commit df47b278cf1ad0c78d5d217fd1cc7f092fb0af0740c1395611a3e8659d1e2f0d Author: Marcus Meissner Date: Mon Jan 20 09:39:45 2014 +0000 - imported a generic fips helper to verify fips modules, linked to openssl. OBS-URL: https://build.opensuse.org/package/show/security/fipscheck?expand=0&rev=1 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/fipscheck-1.2.0.tar.bz2 b/fipscheck-1.2.0.tar.bz2 new file mode 100644 index 0000000..7ac9def --- /dev/null +++ b/fipscheck-1.2.0.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:676ba7ed4bb918721454ce83d5428645db6f0913e6a15e8aed3ee445727dc7a7 +size 215454 diff --git a/fipscheck.changes b/fipscheck.changes new file mode 100644 index 0000000..b97566c --- /dev/null +++ b/fipscheck.changes @@ -0,0 +1,6 @@ +------------------------------------------------------------------- +Mon Jan 20 09:37:18 UTC 2014 - meissner@suse.com + +- imported a generic fips helper to verify fips modules, linked + to openssl. + diff --git a/fipscheck.spec b/fipscheck.spec new file mode 100644 index 0000000..7b71e6b --- /dev/null +++ b/fipscheck.spec @@ -0,0 +1,112 @@ +# +# spec file for package fipscheck +# +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +%define lname libfipscheck1 + +Summary: A library for integrity verification of FIPS validated modules +License: BSD +Group: System Environment/Libraries +Name: fipscheck +Version: 1.2.0 +Release: 7.mge +# This is a Red Hat maintained package which is specific to +# our distribution. +Url: http://fedorahosted.org/fipscheck/ +Source0: http://fedorahosted.org/releases/f/i/%{name}/%{name}-%{version}.tar.bz2 + +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +BuildRequires: libopenssl-devel >= 0.9.8j +Requires: %{name}-lib = %{version}-%{release} + + +%global soversion 1.1.0 +%global somajor 1 + +%description +FIPSCheck is a library for integrity verification of FIPS validated +modules. The package also provides helper binaries for creation and +verification of the HMAC-SHA256 checksum files. + +%package -n %lname +Summary: Library files for %{name} +Group: System Environment/Libraries +Requires: %{_bindir}/fipscheck + +%description -n %lname +This package contains the FIPSCheck library. + +%package devel +Summary: Development files for %{name} +Group: System Environment/Libraries + +Requires: %{lname} = %{version} + +%description devel +This package contains development files for %{name}. + +%prep +%setup -q + +%build +%configure --disable-static --libdir=/%{_lib} + +make %{?_smp_mflags} LDFLAGS="-Wl,-z,relro" + +# Add generation of HMAC checksums of the final stripped binaries +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + $RPM_BUILD_ROOT%{_bindir}/fipshmac $RPM_BUILD_ROOT%{_bindir}/fipscheck \ + $RPM_BUILD_ROOT%{_bindir}/fipshmac $RPM_BUILD_ROOT/%{_lib}/libfipscheck.so.%{soversion} \ + ln -s .libfipscheck.so.%{soversion}.hmac $RPM_BUILD_ROOT/%{_lib}/.libfipscheck.so.%{somajor}.hmac \ +%{nil} + +%install +rm -rf $RPM_BUILD_ROOT + +make install DESTDIR=$RPM_BUILD_ROOT + +find $RPM_BUILD_ROOT -type f -name "*.la" -delete + +mkdir -p $RPM_BUILD_ROOT%{_libdir} +ln -s /%{_lib}/libfipscheck.so.%{soversion} $RPM_BUILD_ROOT%{_libdir}/libfipscheck.so +rm $RPM_BUILD_ROOT/%{_lib}/libfipscheck.so + +%post -n %lname -p /sbin/ldconfig + +%postun -n %lname -p /sbin/ldconfig + +%files +%defattr(-,root,root,-) +%doc ChangeLog COPYING README AUTHORS +%{_bindir}/fipscheck +%{_bindir}/.fipscheck.hmac +%{_bindir}/fipshmac + +%files -n %lname +%defattr(-,root,root,-) +/%{_lib}/libfipscheck.so.* +/%{_lib}/.libfipscheck.so.* + +%files devel +%defattr(-,root,root,-) +%{_includedir}/fipscheck.h +%{_libdir}/libfipscheck.so + +%changelog