forked from pool/openCryptoki
f41ca9bf97
- Added patch for compile errors * ocki-3.19.0-0035-Fix-compile-error-error-initializer-element-is-not-c.patch - Changed spec file to use %autosetup instead of %setup. - Updated the package openCryptoki 3.19.0 (jsc#PED-616, bsc#1207760), added the following patches: * ocki-3.19.0-0001-EP11-Unify-key-pair-generation-functions.patch * ocki-3.19.0-0002-EP11-Do-not-report-DSA-DH-parameter-generation-as-be.patch * ocki-3.19.0-0003-EP11-Do-not-pass-empty-CKA_PUBLIC_KEY_INFO-to-EP11-h.patch * ocki-3.19.0-0004-Mechtable-CKM_IBM_DILITHIUM-can-also-be-used-for-key.patch * ocki-3.19.0-0005-EP11-Remove-DSA-DH-parameter-generation-mechanisms-f.patch * ocki-3.19.0-0006-EP11-Pass-back-chain-code-for-CKM_IBM_BTC_DERIVE.patch * ocki-3.19.0-0007-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch * ocki-3.19.0-0008-EP11-Supply-CKA_PUBLIC_KEY_INFO-when-importing-priva.patch * ocki-3.19.0-0009-EP11-Fix-memory-leak-introduced-with-recent-commit.patch * ocki-3.19.0-0010-p11sak-Fix-segfault-when-dilithium-version-is-not-sp.patch * ocki-3.19.0-0011-EP11-remove-dead-code-and-unused-variables.patch * ocki-3.19.0-0012-EP11-Update-EP11-host-library-header-files.patch * ocki-3.19.0-0013-EP11-Support-EP11-host-library-version-4.patch * ocki-3.19.0-0014-EP11-Add-new-control-points.patch * ocki-3.19.0-0015-EP11-Default-unknown-CPs-to-ON.patch * ocki-3.19.0-0016-COMMON-Add-defines-for-Dilithium-round-2-and-3-varia.patch * ocki-3.19.0-0017-COMMON-Add-defines-for-Kyber.patch * ocki-3.19.0-0018-COMMON-Add-post-quantum-algorithm-OIDs.patch * ocki-3.19.0-0019-COMMON-Dilithium-key-BER-encoding-decoding-allow-dif.patch * ocki-3.19.0-0020-COMMON-EP11-Add-CKA_VALUE-holding-SPKI-PKCS-8-of-key.patch * ocki-3.19.0-0021-COMMON-EP11-Allow-to-select-Dilithium-variant-via-mo.patch * ocki-3.19.0-0022-EP11-Query-supported-PQC-variants-and-restrict-usage.patch * ocki-3.19.0-0023-POLICY-Dilithium-strength-and-signature-size-depends.patch * ocki-3.19.0-0024-TESTCASES-Test-Dilithium-variants.patch * ocki-3.19.0-0025-COMMON-EP11-Add-Kyber-key-type-and-mechanism.patch * ocki-3.19.0-0026-EP11-Add-support-for-generating-and-importing-Kyber-.patch * ocki-3.19.0-0027-EP11-Add-support-for-encrypt-decrypt-and-KEM-operati.patch * ocki-3.19.0-0028-POLICY-STATISTICS-Check-for-Kyber-KEM-KDFs-and-count.patch * ocki-3.19.0-0029-TESTCASES-Add-tests-for-CKM_IBM_KYBER.patch * ocki-3.19.0-0030-p11sak-Support-additional-Dilithium-variants.patch * ocki-3.19.0-0031-p11sak-Add-support-for-IBM-Kyber-key-type.patch * ocki-3.19.0-0032-testcase-Enhance-p11sak-testcase-to-generate-IBM-Kyb.patch * ocki-3.19.0-0033-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch * ocki-3.19.0-0034-EP11-Fix-setting-unknown-CPs-to-ON.patch OBS-URL: https://build.opensuse.org/request/show/1063652 OBS-URL: https://build.opensuse.org/package/show/security/openCryptoki?expand=0&rev=128
365 lines
14 KiB
RPMSpec
365 lines
14 KiB
RPMSpec
#
|
|
# spec file for package openCryptoki
|
|
#
|
|
# Copyright (c) 2018-2023 SUSE LLC
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%define openCryptoki_32bit_arch %{ix86} s390 ppc %{arm}
|
|
# support in the workings for: ppc64
|
|
# no support in sight for: ia64
|
|
%define openCryptoki_64bit_arch s390x ppc64 ppc64le x86_64 aarch64
|
|
# autobuild:/work/cd/lib/misc/group
|
|
# openCryptoki pkcs11:x:64:
|
|
%define pkcs11_group_id 64
|
|
%define oc_cvs_tag opencryptoki
|
|
|
|
Name: openCryptoki
|
|
Version: 3.19.0
|
|
Release: 0
|
|
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
|
License: CPL-1.0
|
|
Group: Productivity/Security
|
|
URL: https://github.com/opencryptoki/opencryptoki
|
|
Source: https://github.com/opencryptoki/%{oc_cvs_tag}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
