Sync from SUSE:SLFO:Main libp11 revision c4769ee71e5e8b4ec03c5db6f84cb0c9

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

baselibs.conf

@@ -0,0 +1 @@
+libp11-3

libp11-0.4.12.tar.gz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEK8fk5n48wMG+py+MLvx/8NQW4BQFAmLs03oACgkQLvx/8NQW
+4BRLfw//RpRc/93cRtlekgf7VwwtO+5MaO3/4umfpkb5jRXq5zOYPGjIBzzZibRS
+pX1y9nnG7pDx65EdyEOM/kI8HcZp4Jkn8PQ0UqT0Ozwm1JrMfGCeRadrYvg2mQY6
+5fHQ7SCub/eofeB9NNN0nHkW28B2r1Y/x728BSbuBixqq9+ZzKPzzah+VgDp+NQ1
+SZ8ummmeZ+kyp3o5FOtrKjBPqo5VzWzucTiq5dH/QYeHl7YcuL/QSgpR0r+G9ei5
+3tirwtxstWHMNFChquI+OLqe2++I+Cq5/Gcz9C/BKKHd00CWWRH4rZrStl8q8kM8
+tIVTIH7Rcf4h4isGBl70TIOIGtxY/9IYLRhoL4aCwy0DtNKYWF5G7zSN5JN/2xvC
+4CFe3Th7sEY65Z8aimwi6/wRi6lQ/sUWcQ/wUJLWL6XepMcgFLogZYgC67sidvyV
+GFlZt4w8PvclfLw4wMZB6u4TkWIKu1uMl00d0rWXNaQWeYgF9aQqHMWMzi0FQzpf
+J4rOcR+knBP1XvtbaAfFdm5q+HFy3HWXNsftMEGbehxy2M1sRBT9tOQv/R4pNtkP
+7oWD7bKHa1kvy5qqiCB9zNQpN2LJKM/kCANQAqmQno1S8ktDYqqd08+U5966Qgis
+UOs/+sOXykEMW+0NmNCA3rQ1ZZ3F9doSsaWBqzZVaEeE6WBEeWk=
+=WqLA
+-----END PGP SIGNATURE-----

libp11-configure-treat-all-openssl-3.x-releases-the-same.patch

@@ -0,0 +1,25 @@
+From 74497e0fa5b69b15790d6697e1ebce13af842d4c Mon Sep 17 00:00:00 2001
+From: Mike Gilbert <floppym@gentoo.org>
+Date: Thu, 13 Jul 2023 13:52:54 -0400
+Subject: [PATCH] configure: treat all openssl-3.x releases the same
+
+OpenSSL's soversion will not change for any 3.x minor release.
+
+https://www.openssl.org/policies/general/versioning-policy.html
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index b96979d9..c344e84a 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -33,7 +33,7 @@ AC_C_BIGENDIAN
+ # issues with applications linking to new openssl, old libp11, and vice versa
+ case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \
+ 	$PKG_CONFIG --modversion openssl`" in
+-	3.1.*|3.0.*) # Predicted engines directory prefix for OpenSSL 3.x
++	3.*) # Predicted engines directory prefix for OpenSSL 3.x
+ 	    LIBP11_LT_OLDEST="3"
+ 	    debian_ssl_prefix="openssl-3.0.0";;
+ 	1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x

libp11-openssl-3.1.patch

@@ -0,0 +1,13 @@
+Index: libp11-0.4.12/configure.ac
+===================================================================
+--- libp11-0.4.12.orig/configure.ac
++++ libp11-0.4.12/configure.ac
+@@ -33,7 +33,7 @@ AC_C_BIGENDIAN
+ # issues with applications linking to new openssl, old libp11, and vice versa
+ case "`$PKG_CONFIG --modversion --silence-errors libcrypto || \
+ 	$PKG_CONFIG --modversion openssl`" in
+-	3.0.*) # Predicted engines directory prefix for OpenSSL 3.x
++	3.1.*|3.0.*) # Predicted engines directory prefix for OpenSSL 3.x
+ 	    LIBP11_LT_OLDEST="3"
+ 	    debian_ssl_prefix="openssl-3.0.0";;
+ 	1.1.*) # Predicted engines directory prefix for OpenSSL 1.1.x

libp11-rpmlintrc

@@ -0,0 +1,2 @@
+# Check is poorly written, it apparently depends on libp11-1.
+addFilter("no-dependency-on")

