2007-01-16 00:27:33 +01:00
|
|
|
#
|
2011-11-28 12:55:09 +01:00
|
|
|
# spec file for package openCryptoki
|
2007-01-16 00:27:33 +01:00
|
|
|
#
|
2024-02-05 10:04:37 +01:00
|
|
|
# Copyright (c) 2024 SUSE LLC
|
2007-01-16 00:27:33 +01:00
|
|
|
#
|
2008-08-29 01:19:19 +02:00
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
2019-12-02 22:42:49 +01:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2007-01-16 00:27:33 +01:00
|
|
|
#
|
|
|
|
|
2019-11-12 07:00:01 +01:00
|
|
|
|
2019-09-05 00:38:50 +02:00
|
|
|
%define openCryptoki_32bit_arch %{ix86} s390 ppc %{arm}
|
2008-11-06 22:23:05 +01:00
|
|
|
# support in the workings for: ppc64
|
2008-12-15 14:58:47 +01:00
|
|
|
# no support in sight for: ia64
|
2019-09-05 00:38:50 +02:00
|
|
|
%define openCryptoki_64bit_arch s390x ppc64 ppc64le x86_64 aarch64
|
2008-11-06 22:23:05 +01:00
|
|
|
# autobuild:/work/cd/lib/misc/group
|
|
|
|
# openCryptoki pkcs11:x:64:
|
|
|
|
%define pkcs11_group_id 64
|
2023-12-04 14:12:20 +01:00
|
|
|
%define pkcs_group pkcs11
|
2014-02-06 10:10:48 +01:00
|
|
|
%define oc_cvs_tag opencryptoki
|
2008-08-29 01:19:19 +02:00
|
|
|
|
2007-01-16 00:27:33 +01:00
|
|
|
Name: openCryptoki
|
2024-02-07 08:52:33 +01:00
|
|
|
Version: 3.23.0
|
2018-11-16 17:33:50 +01:00
|
|
|
Release: 0
|
|
|
|
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
|
|
|
License: CPL-1.0
|
|
|
|
Group: Productivity/Security
|
2019-12-02 22:42:49 +01:00
|
|
|
URL: https://github.com/opencryptoki/opencryptoki
|
2023-02-16 14:33:42 +01:00
|
|
|
Source: https://github.com/opencryptoki/%{oc_cvs_tag}/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
