa86njPpJ/tmFMLV9ntWACcW/c3tojdcP278rT +w/4zk+Sr2Zv+3bP1yjJd0z4B3gYYz2BUYTU7dyiA41Kgk4ZfV1n2NUAxQJYzvEIA +ZcMEWA3rOTb+AjcBVXX89Gk0BEykVmA9G808tbmI+4DUd2c/+d1xeufb43TGOiwK +qwY+Os9iey3FbsnoYuzKPsd5LByJFEudbMB152h95u/NysaM0AjC+yPtlpSLUIaD +UW75VAlQKPWj1Ag5uVpc2ScMEjevQQ== +=+Od7 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/libp11.spec b/libp11.spec new file mode 100644 index 0000000..21b7725 --- /dev/null +++ b/libp11.spec @@ -0,0 +1,154 @@ +# +# spec file for package libp11 +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +# the libname depends on what version openssl it is linked against +%if 0%{?suse_version} < 1500 +# libp11.so.2 for openssl 1.0 - suse_version < 1500 +%define libname libp11-2 +%else +# libp11.so.3 for openssl 1.1 - suse_version >= 1500 +%define libname libp11-3 +%endif +Name: libp11 +Version: 0.4.12 +Release: 0 +Summary: Library Implementing a Small Layer on Top of PKCS#11 API +License: LGPL-2.1-or-later +Group: Productivity/Security +URL: https://github.com/OpenSC/libp11 +Source0: https://github.com/OpenSC/libp11/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz +Source1: https://github.com/OpenSC/libp11/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz.asc +Source2: %{name}.keyring +Source3: %{name}-rpmlintrc +Source4: baselibs.conf +# PATCH-FIX-UPSTREAM +Patch0: libp11-openssl-3.1.patch +# PATCH-FIX-UPSTREAM +Patch1: libp11-configure-treat-all-openssl-3.x-releases-the-same.patch +BuildRequires: fdupes +BuildRequires: libtool +BuildRequires: p11-kit-devel +BuildRequires: pkgconfig +BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(zlib) +# The engine_pkcs11 library has been merged into version 0.4.0 and later. +# (It existed only in security:chipcard OBS repository. +Obsoletes: engine_pkcs11 <= 0.2.2 + +%description +Libp11 is a library implementing a small layer on top of PKCS#11 API to +make using PKCS#11 implementations easier. + +The official name for PKCS#11 is "RSA Security Inc. PKCS #11 +Cryptographic Token Interface (Cryptoki)". + +Libp11 source code includes the official header files (version 2.20) +and thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic +Token Interface (Cryptoki)". + +%package -n %{libname} +Summary: Library Implementing a Small Layer on Top of PKCS#11 API +Group: Productivity/Security + +%description -n %{libname} +Libp11 is a library implementing a small layer on top of PKCS#11 API to +make using PKCS#11 implementations easier. + +The official name for PKCS#11 is "RSA Security Inc. PKCS #11 +Cryptographic Token Interface (Cryptoki)". + +Libp11 source code includes the official header files (version 2.20) +and thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic +Token Interface (Cryptoki)". + +%package -n openssl-engine-%{name} +Summary: Library Implementing a Small Layer on Top of PKCS#11 API +Group: Productivity/Security +# IBM dropped support for the openssl-ibmpkcs11 and will contribute to +# libp11 project instead. (jsc#PED-3327) +Provides: openssl-ibmpkcs11 = 1.0.1 +Obsoletes: openssl-ibmpkcs11 <= 1.0.1 + +%description -n openssl-engine-%{name} +Libp11 is a library implementing a small layer on top of PKCS#11 API to +make using PKCS#11 implementations easier. + +The official name for PKCS#11 is "RSA Security Inc. PKCS #11 +Cryptographic Token Interface (Cryptoki)". + +Libp11 source code includes the official header files (version 2.20) +and thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic +Token Interface (Cryptoki)". + +%package devel +Summary: Library Implementing a Small Layer on Top of PKCS#11 API +Group: Development/Libraries/C and C++ +Requires: %{libname} = %{version} +Requires: openssl-devel + +%description devel +Libp11 is a library implementing a small layer on top of PKCS#11 API to +make using PKCS#11 implementations easier. + +The official name for PKCS#11 is "RSA Security Inc. PKCS #11 +Cryptographic Token Interface (Cryptoki)". + +Libp11 source code include the official header files (version 2.20) and +thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic +Token Interface (Cryptoki)". + +%prep +%autosetup -p1 +# Since the library name changes based on used openssl, we have to create baselibs.conf dynamically +echo %{libname} > %{_sourcedir}/baselibs.conf + +%build +autoreconf -fiv +%configure \ + --disable-static \ + --disable-silent-rules \ + --enable-doc\ + --docdir=%{_docdir}/%{libname} +%make_build + +%install +%make_install +mkdir -p %{buildroot}%{_docdir}/%{name} %{buildroot}%{_docdir}/%{libname} +find %{buildroot} -type f -name "*.la" -delete -print +%fdupes %{buildroot}%{_docdir} + +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig + +%files -n %{libname} +%doc %{_docdir}/%{libname} +%{_libdir}/*.so.* + +%files -n openssl-engine-%{name} +%if 0%{?suse_version} > 1325 +%{_libdir}/engines-* +%else +%{_libdir}/engines +%endif + +%files devel +%{_includedir}/*.h +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc + +%changelog