|
Source1: openCryptoki.pkcsslotd
|
|
Source2: openCryptoki-TFAQ.html
|
|
Source3: openCryptoki-rpmlintrc
|
|
# Patch 1 is needed because group pkcs11 doesn't exist in the build environment
|
|
# and because we don't want(?) various file and directory permissions to be 0700.
|
|
Patch001: ocki-3.19-remove-make-install-chgrp.patch
|
|
#
|
|
Patch002: ocki-3.19.0-0001-EP11-Unify-key-pair-generation-functions.patch
|
|
Patch003: ocki-3.19.0-0002-EP11-Do-not-report-DSA-DH-parameter-generation-as-be.patch
|
|
Patch004: ocki-3.19.0-0003-EP11-Do-not-pass-empty-CKA_PUBLIC_KEY_INFO-to-EP11-h.patch
|
|
Patch005: ocki-3.19.0-0004-Mechtable-CKM_IBM_DILITHIUM-can-also-be-used-for-key.patch
|
|
Patch006: ocki-3.19.0-0005-EP11-Remove-DSA-DH-parameter-generation-mechanisms-f.patch
|
|
Patch007: ocki-3.19.0-0006-EP11-Pass-back-chain-code-for-CKM_IBM_BTC_DERIVE.patch
|
|
Patch008: ocki-3.19.0-0007-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch
|
|
Patch009: ocki-3.19.0-0008-EP11-Supply-CKA_PUBLIC_KEY_INFO-when-importing-priva.patch
|
|
Patch010: ocki-3.19.0-0009-EP11-Fix-memory-leak-introduced-with-recent-commit.patch
|
|
Patch011: ocki-3.19.0-0010-p11sak-Fix-segfault-when-dilithium-version-is-not-sp.patch
|
|
Patch012: ocki-3.19.0-0011-EP11-remove-dead-code-and-unused-variables.patch
|
|
Patch013: ocki-3.19.0-0012-EP11-Update-EP11-host-library-header-files.patch
|
|
Patch014: ocki-3.19.0-0013-EP11-Support-EP11-host-library-version-4.patch
|
|
Patch015: ocki-3.19.0-0014-EP11-Add-new-control-points.patch
|
|
Patch016: ocki-3.19.0-0015-EP11-Default-unknown-CPs-to-ON.patch
|
|
Patch017: ocki-3.19.0-0016-COMMON-Add-defines-for-Dilithium-round-2-and-3-varia.patch
|
|
Patch018: ocki-3.19.0-0017-COMMON-Add-defines-for-Kyber.patch
|
|
Patch019: ocki-3.19.0-0018-COMMON-Add-post-quantum-algorithm-OIDs.patch
|
|
Patch020: ocki-3.19.0-0019-COMMON-Dilithium-key-BER-encoding-decoding-allow-dif.patch
|
|
Patch021: ocki-3.19.0-0020-COMMON-EP11-Add-CKA_VALUE-holding-SPKI-PKCS-8-of-key.patch
|
|
Patch022: ocki-3.19.0-0021-COMMON-EP11-Allow-to-select-Dilithium-variant-via-mo.patch
|
|
Patch023: ocki-3.19.0-0022-EP11-Query-supported-PQC-variants-and-restrict-usage.patch
|
|
Patch024: ocki-3.19.0-0023-POLICY-Dilithium-strength-and-signature-size-depends.patch
|
|
Patch025: ocki-3.19.0-0024-TESTCASES-Test-Dilithium-variants.patch
|
|
Patch026: ocki-3.19.0-0025-COMMON-EP11-Add-Kyber-key-type-and-mechanism.patch
|
|
Patch027: ocki-3.19.0-0026-EP11-Add-support-for-generating-and-importing-Kyber-.patch
|
|
Patch028: ocki-3.19.0-0027-EP11-Add-support-for-encrypt-decrypt-and-KEM-operati.patch
|
|
Patch029: ocki-3.19.0-0028-POLICY-STATISTICS-Check-for-Kyber-KEM-KDFs-and-count.patch
|
|
Patch030: ocki-3.19.0-0029-TESTCASES-Add-tests-for-CKM_IBM_KYBER.patch
|
|
Patch031: ocki-3.19.0-0030-p11sak-Support-additional-Dilithium-variants.patch
|
|
Patch032: ocki-3.19.0-0031-p11sak-Add-support-for-IBM-Kyber-key-type.patch
|
|
Patch033: ocki-3.19.0-0032-testcase-Enhance-p11sak-testcase-to-generate-IBM-Kyb.patch
|
|
Patch034: ocki-3.19.0-0033-EP11-Supply-CKA_PUBLIC_KEY_INFO-with-CKM_IBM_BTC_DER.patch
