Dominique Leuenberger 2021-09-21 19:13:17 +00:00 committed by Git OBS Bridge
commit 08442b0533
8 changed files with 41 additions and 70 deletions

View File

@ -1,6 +1,6 @@
<services>
<service name="cargo_vendor" mode="disabled">
<param name="compression">xz</param>
<param name="srcdir">parsec-0.7.2</param>
<param name="srcdir">parsec-0.8.0</param>
</service>
</services>

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:baa114fe0cadffccca3e8a29702c8482691e5ad44e823e317e04d33e7ef41c47
size 837424

3
parsec-0.8.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ee23842c8f2975136a9e41caf075a659b5a81f1e8a95d388d84abc885d046b72
size 867922

View File

@ -1,53 +0,0 @@
From f9688c44319c1733586d6fbc3b3c24a403deaed8 Mon Sep 17 00:00:00 2001
From: Hugues de Valon <hugues.devalon@arm.com>
Date: Fri, 30 Apr 2021 10:48:37 +0100
Subject: [PATCH] Make it compile for Rust 1.43.1
The From trait was not implemented for that version of Rust. Uses the
to_vec method which achieves the same thing.
Signed-off-by: Hugues de Valon <hugues.devalon@arm.com>
---
src/providers/pkcs11/key_management.rs | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/providers/pkcs11/key_management.rs b/src/providers/pkcs11/key_management.rs
index 6bc5e06..73ce607 100644
--- a/src/providers/pkcs11/key_management.rs
+++ b/src/providers/pkcs11/key_management.rs
@@ -27,7 +27,7 @@ impl Provider {
key_id: u32,
key_type: KeyPairType,
) -> Result<ObjectHandle> {
- let mut template = vec![Attribute::Id(key_id.to_be_bytes().into())];
+ let mut template = vec![Attribute::Id(key_id.to_be_bytes().to_vec())];
match key_type {
KeyPairType::PublicKey => template.push(Attribute::Class(ObjectClass::PUBLIC_KEY)),
@@ -103,7 +103,7 @@ impl Provider {
let key_id = self.create_key_id();
let mut pub_template = vec![
- Attribute::Id(key_id.to_be_bytes().into()),
+ Attribute::Id(key_id.to_be_bytes().to_vec()),
Attribute::Token(true.into()),
Attribute::AllowedMechanisms(vec![Mechanism::try_from(
key_attributes.policy.permitted_algorithms,
@@ -122,7 +122,7 @@ impl Provider {
let mech = match key_attributes.key_type {
Type::RsaKeyPair => {
pub_template.push(Attribute::Private(false.into()));
- pub_template.push(Attribute::PublicExponent(utils::PUBLIC_EXPONENT.into()));
+ pub_template.push(Attribute::PublicExponent(utils::PUBLIC_EXPONENT.to_vec()));
pub_template.push(Attribute::ModulusBits(
key_attributes.bits.try_into().map_err(to_response_status)?,
));
@@ -225,7 +225,7 @@ impl Provider {
template.push(Attribute::PublicExponent(exponent_object.into()));
template.push(Attribute::Verify(true.into()));
template.push(Attribute::Encrypt(true.into()));
- template.push(Attribute::Id(key_id.to_be_bytes().into()));
+ template.push(Attribute::Id(key_id.to_be_bytes().to_vec()));
template.push(Attribute::Private(false.into()));
template.push(Attribute::AllowedMechanisms(vec![MechanismType::RSA_PKCS]));

View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Fri Aug 6 07:01:27 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
- Update to 0.8.0:
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.7.2...0.8.0
- Drop upstream patch:
* parsec-fix-old-rust.patch
- Disable 'trusted-service-provider' as it currently fails to build
- Disable 'jwt-svid-authenticator' (SPIFFE-based authenticator)
on Leap, as it cannot be compiled with rust 1.43.1
-------------------------------------------------------------------
Fri Apr 30 11:36:56 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>

View File

@ -17,13 +17,10 @@
%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
# Features available:
# all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider"]
# all-authenticators = ["direct-authenticator", "unix-peer-credentials-authenticator"]
%define features "all-authenticators,all-providers"
%{?systemd_ordering}
Name: parsec
Version: 0.7.2
Version: 0.8.0
Release: 0
Summary: Platform AbstRaction for SECurity
License: Apache-2.0
@ -35,8 +32,7 @@ Source3: parsec.service
Source4: config.toml
Source5: parsec.conf
Source6: system-user-parsec.conf
# Fix build with old rust used in Leap 15.3/SLE15-SP3 - https://github.com/parallaxsecond/parsec/issues/409
Patch1: parsec-fix-old-rust.patch
Source10: https://git.trustedfirmware.org/TS/trusted-services.git/snapshot/trusted-services-c1cf912.tar.gz
BuildRequires: cargo
BuildRequires: clang-devel
BuildRequires: cmake
@ -65,17 +61,31 @@ This abstraction layer keeps workloads decoupled from physical platform details,
enabling cloud-native delivery flows within the data center and at the edge.
%prep
%autosetup -p1 -a1
%setup -q -a1 -a10
rmdir trusted-services-vendor
mv trusted-services-c1cf912 trusted-services-vendor
rm -rf .cargo && mkdir .cargo
cp %{SOURCE2} .cargo/config
# Enable all providers
sed -i -e 's#default = \["unix-peer-credentials-authenticator"\]##' Cargo.toml
echo 'default = ["all-authenticators", "all-providers"]' >> Cargo.toml
# Features available in 0.8.0:
# all-providers = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider", "trusted-service-provider"]
# all-authenticators = ["direct-authenticator", "unix-peer-credentials-authenticator", "jwt-svid-authenticator"]
%if 0%{suse_version} > 1500
# Tumbleweed
# Disable "trusted-service-provider" until we have a trusted-services package
echo 'default = ["tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider", "all-authenticators"]' >> Cargo.toml
%else
# Leap/SLE
# Disable jwt-svid-authenticator (SPIFFE-based authenticator) as it cannot be compiled with rust 1.43.1
# Disable "trusted-service-provider" until we have a trusted-services package
echo 'default = ["direct-authenticator", "unix-peer-credentials-authenticator", "tpm-provider", "pkcs11-provider", "mbed-crypto-provider", "cryptoauthlib-provider"]' >> Cargo.toml
%endif
%build
export PROTOC=%{_bindir}/protoc
export PROTOC_INCLUDE=%{_includedir}
%cargo_build -- --features=%features
%cargo_build
%sysusers_generate_pre %{SOURCE6} parsec
%install
@ -98,7 +108,7 @@ rm -rf %{buildroot}%{_datadir}/cargo/registry
%check
export PROTOC=%{_bindir}/protoc
export PROTOC_INCLUDE=%{_includedir}
%cargo_test -- --lib --features=%features
%cargo_test -- --lib
%pre -f parsec.pre
%service_add_pre parsec.service

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7725f1023f51268d006668947dc888b171c59676834542934391f9a2a1fc19ca
size 370978

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:52db05370be4cd68810011da087965bd267731e298df1620667179225eecb505
size 27078988
oid sha256:ff2f7282df17acde5a50c99263eabc8c8ab2a97f1c6481ca61293cd58c233896
size 42409996