libp11.changes

@@ -0,0 +1,263 @@
+-------------------------------------------------------------------
+Fri Jan 19 10:43:16 UTC 2024 - Otto Hollmann <otto.hollmann@suse.com>
+
+- Add support for OpenSSL 3.x:
+  Add libp11-configure-treat-all-openssl-3.x-releases-the-same.patch
+
+-------------------------------------------------------------------
+Wed Sep 27 09:58:37 UTC 2023 - Otto Hollmann <otto.hollmann@suse.com>
+
+- Replace openssl-ibmpkcs11 with openssl-engine-libp11 (jsc#PED-3327)
+  Add Obsoletes: openssl-ibmpkcs11 <= 1.0.1
+  and Provides: openssl-ibmpkcs11 = 1.0.1
+
+-------------------------------------------------------------------
+Tue Jun  6 12:24:11 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Add support for openSSL 3.1:
+  + Add libp11-openssl-3.1.patch: handle openSSL 3.1 the same as 3.0
+  + Add libtool BuildRequires and call autoreconf: abobe patch
+    touches the build system.
+  + Add baselibs.conf
+
+-------------------------------------------------------------------
+Mon Feb  6 10:41:29 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Fix build against openSSL 3.
+
+-------------------------------------------------------------------
+Mon Oct 17 01:22:26 UTC 2022 - Jason Sikes <jsikes@suse.com>
+
+- Update to 0.4.12:
+  * Fixed using an explicitly provided PIN regardless of the secure login flag (Alon Bar-Lev)
+  * Fixed RSA_PKCS1_PADDING handling (Michał Trojnara)
+  * Fixed a crash on LLP64, including 64-bit Windows (Małgorzata Olszówka)
+  * Fixed searching objects when both ID and label are specified (minfrin)
+  * Fixed the OAEP "source" parameter (S-P Chan)
+  * Fixed object searching by label (Michał Trojnara)
+  * Fixed thread safety in slot enumeration (Michał Trojnara)
+  * Fixed storing certificates on tokens (Mateusz Kwiatkowski)
+  * Fixed several memory leaks (Michał Trojnara, Jakub Jelen, Timo Teräs)
+  * Fixed OpenSSL 3.0 compatibility (Jakub Jelen)
+  * Fixed LibreSSL compatibility (orbea, patchMonkey156)
+  * Major concurrency improvements and refactoring (Timo Teräs)
+  * Added re-numeration of slots as an engine control command (Markus Koetter)
+  * Added the PKCS11_update_slots() API function (Timo Teräs)
+  * Added support for the SHA3 hash function (alegon01)
+  * Added a self-test for engine RSA operations (Uri Blumenthal)
+
+-------------------------------------------------------------------
+Thu Nov 26 12:00:19 UTC 2020 - Dirk Mueller <dmueller@suse.com>
+
+- update to 0.4.11:
+  * Fixed "EVP_PKEY_derive:buffer too small" EC errors (Luka Logar)
+  * Fixed various memory leaks (Mateusz Kwiatkowski)
+  * Fixed Windows VERSIONINFO (Pavol Misik)
+  * Fixed builds with OpenSSL older than 1.0.2 (Michał Trojnara)
+  * Fixed a double free in EVP_PKEY_meth_free() (Mikhail Durnev)
+  * Added CKA_VALUE_LEN to EC key derivation template (Michał Trojnara)
+  * Fixed handling keys without label attribute (efternavn)
+  * Updated the tests (Anderson Toshiyuki Sasaki)
+  * Made ECDH-derived keys extractable (Bent Bisballe Nyeng)
+  * Added support for pin-source within PKCS#11 URI (Stanislav Levin)
+  * Improved LibreSSL compatibility (patchMonkey156)
+  * Fixed handling RSA private keys in BIND (Stanislav Levin)
+  * Added macOS testing support (Stanislav Levin)
+  * Fixed engine object search algorithm (Anderson Toshiyuki Sasaki)
+
+-------------------------------------------------------------------
+Tue Oct 22 04:23:31 UTC 2019 - Jason Sikes <jsikes@suse.com>
+
+- Update to version 0.4.10:
+
+  * Added EC signing through EVP API 
+  * Added an empty EC private key required by OpenSSL 1.1.1 
+  * Stored additional certificate attributes 
+  * Engine allowed to use private keys without a PIN 
+  * Lazy binding used as a workaround for buggy modules 
+  * MinGW build fixes and documentation 
+  * LibreSSL 2.8.3 build fixes 
+  * Error handling fixes 
+
+-------------------------------------------------------------------
+Tue Mar 12 16:15:22 UTC 2019 - Marketa Calabkova <mcalabkova@suse.com>
+
+- Add p11-kit-devel to BuildRequires (boo#1122413)
+
+-------------------------------------------------------------------
+Tue Jan 29 22:44:39 UTC 2019 - Stanislav Brabec <sbrabec@suse.com>
+
+- Update to version 0.4.9:
+  * Fix EVP_PKEY ENGINE reference count with the EC
+    EVP_PKEY_METHOD.
+  * Fix a leak of RSA object in pkcs11_store_key()
+  * Add atfork checks for RSA and EC_KEY method
+  * RSA key generation on the token
+  * PSS signature support
+  * RSA-OAEP and RSA-PKCS encryption support
+  * Engine no longer set as default for all methods
+  * Add PKCS11_remove_key and PKCS11_remove_certificate
+  * Add PKCS11_find_next_token interface
+  * Add support for OpenSSL 1.1.1 beta
+  * Remove support for OpenSSL 0.9.8
+  * Case insensitive PKCS#11 URI scheme
+  * Testing framework improvements
+  * Coverity scanning and defect fixes
+  * Backward compatibility for new error handling introduced
+    in libp11 0.4.7
+  * Memory leak fixes
+  * Add an integer overflow protection
+  * Several bugfixes
+
+-------------------------------------------------------------------
+Wed Jan 17 11:31:42 UTC 2018 - dimstar@opensuse.org
+
+- Conditionalize libname to libp11-2 for suse_version < 1500 (using
+  openssl 1.0) / libp11-3 for suse_version >= 1500 (using
+  openssl 1.1).