2018-11-16 17:33:50 +01:00
|
|
|
Source1: openCryptoki.pkcsslotd
|
|
|
|
Source2: openCryptoki-TFAQ.html
|
2019-09-05 00:38:50 +02:00
|
|
|
Source3: openCryptoki-rpmlintrc
|
2023-05-26 08:46:11 +02:00
|
|
|
# Patch 0 is needed because group pkcs11 doesn't exist in the build environment
|
2018-11-16 17:33:50 +01:00
|
|
|
# and because we don't want(?) various file and directory permissions to be 0700.
|
2024-02-07 08:52:33 +01:00
|
|
|
Patch000: ocki-3.23-remove-make-install-chgrp.patch
|
2023-02-07 16:45:43 +01:00
|
|
|
#
|
|
|
|
#
|
2014-02-06 10:10:48 +01:00
|
|
|
BuildRequires: bison
|
2018-11-16 17:33:50 +01:00
|
|
|
BuildRequires: dos2unix
|
2014-02-06 10:10:48 +01:00
|
|
|
BuildRequires: flex
|
2012-12-08 19:43:00 +01:00
|
|
|
BuildRequires: gcc-c++
|
2023-12-04 14:12:20 +01:00
|
|
|
BuildRequires: libcap-devel
|
2019-09-05 00:38:50 +02:00
|
|
|
BuildRequires: libitm1
|
2012-12-08 19:43:00 +01:00
|
|
|
BuildRequires: libtool
|
2021-10-21 22:48:47 +02:00
|
|
|
BuildRequires: libudev-devel
|
2014-07-02 11:29:50 +02:00
|
|
|
BuildRequires: openldap2-devel
|
2016-04-16 19:18:42 +02:00
|
|
|
BuildRequires: openssl-devel >= 1.0
|
2018-11-16 17:33:50 +01:00
|
|
|
BuildRequires: pkgconfig
|
2014-02-06 10:10:48 +01:00
|
|
|
BuildRequires: trousers-devel
|
2014-07-02 11:29:50 +02:00
|
|
|
BuildRequires: pkgconfig(systemd)
|
2023-12-04 14:12:20 +01:00
|
|
|
###
|
2018-11-29 23:49:07 +01:00
|
|
|
Requires(pre): %{_sbindir}/groupadd
|
2023-12-04 14:12:20 +01:00
|
|
|
Requires(pre): %{_sbindir}/useradd
|
2018-11-29 23:49:07 +01:00
|
|
|
Requires(pre): %{_sbindir}/usermod
|
2023-05-26 08:46:11 +02:00
|
|
|
###
|
2024-02-05 10:04:37 +01:00
|
|
|
Provides: user(pkcs11)
|
|
|
|
Provides: group(pkcs11)
|
2018-11-29 23:49:07 +01:00
|
|
|
|
2018-11-16 17:33:50 +01:00
|
|
|
# IBM maintains openCryptoki on these architectures:
|
|
|
|
ExclusiveArch: %{openCryptoki_32bit_arch} %{openCryptoki_64bit_arch}
|
2014-07-02 11:29:50 +02:00
|
|
|
%{?systemd_requires}
|
2018-11-16 17:33:50 +01:00
|
|
|
%ifarch s390 s390x
|
|
|
|
BuildRequires: libica-devel
|
|
|
|
BuildRequires: libica-tools
|
2014-07-02 11:29:50 +02:00
|
|
|
%endif
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%description
|
2008-08-29 01:19:19 +02:00
|
|
|
The PKCS#11 version 2.11 API implemented for the IBM cryptographic
|
2007-01-16 00:27:33 +01:00
|
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
|
|
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
|
2008-11-06 22:23:05 +01:00
|
|
|
%package devel
|
2018-11-29 23:49:07 +01:00
|
|
|
Summary: Development files for openCryptoki, a PKCS#11 implementation for IBM hardware
|
2008-12-15 14:58:47 +01:00
|
|
|
Group: Development/Languages/C and C++
|
2012-12-08 19:43:00 +01:00
|
|
|
Requires: glibc-devel
|
2016-04-16 19:18:42 +02:00
|
|
|
Requires: libopenssl-devel
|
|
|
|
Requires: openldap2-devel
|
|
|
|
Requires: trousers-devel
|
2018-11-16 17:33:50 +01:00
|
|
|
%ifarch s390 s390x
|
|
|
|
Requires: libica-devel
|
|
|
|
%endif
|
2008-11-06 22:23:05 +01:00
|
|
|
|
|
|
|
%description devel
|
|
|
|
The PKCS#11 version 2.01 API implemented for the IBM cryptographic
|
|
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
|
|
co-processor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
|
2018-11-16 17:33:50 +01:00
|
|
|
%ifarch %{openCryptoki_32bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
%package 32bit
|
2009-06-19 00:43:16 +02:00
|
|
|
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
2007-01-16 00:27:33 +01:00
|
|
|
# this is needed to make sure the pkcs11 group exists before
|
|
|
|
# installation:
|
2017-01-17 18:19:02 +01:00
|
|
|
Group: Productivity/Security
|
2019-09-05 00:38:50 +02:00
|
|
|
Requires: openCryptoki
|
2018-11-16 17:33:50 +01:00
|
|
|