|
|
Patch035: ocki-3.19.0-0034-EP11-Fix-setting-unknown-CPs-to-ON.patch
|
|
Patch036: ocki-3.19.0-0035-Fix-compile-error-error-initializer-element-is-not-c.patch
|
|
#
|
|
BuildRequires: bison
|
|
BuildRequires: dos2unix
|
|
BuildRequires: flex
|
|
BuildRequires: gcc-c++
|
|
BuildRequires: libitm1
|
|
BuildRequires: libtool
|
|
BuildRequires: libudev-devel
|
|
BuildRequires: openldap2-devel
|
|
BuildRequires: openssl-devel >= 1.0
|
|
BuildRequires: pkgconfig
|
|
BuildRequires: trousers-devel
|
|
BuildRequires: pkgconfig(systemd)
|
|
Requires(pre): %{_sbindir}/groupadd
|
|
Requires(pre): %{_sbindir}/usermod
|
|
|
|
# IBM maintains openCryptoki on these architectures:
|
|
ExclusiveArch: %{openCryptoki_32bit_arch} %{openCryptoki_64bit_arch}
|
|
%{?systemd_requires}
|
|
%ifarch s390 s390x
|
|
BuildRequires: libica-devel
|
|
BuildRequires: libica-tools
|
|
%endif
|
|
|
|
%description
|
|
The PKCS#11 version 2.11 API implemented for the IBM cryptographic
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
%package devel
|
|
Summary: Development files for openCryptoki, a PKCS#11 implementation for IBM hardware
|
|
Group: Development/Languages/C and C++
|
|
Requires: glibc-devel
|
|
Requires: libopenssl-devel
|
|
Requires: openldap2-devel
|
|
Requires: trousers-devel
|
|
%ifarch s390 s390x
|
|
Requires: libica-devel
|
|
%endif
|
|
|
|
%description devel
|
|
The PKCS#11 version 2.01 API implemented for the IBM cryptographic
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
co-processor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
%ifarch %{openCryptoki_32bit_arch}
|
|
%package 32bit
|
|
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
|
# this is needed to make sure the pkcs11 group exists before
|
|
# installation:
|
|
Group: Productivity/Security
|
|
Requires: openCryptoki
|
|
ExclusiveArch: %{openCryptoki_32bit_arch}
|
|
|
|
%description 32bit
|
|
This is a re-packaged binary rpm. For the package source, please look
|
|
for the source of the package without the "32bit" ending
|
|
|
|
The PKCS#11 version 2.11 API implemented for the IBM cryptographic
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
%endif
|
|
|
|
%ifarch %{openCryptoki_64bit_arch}
|
|
%package 64bit
|
|
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
|
# this is needed to make sure the pkcs11 group exists before
|
|
# installation:
|
|
Group: Productivity/Security
|
|
Requires: openCryptoki
|
|
ExclusiveArch: %{openCryptoki_64bit_arch}
|
|
|
|
%description 64bit
|
|
This is a re-packaged binary rpm. For the package source, please look
|
|
for the source of the package without the "64bit" ending
|
|
|
|
The PKCS#11 version 2.11 API implemented for the IBM cryptographic
|
|
cards. This package includes support for the IBM 4758 cryptographic
|
|
coprocessor (with the PKCS#11 firmware loaded) and the IBM eServer
|
|
Cryptographic Accelerator (FC 4960 on pSeries).
|
|
|
|
%endif
|
|
|
|
%prep
|
|
# setup -q -n %{oc_cvs_tag}-%{version}
|
|
%autosetup -p 1 -n %{oc_cvs_tag}-%{version}
|
|
|
|
cp %{SOURCE2} .