+- Create baselibs.conf dynamically, since the library name can be
+  different. Drop the static baselibs.conf.
+
+-------------------------------------------------------------------
+Wed Jul 19 12:41:16 UTC 2017 - jengelh@inai.de
+
+- Remove --with-pic which is only for static libs.
+
+-------------------------------------------------------------------
+Mon Jul 17 09:18:06 UTC 2017 - tchvatal@suse.com
+
+- Version update to 0.4.7:
+  * Added OpenSSL-style engine error reporting (Michał Trojnara)
+  * Added the FORCE_LOGIN engine ctrl command (Michał Trojnara)
+  * Implemented the QUIET engine ctrl command (Michał Trojnara)
+  * Modified CKU_CONTEXT_SPECIFIC PIN requests to be based
+    on the CKA_ALWAYS_AUTHENTICATE attribute rather than the
+    CKR_USER_NOT_LOGGED_IN error (Michał Trojnara)
+  * Fixed printing hex values (Michał Trojnara)
+  * Fixed build error with OPENSSL_NO_EC (Kai Kang)
+
+-------------------------------------------------------------------
+Fri Jun 23 14:52:22 UTC 2017 - mpluskal@suse.com
+
+- Update to verion 0.4.6
+  * For full list of changes since version 0.3.0 see NEWS
+- Create openssl-engine-libp11 subpackage
+- Add gpg signature
+
+-------------------------------------------------------------------
+Wed Dec  2 00:18:59 UTC 2015 - p.drouand@gmail.com
+
+- Update to version 0.3.0
+  * Added small test suite based on softhsm (run on make check)
+  * Memory leak fixes
+  * On module initialization tell the module that the OS locking 
+    primitives are OK to use
+  * Transparently handle applications that fork. That is call C_Initialize() 
+    and reopen any handles if a fork is detected.
+  * Eliminated any hard coded limits for certificate size
+  * Added support for ECDSA
+  * Allow RSA_NO_PADDING padding mode in PKCS11_private_encrypt
+  * Eliminated several hard-coded limits in parameter sizes.
+- Update project and download Urls
+
+-------------------------------------------------------------------
+Tue Sep 25 17:00:26 CEST 2012 - sbrabec@suse.cz
+
+- Update to version 0.2.8:
+  * Bumped soname for PKCS11_token struct size changes.
+  * Display the number of available slots.
+  * Expose more token flags in PKCS11_token structure.
+  * Check that private data is not NULL in pkcs11_release_slot.
+
+-------------------------------------------------------------------
+Sun Nov 20 06:13:41 UTC 2011 - coolo@suse.com
+
+- add libtool as buildrequire to avoid implicit dependency
+
+-------------------------------------------------------------------
+Tue Jan 11 18:46:59 CET 2011 - sbrabec@suse.cz
+
+-  Updated to version 0.2.7:
+   * Ignore CKR_CRYPTOKI_ALREADY_INITIALIZED while initializing.
+
+-------------------------------------------------------------------
+Mon Feb  1 11:47:39 UTC 2010 - jengelh@medozas.de
+
+- Package baselibs.conf
+
+-------------------------------------------------------------------
+Wed Aug  5 14:05:01 CEST 2009 - sbrabec@suse.cz
+
+- Updated to version 0.2.6:
+  * Add new symbol to export file.
+  * Add function to export the slot id.
+  * Increase library version because of the new function.
+
+-------------------------------------------------------------------
+Wed Apr  8 18:44:53 CEST 2009 - sbrabec@suse.cz
+
+- Don't call autoreconf on older products.
+
+-------------------------------------------------------------------
+Tue Sep  2 18:04:03 CEST 2008 - sbrabec@suse.cz
+
+- Call autoreconf to build correctly with new libtool.
+
+-------------------------------------------------------------------
+Tue Sep  2 11:39:55 CEST 2008 - crrodriguez@suse.de
+
+- fix build, doxygen required.
+- kill ".la" files and static libraries
+- fix -devel package requires 
+
+-------------------------------------------------------------------
+Tue Aug 19 14:53:13 CEST 2008 - sbrabec@suse.cz
+
+- Updated to version 0.2.4:
+  * Build system rewritten
+  * added PKCS11_CTX_init_args
+  * fix segfault in init_args code
+  * implemented PKCS11_private_encrypt
+- Fixed incorrect API.
+- Fixed x86_64 issues.
+
+-------------------------------------------------------------------
+Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de
+
+- added baselibs.conf file to build xxbit packages
+  for multilib support
+
+-------------------------------------------------------------------
+Mon Jul 30 00:53:34 CEST 2007 - ro@suse.de
+
+- provide old name 
+
+-------------------------------------------------------------------
+Wed Jul 25 16:40:27 CEST 2007 - sbrabec@suse.cz
+
+- Updated to version 0.2.3:
+  * update wiki export script.
+  * replaced rsa header files from rsalabs (official) with scute
+    (open source).
+  * allow CKR_USER_ALREADY_LOGGED_IN on C_Login.
+  * mark internal functions as static.
+  * add code to store public keys and generate keys.
+- Name package according to shared library packaging policy.
+
+-------------------------------------------------------------------
+Fri Mar 30 01:45:07 CEST 2007 - ro@suse.de
+
+- added zlib-devel to buildreq 
+
+-------------------------------------------------------------------
+Tue Oct  3 17:50:13 CEST 2006 - sbrabec@suse.cz
+
+- Updated to version 0.2.2:
+  * bug fixes
+  * code cleanup
+
+-------------------------------------------------------------------
+Fri May 12 17:17:16 CEST 2006 - sbrabec@suse.cz
+
+- New SuSE package, version 0.2.1.
+