ExclusiveArch: %{openCryptoki_32bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%description 32bit
|
|
|
|
This is a re-packaged binary rpm. For the package source, please look
|
|
|
|
for the source of the package without the "32bit" ending
|
|
|
|
|
2009-06-19 00:43:16 +02:00
|
|
|
The PKCS#11 version 2.11 API implemented for the IBM cryptographic
|
2007-01-16 00:27:33 +01:00
|
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
2009-06-19 00:43:16 +02:00
|
|
|
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
|
2007-01-16 00:27:33 +01:00
|
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
|
2008-11-06 22:23:05 +01:00
|
|
|
%endif
|
2018-11-16 17:33:50 +01:00
|
|
|
|
|
|
|
%ifarch %{openCryptoki_64bit_arch}
|
2008-11-06 22:23:05 +01:00
|
|
|
%package 64bit
|
2009-06-19 00:43:16 +02:00
|
|
|
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
2008-11-06 22:23:05 +01:00
|
|
|
# this is needed to make sure the pkcs11 group exists before
|
|
|
|
# installation:
|
2017-01-17 18:19:02 +01:00
|
|
|
Group: Productivity/Security
|
2019-09-05 00:38:50 +02:00
|
|
|
Requires: openCryptoki
|
2018-11-16 17:33:50 +01:00
|
|
|
ExclusiveArch: %{openCryptoki_64bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%description 64bit
|
|
|
|
This is a re-packaged binary rpm. For the package source, please look
|
|
|
|
for the source of the package without the "64bit" ending
|
|
|
|
|
2009-06-19 00:43:16 +02:00
|
|
|
The PKCS#11 version 2.11 API implemented for the IBM cryptographic
|
|
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
|
|
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%endif
|
2008-08-29 01:19:19 +02:00
|
|
|
|
2007-01-16 00:27:33 +01:00
|
|
|
%prep
|
2023-02-16 14:33:42 +01:00
|
|
|
# setup -q -n %{oc_cvs_tag}-%{version}
|
2023-05-26 08:46:11 +02:00
|
|
|
%autosetup -p 0 -n %{oc_cvs_tag}-%{version}
|
2016-07-08 22:30:53 +02:00
|
|
|
|
2007-01-16 00:27:33 +01:00
|
|
|
cp %{SOURCE2} .
|
|
|
|
|
|
|
|
%build
|
2019-09-05 00:38:50 +02:00
|
|
|
./bootstrap.sh
|
|
|
|
|
|
|
|
%configure --with-systemd=%{_unitdir} \
|
2021-10-21 22:48:47 +02:00
|
|
|
--with-libudev=yes \
|
2019-09-05 00:38:50 +02:00
|
|
|
--enable-tpmtok \
|
|
|
|
%ifarch aarch64 # Apparently, gcc for aarch64 doesn't support transactional memory
|
|
|
|
--enable-locks \
|
|
|
|
%endif
|
|
|
|
%ifarch s390 s390x
|
|
|
|
--enable-pkcsep11_migrate
|
|
|
|
%else
|
|
|
|
--disable-ccatok
|
|
|
|
%endif
|
|
|
|
|
2014-12-18 15:21:44 +01:00
|
|
|
make %{?_smp_mflags}
|
2016-04-16 19:18:42 +02:00
|
|
|
dos2unix doc/README.ep11_stdll
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%install
|
2016-04-16 19:18:42 +02:00
|
|
|
%make_install
|
2018-11-16 17:33:50 +01:00
|
|
|
install -d %{buildroot}%{_includedir}
|
|
|
|
install -d %{buildroot}%{_localstatedir}/lib/opencryptoki
|
|
|
|
install -d %{buildroot}%{_initddir}
|
|
|
|
install -d %{buildroot}%{_sbindir}
|
|
|
|
install -d %{buildroot}%{_prefix}/lib/tmpfiles.d
|
|
|
|
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcpkcsslotd
|
|
|
|
rm -rf %{buildroot}/tmp
|
2019-09-05 00:38:50 +02:00
|
|
|
|
2007-01-16 00:27:33 +01:00
|
|
|
# Remove all development files
|
2018-11-16 17:33:50 +01:00
|
|
|
find %{buildroot} -type f -name "*.la" -delete -print
|
|
|
|
rm -f %{buildroot}%{_libdir}/opencryptoki/methods
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%pre
|
2019-09-05 00:38:50 +02:00
|
|
|
%{service_add_pre pkcsslotd.service}
|
2007-01-16 00:27:33 +01:00
|
|
|
# autobuild:/work/cd/lib/misc/group
|
|
|
|
# openCryptoki pkcs11:x:64:
|
2023-12-04 14:12:20 +01:00
|
|
|
# openCryptoki pkcsslotd:x:64:
|
|
|
|
%{_sbindir}/groupadd -g %{pkcs11_group_id} -r %{pkcs_group} 2>/dev/null || true
|
|
|
|
%{_sbindir}/useradd -g %{pkcs11_group_id} -r pkcsslotd -s /sbin/nologin -d /run/opencryptoki 2>/dev/null || true