|
|
|
|
%build
|
|
./bootstrap.sh
|
|
|
|
%configure --with-systemd=%{_unitdir} \
|
|
--with-libudev=yes \
|
|
--enable-tpmtok \
|
|
%ifarch aarch64 # Apparently, gcc for aarch64 doesn't support transactional memory
|
|
--enable-locks \
|
|
%endif
|
|
%ifarch s390 s390x
|
|
--enable-pkcsep11_migrate
|
|
%else
|
|
--disable-ccatok
|
|
%endif
|
|
|
|
make %{?_smp_mflags}
|
|
dos2unix doc/README.ep11_stdll
|
|
|
|
%install
|
|
%make_install
|
|
install -d %{buildroot}%{_includedir}
|
|
install -d %{buildroot}%{_localstatedir}/lib/opencryptoki
|
|
install -d %{buildroot}%{_initddir}
|
|
install -d %{buildroot}%{_sbindir}
|
|
install -d %{buildroot}%{_prefix}/lib/tmpfiles.d
|
|
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcpkcsslotd
|
|
rm -rf %{buildroot}/tmp
|
|
|
|
# Remove all development files
|
|
find %{buildroot} -type f -name "*.la" -delete -print
|
|
rm -f %{buildroot}%{_libdir}/opencryptoki/methods
|
|
|
|
%pre
|
|
%{service_add_pre pkcsslotd.service}
|
|
# autobuild:/work/cd/lib/misc/group
|
|
# openCryptoki pkcs11:x:64:
|
|
%{_sbindir}/groupadd -g %{pkcs11_group_id} -r pkcs11 2>/dev/null || true
|
|
%{_sbindir}/usermod -a -G pkcs11 root
|
|
|
|
%preun
|
|
%{service_del_preun pkcsslotd.service}
|
|
|
|
%post
|
|
# Symlink from /var/lib/opencryptoki to /etc/pkcs11
|
|
if [ ! -L %{_sysconfdir}/pkcs11 ] ; then
|
|
if [ -e %{_sysconfdir}/pkcs11/pk_config_data ] ; then
|
|
mv %{_sysconfdir}/pkcs11/* %{_localstatedir}/lib/opencryptoki
|
|
cd %{_sysconfdir} && rm -rf pkcs11 && \
|
|
ln -sf %{_localstatedir}/lib/opencryptoki pkcs11
|
|
fi
|
|
fi
|
|
/sbin/ldconfig
|
|
%{?tmpfiles_create:%tmpfiles_create %{_tmpfilesdir}/opencryptoki.conf}
|
|
%{service_add_post pkcsslotd.service}
|
|
|
|
%postun
|
|
if [ -L %{_sysconfdir}/pkcs11 ] ; then
|
|
rm %{_sysconfdir}/pkcs11
|
|
fi
|
|
%{service_del_postun pkcsslotd.service}
|
|
|
|
%ifarch %{openCryptoki_32bit_arch}
|
|
%postun 32bit
|
|
if [ -L %{_sysconfdir}/pkcs11 ] ; then
|
|
rm %{_sysconfdir}/pkcs11
|
|
fi
|
|
%{service_del_postun pkcsslotd.service}
|
|
|
|
%post 32bit
|
|
# Old library name links
|
|
cd %{_libdir}/opencryptoki && ln -sf ./libopencryptoki.so PKCS11_API.so
|
|
ln -sf %{_sbindir} %{_libdir}/opencryptoki/methods
|
|
rm -rf %{_libdir}/pkcs11/stdll
|
|
test -d %{_prefix}/lib/pkcs11 || mkdir -p %{_prefix}/lib/pkcs11
|
|
cd %{_prefix}/lib/pkcs11
|
|
ln -sf ../opencryptoki/stdll stdll
|
|
cd stdll
|
|
[ -f libpkcs11_cca.so ] && ln -sf ./libpkcs11_cca.so PKCS11_CCA.so || true
|
|
[ -f libpkcs11_tpm.so ] && ln -sf ./libpkcs11_tpm.so PKCS11_TPM.so || true
|
|
[ -f libpkcs11_ica.so ] && ln -sf ./libpkcs11_ica.so PKCS11_ICA.so || true
|
|
[ -f libpkcs11_sw.so ] && ln -sf ./libpkcs11_sw.so PKCS11_SW.so || true
|
|
/sbin/ldconfig
|
|
%endif
|
|
|
|
%ifarch %{openCryptoki_64bit_arch}
|
|
%post 64bit
|
|
# Old library name for 64bit libs were under /usr/lib/pkcs11. For migration purposes only.
|
|
test -d %{_prefix}/lib/pkcs11 || mkdir -p %{_prefix}/lib/pkcs11
|
|
ln -sf %{_libdir}/opencryptoki/libopencryptoki.so %{_prefix}/lib/pkcs11/PKCS11_API.so64
|
|
/sbin/ldconfig
|
|
%endif
|
|
|
|
%files
|
|
%doc openCryptoki-TFAQ.html FAQ
|
|
%doc doc/*
|
|
%dir %{_datadir}/doc/opencryptoki
|
|
%{_datadir}/doc/opencryptoki/policy-example.conf
|
|
%{_datadir}/doc/opencryptoki/strength-example.conf
|
|
# configuration directory
|
|
%dir %{_sysconfdir}/opencryptoki
|
|
%config %{_sysconfdir}/opencryptoki/opencryptoki.conf
|
|
%config %attr(640,root,pkcs11) %{_sysconfdir}/opencryptoki/strength.conf