libp11.keyring

@@ -0,0 +1,115 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFTU6YwBEAC6PP7E4J6cRZQsJlFE+o3zdQYo7Mg2sVxDR6K9Cha52wn7P0t0
+hHUd0CSmWyfjmYUy3/7jYjgKe4oiGzeSCVK8b3TiX3ylHi/nW3mixwpDPwFmr5Cf
+ce55Ro3TdIeslRGigK8Hl+/l4n9c9z/AiTvcdAEQ34BJhERce4/KFx+/omiaxe7S
+fzzU/+52zy+v4FfnclgRQrzrD8sxNag6CQOaQ8lTMczNkBkDlhQTOPYkfNf76PUY
+kbWpcH7n9N50nddjEaLf7DPjOETc4OH/g5a99FSEJL7jyEgn+C8RX7RpbbAxCNlX
+1231NZoresLmxSulB6fRWLmhJ8pES3sRxE1IfwUfPpUZuTPzwXEFJY6StY5OCVy8
+rNFpkYlEePuVn74XkGbvv7dkkisq4Hp59zfIUaNVRod0Xk2rM8Rx8d5IK801Ywsn
+RyzCE02zt3N2O4IdXI1qQ1gMJNyaE/k2Qk8buh8BsKJzZca34WGocHOxz2O5s7FN
+Q1pLNpLmuHZIdyvYqcsenLz5EV8X2LztRmJ3Se4ag/XyXPYwS6lXX1YUGVxZpk0E
+sQDRdJvYCsGcUy253w+W7Nm/BtjKi6/PJmjEEU7ieHppR9Yp+LI3lyzNBeZAIVqk
+4Hco05l4GUKtEDFfOQ58sULDqJWmpH4T72DHeCpfRB0guaPa5TYY7B0umQARAQAB
+tCtNaWNoYcWCIFRyb2puYXJhIDxNaWNoYWwuVHJvam5hcmFAbWlydC5uZXQ+iQI4
+BBMBAgAiBQJU1OmMAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCxBIky
+3Tqqo4/1D/4w2/uwdzHXLjEfiLKw+aMv4AFOidl5Qhb+PUyWC97yPG1rsCm4ObRY
+iAxB3+laCMbzyD/aFKzUNGa6jruk/6/eX4eCaFBqpB71ehpAfLKB+sPAYQoCMDn7
+7qGDzxcXkY25yFShjbAcIsHK7F1ppP3ANJQYfOP5WVBhxpWqvL+7z7BGG7Gvz1q+
+Hud5uPYPDWqQi5Hr7C5pgBTX2ZrPOZ2cMuH/etgdPu9Um3vnUkfLHh+cm0ojt4Nb
+GlIZ+FwrrdJa0dOgkqDiNt0hkw5FVW8562lFs+8XyqhHfYtlJ8X+s8m02FaBywtQ
+KlmfoTIbqOKDHyaFjZa6lE0e61IRL6oo198IyLt9ulB+XjAmrOU3EkkrXMa7ajHb
+nmX59cl5AmHt++9w2J65ACkqE4v6Y7PV/JGdSHH8aMadw6YKBmV1MsQXwN4e66W5
+eAWUNclxfqmiHu/K3e4nXhILKJXVwudeYKjFdGZA2VvjNMagC987D8MUfcTNDjh0
+r9nUc4h8l5ggvF74k/YTxM1dS+v/ByTXbJDyRqoXMdJAFxX7RLj36kimgrjvktWs
+6zpL0mOEy3hZV9fg9j4gTzAadnInDWC89d2TU/3yUdH8W/RYb+RaJ6asNc8zW2Oc
+hqzoQabPFP+LLAYXi12xUe+IRNWBEakoeAS0H+HCwJ4ZRMCYcNtdBIhKBBARAgAK
+BQJU1RaSAwUCeAAKCRD81T6ddMcy0VijAKDekfKc40+78B2Ax2BZWapxJu08uQCf
+UbAK5BQ+mC2sOL5U26F9FdZLsTW0Lk1pY2hhxYIgVHJvam5hcmEgPE1pY2hhbC5U
+cm9qbmFyYUBzdHVubmVsLm9yZz6JAjgEEwECACIFAlTVDWUCGwMGCwkIBwMCBhUI