|
|
|
|
%{_sbindir}/usermod -a -G %{pkcs_group} root
|
2008-11-06 22:23:05 +01:00
|
|
|
|
2014-02-06 10:10:48 +01:00
|
|
|
%preun
|
2014-07-02 11:29:50 +02:00
|
|
|
%{service_del_preun pkcsslotd.service}
|
2014-02-06 10:10:48 +01:00
|
|
|
|
2008-11-06 22:23:05 +01:00
|
|
|
%post
|
|
|
|
# Symlink from /var/lib/opencryptoki to /etc/pkcs11
|
|
|
|
if [ ! -L %{_sysconfdir}/pkcs11 ] ; then
|
|
|
|
if [ -e %{_sysconfdir}/pkcs11/pk_config_data ] ; then
|
|
|
|
mv %{_sysconfdir}/pkcs11/* %{_localstatedir}/lib/opencryptoki
|
|
|
|
cd %{_sysconfdir} && rm -rf pkcs11 && \
|
|
|
|
ln -sf %{_localstatedir}/lib/opencryptoki pkcs11
|
|
|
|
fi
|
|
|
|
fi
|
2009-01-23 14:33:04 +01:00
|
|
|
/sbin/ldconfig
|
2017-12-01 03:02:32 +01:00
|
|
|
%{?tmpfiles_create:%tmpfiles_create %{_tmpfilesdir}/opencryptoki.conf}
|
2014-07-02 11:29:50 +02:00
|
|
|
%{service_add_post pkcsslotd.service}
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%postun
|
|
|
|
if [ -L %{_sysconfdir}/pkcs11 ] ; then
|
|
|
|
rm %{_sysconfdir}/pkcs11
|
|
|
|
fi
|
2014-07-02 11:29:50 +02:00
|
|
|
%{service_del_postun pkcsslotd.service}
|
2014-02-06 10:10:48 +01:00
|
|
|
|
2018-11-16 17:33:50 +01:00
|
|
|
%ifarch %{openCryptoki_32bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
%postun 32bit
|
2017-03-17 23:13:25 +01:00
|
|
|
if [ -L %{_sysconfdir}/pkcs11 ] ; then
|
|
|
|
rm %{_sysconfdir}/pkcs11
|
|
|
|
fi
|
|
|
|
%{service_del_postun pkcsslotd.service}
|
2007-01-16 00:27:33 +01:00
|
|
|
|
|
|
|
%post 32bit
|
|
|
|
# Old library name links
|
|
|
|
cd %{_libdir}/opencryptoki && ln -sf ./libopencryptoki.so PKCS11_API.so
|
|
|
|
ln -sf %{_sbindir} %{_libdir}/opencryptoki/methods
|
|
|
|
rm -rf %{_libdir}/pkcs11/stdll
|
2018-11-16 17:33:50 +01:00
|
|
|
test -d %{_prefix}/lib/pkcs11 || mkdir -p %{_prefix}/lib/pkcs11
|
|
|
|
cd %{_prefix}/lib/pkcs11
|
2014-07-02 11:29:50 +02:00
|
|
|
ln -sf ../opencryptoki/stdll stdll
|
|
|
|
cd stdll
|
|
|
|
[ -f libpkcs11_cca.so ] && ln -sf ./libpkcs11_cca.so PKCS11_CCA.so || true
|
|
|
|
[ -f libpkcs11_tpm.so ] && ln -sf ./libpkcs11_tpm.so PKCS11_TPM.so || true
|
|
|
|
[ -f libpkcs11_ica.so ] && ln -sf ./libpkcs11_ica.so PKCS11_ICA.so || true
|
|
|
|
[ -f libpkcs11_sw.so ] && ln -sf ./libpkcs11_sw.so PKCS11_SW.so || true
|
2009-01-23 14:33:04 +01:00
|
|
|
/sbin/ldconfig
|
2008-11-06 22:23:05 +01:00
|
|
|
%endif
|
2018-11-16 17:33:50 +01:00
|
|
|
|
|
|
|
%ifarch %{openCryptoki_64bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
%post 64bit
|
|
|
|
# Old library name for 64bit libs were under /usr/lib/pkcs11. For migration purposes only.
|
2018-11-16 17:33:50 +01:00
|
|
|
test -d %{_prefix}/lib/pkcs11 || mkdir -p %{_prefix}/lib/pkcs11
|
|
|
|
ln -sf %{_libdir}/opencryptoki/libopencryptoki.so %{_prefix}/lib/pkcs11/PKCS11_API.so64