|
|
%config %attr(640,root,pkcs11) %{_sysconfdir}/opencryptoki/p11sak_defined_attrs.conf
|
|
%ifarch s390 s390x
|
|
%config %{_sysconfdir}/opencryptoki/ccatok.conf
|
|
%config %{_sysconfdir}/opencryptoki/ep11cpfilter.conf
|
|
%config %{_sysconfdir}/opencryptoki/ep11tok.conf
|
|
%{_sbindir}/pkcsep11_migrate
|
|
%endif
|
|
%{_sbindir}/p11sak
|
|
%{_unitdir}/pkcsslotd.service
|
|
%{_tmpfilesdir}/opencryptoki.conf
|
|
%{_sbindir}/rcpkcsslotd
|
|
# utilities
|
|
%ifarch s390 s390x
|
|
%{_sbindir}/pkcsep11_session
|
|
%{_sbindir}/pkcscca
|
|
%endif
|
|
%{_sbindir}/pkcsslotd
|
|
%{_sbindir}/pkcsconf
|
|
%{_sbindir}/pkcsicsf
|
|
%{_sbindir}/pkcsstats
|
|
%{_sbindir}/pkcstok_migrate
|
|
%dir %{_libdir}/opencryptoki
|
|
%dir %{_libdir}/opencryptoki/stdll
|
|
# State and lock directories
|
|
%dir %attr(755,root,pkcs11) %{_localstatedir}/lib/opencryptoki
|
|
%ifarch s390 s390x
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ccatok
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ccatok/TOK_OBJ
|
|
%endif
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/swtok
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/swtok/TOK_OBJ
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/tpm
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/icsf
|
|
%ifarch s390 s390x
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ep11tok
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/ep11tok/TOK_OBJ
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/lite
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/lib/opencryptoki/lite/TOK_OBJ
|
|
%endif
|
|
%dir %attr(770,root,pkcs11) %{_localstatedir}/log/opencryptoki/
|
|
%{_mandir}/man*/*
|
|
|
|
%files devel
|
|
%dir %{_libdir}/opencryptoki
|
|
%dir %{_libdir}/opencryptoki/stdll
|
|
%{_includedir}/opencryptoki
|
|
%{_libdir}/pkgconfig/opencryptoki.pc
|
|
|
|
%ifarch %{openCryptoki_32bit_arch}
|
|
%files 32bit
|
|
# these don't conflict because they only exist as 64bit binaries if
|
|
# there is no 32bit version of them usable
|
|
%{_libdir}/opencryptoki/libopencryptoki.so
|
|
%ghost %{_libdir}/opencryptoki/PKCS11_API.so
|
|
%{_libdir}/opencryptoki/*.0
|
|
%ifarch s390
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_cca.so
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_CCA.so
|
|
%endif
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_tpm.so
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_TPM.so
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_sw.so
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_SW.so
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_icsf.so
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_ICSF.so
|
|
%ifarch s390 s390x
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_ica.so
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_ICA.so
|
|
%{_libdir}/opencryptoki/stdll/libpkcs11_ep11.so
|
|
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_EP11.so
|
|
%endif
|
|
%{_libdir}/opencryptoki/stdll/*.0
|
|
%dir %{_libdir}/pkcs11
|
|
%ghost %{_libdir}/pkcs11/stdll
|
|
%ghost %{_libdir}/pkcs11/methods
|
|
%{_libdir}/pkcs11/*.so
|
|
%{_sysconfdir}/ld.so.conf.d/*
|
|
%endif
|
|
|
|
%ifarch %{openCryptoki_64bit_arch}
|
|
%files 64bit
|
|
%dir %{_libdir}/opencryptoki
|
|
%{_libdir}/opencryptoki/*.so
|
|
%{_libdir}/opencryptoki/*.0
|
|
%dir %{_libdir}/opencryptoki/stdll
|
|
%{_libdir}/opencryptoki/stdll/*.so
|
|
%{_libdir}/opencryptoki/stdll/*.0
|
|
%{_libdir}/pkcs11
|
|
%{_sysconfdir}/ld.so.conf.d/*
|
|
%endif
|
|
|
|
%changelog
|