+AgkKCwQWAgMBAh4BAheAAAoJELEEiTLdOqqjvVMQAJY7fVkg6uScKyCYT3RDTIE9
+gPwIDxoz04s72pVhFH5IpDpUAWf+pYKgb/Pdow5QkkUMyYENNKIZnjeNF5BVzU++
+g1QoVeQPXe+sM0aD4gyv6N5+PL9GQULmt0gA7OXqcxEUfkP8oO2+5dQZ+No302is
+LK/lpw5roaKdMUA0dhbv0NK+3R1pMbREWKZVMq0CHyjHEEYZS9n/rRIlPkjenAop
+fm3q34tpSBTP/nmnmPfp3KFlOaRfqNXJzOR+MHDL2LaMPyRnXD4RA48bLWEcIdpo
+3mS7cGHiGJmuWHydymKk4x44nljvULN78lE7K7eORH/n0u48kttSTA09le4wz4Pg
+RjX01YqpYWByyNoXmO5LfrGBuVCh0A5cFlyfMfXhvGVESVY0uEyJv6mIgvQForZy
+mmXAn5vNBGTJbOquXnG78B4T99AF15HEvWODh707N6Lg+TPRpyjEiDaZ1HpvfpSk
+5Yq8FBhnybhNuxYFGsONzEp66Xs5uyh0WgZO15HGo32CWE136flskB6wbNQ3zp7c
+2YKjEJRAxoqWswRVQzBppI5VZg0J/BdJ7jZ0rZmtXimwhgjB+S1OQXrQ3cp4FtOz
+v8eFL9Hbb36VAIv3RtwpGK/ZLNy+pHq/vzGducA2bRJf9vozvE0F/yVZfBL1OVH0
+DMDhcLsWo0thMwZXnpOYiEoEEBECAAoFAlTVFpIDBQJ4AAoJEPzVPp10xzLRtFkA
+n3XOJUuQUnruzeO2oa4+BJMBsmJLAJ4pc6dtGRcoQrDqUk/vZyliX8Hb0rQvTWlj
+aGHFgiBUcm9qbmFyYSA8TWljaGFsLlRyb2puYXJhQG1vYmktY29tLm5ldD6JAjgE
+EwECACIFAlTVDTcCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELEEiTLd
+OqqjJWQQAK0wdrvHk9DRk0nxOu9V39WtPlRK4fDAXCeexhQ3NJz3mBLBIRo8LfHC
+Cz1xfdVGY7BvciIJBDtHQRqYf/J2ZmeV6xsKydqYuXp0SbNLbziWecx3lfTB6naq
+rdKVLXP7nBbhmeih1f3wTtHJ5yMxg8sf64CoaqDeccbx46mhIMy8g4m04i8Nz1jq
+1s2wFt4ps4LIHsDTxMzNWprJC9fObpBKEdOJytrr2iojOGa7bMgjdlZXCR8QbB64
+3S92hyheKqt6e1zIXcotRf8uigPN0IDG6gl2i+DjUTr2tcRYX/8g/lcFPQtQNPOr
+CYF7uc5+gkXZEAeffJKiB0vpY1IZofkHk0rWMZ+WP8ev8cEchhjHzbQ/hoRdLLFs
+tBbUXQdaUABD34SaMmyxu/twirYNXYuzcA55jQYBaFN29RV1Wk4b5O5ZFSLrVfCN
+Y9++skMfwwSgtFvYyE1F9+V7yFJ0XxM/gI7VMLG1IWzQ1dPUj8drO9pwfO9teykU
+Mm9tgmzL6lG86x/ZAJxjnFvrfd25TrT4gcn0Yw5X9mpBHvjjADG7579kelrb6akj
+1WlMy4FMwUI5ApuItpywMm0Wqx6dkDKFxNTgM8VrRuQw7rsbCXSyS6TbHz/RHcSA
+n0m82WwTPq8FoelaER11TWboUwopmR+jTGfIWv9Y9PrO2L2IpOchiEoEEBECAAoF
+AlTVFpIDBQJ4AAoJEPzVPp10xzLRh0kAoKpQzntoEHQwq0Hsjbnx+jKU2gujAJ9Y
+xcTGhSfPcCylHN0KLba8h4w0FrkCDQRU1OvDARAA8gIC641dK6ap9W1K3EkqRn0z