|
2009-01-23 14:33:04 +01:00
|
|
|
/sbin/ldconfig
|
2007-01-16 00:27:33 +01:00
|
|
|
%endif
|
|
|
|
|
|
|
|
%files
|
2016-08-04 13:44:34 +02:00
|
|
|
%doc openCryptoki-TFAQ.html FAQ
|
2014-09-05 12:54:00 +02:00
|
|
|
%doc doc/*
|
2022-10-05 18:08:30 +02:00
|
|
|
%dir %{_datadir}/doc/opencryptoki
|
|
|
|
%{_datadir}/doc/opencryptoki/policy-example.conf
|
|
|
|
%{_datadir}/doc/opencryptoki/strength-example.conf
|
2007-01-16 00:27:33 +01:00
|
|
|
# configuration directory
|
2014-09-02 16:33:18 +02:00
|
|
|
%dir %{_sysconfdir}/opencryptoki
|
|
|
|
%config %{_sysconfdir}/opencryptoki/opencryptoki.conf
|
2023-05-26 08:46:11 +02:00
|
|
|
%config %attr(640,root,%{pkcs_group}) %{_sysconfdir}/opencryptoki/strength.conf
|
|
|
|
%config %attr(640,root,%{pkcs_group}) %{_sysconfdir}/opencryptoki/p11sak_defined_attrs.conf
|
2014-07-02 11:29:50 +02:00
|
|
|
%ifarch s390 s390x
|
2022-10-05 18:08:30 +02:00
|
|
|
%config %{_sysconfdir}/opencryptoki/ccatok.conf
|
2018-11-16 17:33:50 +01:00
|
|
|
%config %{_sysconfdir}/opencryptoki/ep11cpfilter.conf
|
2019-09-05 00:38:50 +02:00
|
|
|
%config %{_sysconfdir}/opencryptoki/ep11tok.conf
|
2014-09-02 16:33:18 +02:00
|
|
|
%{_sbindir}/pkcsep11_migrate
|
2014-07-02 11:29:50 +02:00
|
|
|
%endif
|
Accepting request 843288 from home:markkp:branches:security
- Upgraded to version 3.15.0 (jsc#SLE-13749, jsc#SLE-13666,
jsc#SLE-13813, jsc#SLE-13812, jsc#SLE-13723, jsc#SLE-13714
jsc#SLE-13715, jsc#SLE-13710, jsc#SLE-13774, jsc#SLE-13786)
* openCryptoki 3.15.0
- common: conform to PKCS 11 3.0 Baseline Provider profile
- Introduce new vendor defined interface named "Vendor IBM"
- Support C_IBM_ReencryptSingle via "Vendor IBM" interface
- CCA: support key wrapping
- SOFT: support ECC
- p11sak tool: add remove-key command
- Bug fixes
* openCryptoki 3.14.0
- EP11: Dilitium support stage 2
- Common: Rework on process and thread locking
- Common: Rework on btree and object locking
- ICSF: minor fixes
- TPM, ICA, ICSF: support multiple token instances
- new tool p11sak
* openCryptoki 3.13.0
- EP11: Dilithium support
- EP11: EdDSA support
- EP11: support RSA-OAEP with non-SHA1 hash and MGF
- Removed obsolete oki-3.12-EP11-Fix-EC-uncompress-buffer-length.patch
OBS-URL: https://build.opensuse.org/request/show/843288
OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=106
2020-10-22 01:12:00 +02:00
|
|
|
%{_sbindir}/p11sak
|
2015-04-22 11:41:29 +02:00
|
|
|
%{_unitdir}/pkcsslotd.service
|
2017-12-01 03:02:32 +01:00
|
|
|
%{_tmpfilesdir}/opencryptoki.conf
|
2014-09-02 16:33:18 +02:00
|
|
|
%{_sbindir}/rcpkcsslotd
|
2007-01-16 00:27:33 +01:00
|
|
|
# utilities
|
2019-09-05 00:38:50 +02:00
|
|
|
%ifarch s390 s390x
|
|
|
|
%{_sbindir}/pkcsep11_session
|
|
|
|
%{_sbindir}/pkcscca
|
|
|
|
%endif
|