+6zizdVGr/jvf8xFXeUq+auxixZ0tEY6NM5CBSya5BCK9IGVWmJNbazyWUa4llA6E
+vmUxcTeGE7ppQA4Kl1bzvUq5upo+8+0VuqvLC/bVz0DUnFSWJYHAZrPZ+yO0yMq8
+vaGTo5kwKixQ4Ni+N+1EiALKZex1g6UW9d0HAcYEa/lTWhz3J0V1yyY4Vov30gto
+o67KkSC/SswZzIR00CQGrz3twlGuB73Sm1YfqDqbY8dQLJeyU0ovIeU95VI5cQF6
+D1H8YdaMWQm6MtVAfIX5WMoH+eq4Ank9hilReGANkIWNSqM21Drdu3crbGIYiZPE
+adKfGxwquwvRDTEgD4gjqMvEdxA2W6s4WR36SwMkeOtESj21MiR2YDcbIzIbUh9p
+0P8DZGvQcVh45jCgdOcL5th9R076npXHn8FIe2IfAZnX1OnpsKn/YqJ0wNFhGYWx
+V/yZA10NbFKFXhD1FGqrOz6lSqmqDz00tXofF432ae+7PzTP9n4cij4k0SYG1l/L
+ThnOYL3SNUCG3rCASeWoXmhxCYRGi0Xw3IJrcpVNmNQD+SLLTjVB94AlDjSlx1q0
+V+9ymhGHi51wsBSajMwDexaSI/WM1y9lROwl7eeAD41fPArzTleAqT89akWLevTB
+LWvj59mku9vZAW26/1UAEQEAAYkCHwQYAQIACQUCVNTrwwIbDAAKCRCxBIky3Tqq
+o2NCEACHJ7e0l8NhS4slfzej1AAXOwL1wDexn6thpgexAyqZLIaibqhIybhSo1LO
+L1NY/55ytscbOQL7NliRAXVN6F9lcer+qzxL5JgxzUU6dryapNZYs06u3wfr8ZtS
+bvIAON/w89tm9tHxoNUIYZZUZROFBW6fn8RkhboQs0hJFxWfWghOxhS0TXJ8/MZ4
+YcfDy+Ew6LIAym3A1XY+++2VMEHqKcyhU95W5sqAsfO5MkRWa0E9JTS2dWTteNTW
+PonywJGX/mSVVMZgOZF6o32Vb9LTnB676YQaPiMlu2qg+vRkRM/zyGjvPx7hilf6
+8CWxZcIHslfp5gJV6RvtlK+muEvIkSmNYyi8hQp1Y5C6uWb9JWt/9ISJ+Xz+n+5n
+AHEUzW/LeEDyhjVlS9vOoAAy18r47mQybzJ2q2zOHo9zl3fKOJ2S4SFBKGHuIhPO
+xG2CruhxN9U5+RwTDqKECeuCZROMYQLzlmIP2vM/NuFVhQm8iNhbTvEenh4mWD4I
+uOHJkqvzKKzAXllosuUK4B0kblh4GaOVmEjaXGw8789rOlQzD5566SgKPDNUtom5
+/eIcy6/UYBoFd7lLltIVSSCA1VUMU4MWJgjwa9gk6MxoNe8dcJ197oQMfhZNjJ80
+S5C+a2al4wrR2vL/3hXhy2M2kG73RLSzxEiVoJsG+hbzNtfIa7kCDQRU1O5ZARAA
+1pGrQ1V3YMXF3DzwvA/uWb912pwqUvMAAKvYCDiELIOP07c32+z04N/bOXjiZ2Jb
+8AuICj4v92tXAygtf18zxwoU8AOXiuScP3wy1ZprBw8k71dNy0XmEXbiX7tkLoe0
+OzWlCaNTajSXTELT+nYHTOkBsrC4T+y7AwYueQJYUaRkJR/5Tc68UnRSO295pgJd
+7EoWWAky3bdH+TKN0MsagCJwa+RrXFGtIKjU0XAKsddTxQKx2SUGF0QVdNZ/14Du
+o73btoXtHgB0oxewnsiJp5XKWYm57RSNLv1LKr26iSUtUM1CAIZALuGMAyQXVEo7
+OmzuZmN0yRYM7FSnpG4rIDnDxYhDTaa+xWb738V8uLQDZAVnAuBEhq1RQEDrRM/X