2014-09-02 16:33:18 +02:00
|
|
|
%{_sbindir}/pkcsslotd
|
|
|
|
%{_sbindir}/pkcsconf
|
|
|
|
%{_sbindir}/pkcsicsf
|
2022-10-05 18:08:30 +02:00
|
|
|
%{_sbindir}/pkcsstats
|
Accepting request 843288 from home:markkp:branches:security
- Upgraded to version 3.15.0 (jsc#SLE-13749, jsc#SLE-13666,
jsc#SLE-13813, jsc#SLE-13812, jsc#SLE-13723, jsc#SLE-13714
jsc#SLE-13715, jsc#SLE-13710, jsc#SLE-13774, jsc#SLE-13786)
* openCryptoki 3.15.0
- common: conform to PKCS 11 3.0 Baseline Provider profile
- Introduce new vendor defined interface named "Vendor IBM"
- Support C_IBM_ReencryptSingle via "Vendor IBM" interface
- CCA: support key wrapping
- SOFT: support ECC
- p11sak tool: add remove-key command
- Bug fixes
* openCryptoki 3.14.0
- EP11: Dilitium support stage 2
- Common: Rework on process and thread locking
- Common: Rework on btree and object locking
- ICSF: minor fixes
- TPM, ICA, ICSF: support multiple token instances
- new tool p11sak
* openCryptoki 3.13.0
- EP11: Dilithium support
- EP11: EdDSA support
- EP11: support RSA-OAEP with non-SHA1 hash and MGF
- Removed obsolete oki-3.12-EP11-Fix-EC-uncompress-buffer-length.patch
OBS-URL: https://build.opensuse.org/request/show/843288
OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=106
2020-10-22 01:12:00 +02:00
|
|
|
%{_sbindir}/pkcstok_migrate
|
2007-01-16 00:27:33 +01:00
|
|
|
%dir %{_libdir}/opencryptoki
|
|
|
|
%dir %{_libdir}/opencryptoki/stdll
|
2014-02-06 10:10:48 +01:00
|
|
|
# State and lock directories
|
2023-05-26 08:46:11 +02:00
|
|
|
%dir %attr(755,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki
|
2019-09-05 00:38:50 +02:00
|
|
|
%ifarch s390 s390x
|
2023-05-26 08:46:11 +02:00
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/ccatok
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/ccatok/TOK_OBJ
|
2019-09-05 00:38:50 +02:00
|
|
|
%endif
|
2023-05-26 08:46:11 +02:00
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/swtok
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/swtok/TOK_OBJ
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/tpm
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/icsf
|
2014-07-02 11:29:50 +02:00
|
|
|
%ifarch s390 s390x
|
2023-05-26 08:46:11 +02:00
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/ep11tok
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/ep11tok/TOK_OBJ
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/lite
|
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/lib/opencryptoki/lite/TOK_OBJ
|
2014-07-02 11:29:50 +02:00
|
|
|
%endif
|
2023-05-26 08:46:11 +02:00
|
|
|
%dir %attr(770,root,%{pkcs_group}) %{_localstatedir}/log/opencryptoki/
|
2008-09-15 12:20:22 +02:00
|
|
|
%{_mandir}/man*/*
|
2007-01-16 00:27:33 +01:00
|
|
|
|
2008-11-06 22:23:05 +01:00
|
|
|
%files devel
|
|
|
|