+LbibvVBzpd+JI9WneNEp0ehq5sEC6FbKYz0HqVk2SH1Dpb0tgrtxz3c7rPs7vRdm
+FMxTuYctSzuqNHpKX+C6rgyAW2sxEKD0ys8OYEa3hvrQFSAznM/j3X8dge1DriHI
+Qd/Dt4+LMdPcsQk3vty7pYxZIDRa9hl7ngaesQSZ/7PV/cj7U7qieTr1ulO1Gc5G
+cyS2Hu4P9109HX1tBEQvGHpbqe9Lc2d0VKgHVjG9vDLrE1h/qXKbmn0LF1YR4dja
+M+sYCfYOO+WzZKUACPdMq3Lid/3oQ71p6eNgu6lQcgEAEQEAAYkEPgQYAQIACQUC
+VNTuWQIbAgIpCRCxBIky3Tqqo8FdIAQZAQIABgUCVNTuWQAKCRAu/H/w1BbgFNx6
+EACR7CKB3Mv2lNaRRraVRwjNrumyODqsnX/oe3lad04iCBb9JxGyNyTGF0s6teoa
+ocXxIeZ50bF7GuYcnepMGpniMCkE2ymlM6ruFNNTUYC02FsrowKQboC7S5DN2l7l
+b4nlgyDX7nOlOMmhTc3D/QsduMyS9H5kjFFKtzLYOwREV/RHI/wQUyTyze8qs/Bx
+pT3/HsSJuGZybLSd/fmeM43xghcdfDgKTaGkFkhhW7UWgtOhQtYxr0VD4HEw4C+n
+MyksqKAIFMBjJAqtsuWeSgavVrbU8KrzlcJFHSrovZ7Pi0mKMYHGomPstZcZxwr1
+5t3BhDvogMSRscU1mLUigLEGiWxPVxtQlmHTZfMns4Cy04S7jK4Gix0PN4Xi/9rO
+cLFCb5zddcLVrqiuT+dt/O/TPKUKHTvLL1gF4Dlypbu8TQWtO7xDSPy7wSdPWUN5
+GBjsxbZfVlWpvvVMmGUuygIl0LkrJLKGxk36AnNpEPqsQ9e9Rsgu5dP9lGPz3igx
+E3p+UlhWo5eqJqZwAfEFb+0PQzKSQ6zIFQAf50eSI/pWf+Xp9XOT47d4y8aWzHA7
+T/ja9tbyd+eg71ZOqOFtVP8zFWvmPnoosxrBR7qK/RBY5/PXKhfG10yEYXSjTap4
+dmsy430l8Mcuqo55iixgT5vxZfTeyFjTjHmjuHD1rTTfpXk4D/9GI9cIfrWczhrb
+WN8BoP66ImMXpVhZzDt6S5u9dHSNJdqivDzCkktb/psXILvvu3qLmb1nJbsNzN9G
+Jm6LoduzCJ4SqaodjhMkNi/Tc95dx0n2cCP2Rh/jvzo7zrqQO09c8at/pFEiF8Lg
+Ulc5QaB/GNhXBqJog2yOzUPGKq0OMy/wttW42TCe7V+J8fnn16xfGhnVwmiWRQaq
+dCiFDY2IiOHhnRwfJVANrddfuU/AJ8vY8XXzrxI7YZL43V530Wich1VB00XLFU8a
+j08FsjdFvR77AAxFU+Cd6sH6yq6jsRXppQ0BOO15aR+wopEvtKwDdRu3TaweC1XM
+LLQ4XuN9Ql0bMH0d626uMG2zUfZGO1jNTOS4sUhEqJsImbsL/hgNDKYvfo0wSHPW
+mQo9njw7aG8Mey77I3fL1ELj/Tfa86njPpJ/tmFMLV9ntWACcW/c3tojdcP278rT
+w/4zk+Sr2Zv+3bP1yjJd0z4B3gYYz2BUYTU7dyiA41Kgk4ZfV1n2NUAxQJYzvEIA
+ZcMEWA3rOTb+AjcBVXX89Gk0BEykVmA9G808tbmI+4DUd2c/+d1xeufb43TGOiwK
+qwY+Os9iey3FbsnoYuzKPsd5LByJFEudbMB152h95u/NysaM0AjC+yPtlpSLUIaD
+UW75VAlQKPWj1Ag5uVpc2ScMEjevQQ==
+=+Od7
+-----END PGP PUBLIC KEY BLOCK-----

libp11.spec

@@ -0,0 +1,154 @@
+#
+# spec file for package libp11
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+# the libname depends on what version openssl it is linked against
+%if 0%{?suse_version} < 1500
+# libp11.so.2 for openssl 1.0 - suse_version < 1500
+%define libname libp11-2
+%else
+# libp11.so.3 for openssl 1.1 - suse_version >= 1500
+%define libname libp11-3
+%endif
+Name:           libp11
+Version:        0.4.12
+Release:        0
+Summary:        Library Implementing a Small Layer on Top of PKCS#11 API
+License:        LGPL-2.1-or-later
+Group:          Productivity/Security
+URL:            https://github.com/OpenSC/libp11
+Source0:        https://github.com/OpenSC/libp11/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz
+Source1:        https://github.com/OpenSC/libp11/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz.asc
+Source2:        %{name}.keyring
+Source3:        %{name}-rpmlintrc
+Source4:        baselibs.conf
+# PATCH-FIX-UPSTREAM
+Patch0:         libp11-openssl-3.1.patch
+# PATCH-FIX-UPSTREAM
+Patch1:         libp11-configure-treat-all-openssl-3.x-releases-the-same.patch
+BuildRequires:  fdupes
+BuildRequires:  libtool
+BuildRequires:  p11-kit-devel
+BuildRequires:  pkgconfig
+BuildRequires:  pkgconfig(openssl)
+BuildRequires:  pkgconfig(zlib)
+# The engine_pkcs11 library has been merged into version 0.4.0 and later.
+# (It existed only in security:chipcard OBS repository.
+Obsoletes:      engine_pkcs11 <= 0.2.2
+
+%description
+Libp11 is a library implementing a small layer on top of PKCS#11 API to
+make using PKCS#11 implementations easier.
+
+The official name for PKCS#11 is "RSA Security Inc. PKCS #11
+Cryptographic Token Interface (Cryptoki)".
+
+Libp11 source code includes the official header files (version 2.20)
+and thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic
+Token Interface (Cryptoki)".
+
+%package -n %{libname}
+Summary:        Library Implementing a Small Layer on Top of PKCS#11 API
+Group:          Productivity/Security
+
+%description -n %{libname}
+Libp11 is a library implementing a small layer on top of PKCS#11 API to
+make using PKCS#11 implementations easier.
+
+The official name for PKCS#11 is "RSA Security Inc. PKCS #11
+Cryptographic Token Interface (Cryptoki)".
+
+Libp11 source code includes the official header files (version 2.20)
+and thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic
+Token Interface (Cryptoki)".
+
+%package -n openssl-engine-%{name}
+Summary:        Library Implementing a Small Layer on Top of PKCS#11 API
+Group:          Productivity/Security
+# IBM dropped support for the openssl-ibmpkcs11 and will contribute to
+# libp11 project instead. (jsc#PED-3327)
+Provides:       openssl-ibmpkcs11 = 1.0.1
+Obsoletes:      openssl-ibmpkcs11 <= 1.0.1
+
+%description -n openssl-engine-%{name}
+Libp11 is a library implementing a small layer on top of PKCS#11 API to
+make using PKCS#11 implementations easier.
+
+The official name for PKCS#11 is "RSA Security Inc. PKCS #11
+Cryptographic Token Interface (Cryptoki)".
+
+Libp11 source code includes the official header files (version 2.20)
+and thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic
+Token Interface (Cryptoki)".
+
+%package devel
+Summary:        Library Implementing a Small Layer on Top of PKCS#11 API
+Group:          Development/Libraries/C and C++
+Requires:       %{libname} = %{version}
+Requires:       openssl-devel
+
+%description devel
+Libp11 is a library implementing a small layer on top of PKCS#11 API to
+make using PKCS#11 implementations easier.
+
+The official name for PKCS#11 is "RSA Security Inc. PKCS #11
+Cryptographic Token Interface (Cryptoki)".
+
+Libp11 source code include the official header files (version 2.20) and
+thus is "derived from the RSA Security Inc. PKCS #11 Cryptographic
+Token Interface (Cryptoki)".
+
+%prep
+%autosetup -p1
+# Since the library name changes based on used openssl, we have to create baselibs.conf dynamically
+echo %{libname} > %{_sourcedir}/baselibs.conf
+
+%build
+autoreconf -fiv
+%configure \
+  --disable-static \
+  --disable-silent-rules \
+	--enable-doc\
+	--docdir=%{_docdir}/%{libname}
+%make_build
+
+%install
+%make_install
+mkdir -p %{buildroot}%{_docdir}/%{name} %{buildroot}%{_docdir}/%{libname}
+find %{buildroot} -type f -name "*.la" -delete -print
+%fdupes %{buildroot}%{_docdir}
+
+%post -n %{libname} -p /sbin/ldconfig
+%postun -n %{libname} -p /sbin/ldconfig
+
+%files -n %{libname}
+%doc %{_docdir}/%{libname}
+%{_libdir}/*.so.*
+
+%files -n openssl-engine-%{name}
+%if 0%{?suse_version} > 1325
+%{_libdir}/engines-*
+%else
+%{_libdir}/engines
+%endif
+
+%files devel
+%{_includedir}/*.h
+%{_libdir}/*.so
+%{_libdir}/pkgconfig/*.pc
+
+%changelog