%dir %{_libdir}/opencryptoki
|
|
|
|
%dir %{_libdir}/opencryptoki/stdll
|
|
|
|
%{_includedir}/opencryptoki
|
2022-10-05 18:08:30 +02:00
|
|
|
%{_libdir}/pkgconfig/opencryptoki.pc
|
2023-05-26 08:46:11 +02:00
|
|
|
###
|
|
|
|
%{_sbindir}/pkcshsm_mk_change
|
2008-11-06 22:23:05 +01:00
|
|
|
|
2018-11-16 17:33:50 +01:00
|
|
|
%ifarch %{openCryptoki_32bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
%files 32bit
|
|
|
|
# these don't conflict because they only exist as 64bit binaries if
|
|
|
|
# there is no 32bit version of them usable
|
|
|
|
%{_libdir}/opencryptoki/libopencryptoki.so
|
|
|
|
%ghost %{_libdir}/opencryptoki/PKCS11_API.so
|
|
|
|
%{_libdir}/opencryptoki/*.0
|
2019-09-05 00:38:50 +02:00
|
|
|
%ifarch s390
|
2014-02-06 13:42:44 +01:00
|
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_cca.so
|
|
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_CCA.so
|
2019-09-05 00:38:50 +02:00
|
|
|
%endif
|
2014-07-02 11:29:50 +02:00
|
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_tpm.so
|
2014-02-06 13:42:44 +01:00
|
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_TPM.so
|
2014-07-02 11:29:50 +02:00
|
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_sw.so
|
|
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_SW.so
|
|
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_icsf.so
|
|
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_ICSF.so
|
|
|
|
%ifarch s390 s390x
|
2008-09-15 12:20:22 +02:00
|
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_ica.so
|
|
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_ICA.so
|
2014-07-02 11:29:50 +02:00
|
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_ep11.so
|
|
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_EP11.so
|
2007-01-16 00:27:33 +01:00
|
|
|
%endif
|
|
|
|
%{_libdir}/opencryptoki/stdll/*.0
|
|
|
|
%dir %{_libdir}/pkcs11
|
|
|
|
%ghost %{_libdir}/pkcs11/stdll
|
|
|
|
%ghost %{_libdir}/pkcs11/methods
|
|
|
|
%{_libdir}/pkcs11/*.so
|
2008-09-15 12:20:22 +02:00
|
|
|
%{_sysconfdir}/ld.so.conf.d/*
|
2008-11-06 22:23:05 +01:00
|
|
|
%endif
|
2007-01-16 00:27:33 +01:00
|
|
|
|
2018-11-16 17:33:50 +01:00
|
|
|
%ifarch %{openCryptoki_64bit_arch}
|
2007-01-16 00:27:33 +01:00
|
|
|
%files 64bit
|
2016-04-16 19:18:42 +02:00
|
|
|
%dir %{_libdir}/opencryptoki
|
2007-01-16 00:27:33 +01:00
|
|
|
%{_libdir}/opencryptoki/*.so
|
|
|
|
%{_libdir}/opencryptoki/*.0
|
2016-04-16 19:18:42 +02:00
|
|
|
%dir %{_libdir}/opencryptoki/stdll
|
2007-01-16 00:27:33 +01:00
|
|
|
%{_libdir}/opencryptoki/stdll/*.so
|
|
|
|
%{_libdir}/opencryptoki/stdll/*.0
|
|
|
|
%{_libdir}/pkcs11
|
2008-09-15 12:20:22 +02:00
|
|
|
%{_sysconfdir}/ld.so.conf.d/*
|
2007-01-16 00:27:33 +01:00
|
|
|
%endif
|
|
|
|
|
2007-03-30 01:37:00 +02:00
|
|
|
%changelog
|