package/libp11: new package
Library for using PKCS#11, which includes an engine for OpenSSL that
lets it use PKCS#11 modules. Which is really what this package is
about, not that libp11 library itself, which has no users outside the
of OpenSSL engine.
If p11-kit is enabled, configure the engine to use that as the default
PKCS#11 module. That module is a sort of multiplexer that allows
multiple modules to be used at once, so it makes sense to use it even
if there are other modules present, e.g. softhsm2, nssckbi,
pkcs11-proxy, ykcs11, etc.
A host package is created too, with a host configuration option.
Since this a dynamically loaded module, there is no build time reason
to select it from a host package. It could be used by host openssl,
to allow host rauc to sign a software update bundle using a key from a
HSM with a PKCS#11 interface.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Tested-by: Frank Hunleth <fhunleth@troodon-software.com>
[Thomas:
- add entry in DEVELOPERS file
- add missing !BR2_STATIC_LIBS dependency
- fix license information, as noticed by Frank Hunleth
- add missing dependency on host-pkgconf, needed by the configure
script to detect openssl
- explicitly pass --with-enginesdir as the value returned by
pkg-config is incorrectly prefixed by the sysroot]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-12-07 19:13:30 +01:00
|
|
|
config BR2_PACKAGE_LIBP11
|
|
|
|
|
bool "libp11"
|
|
|
|
|
depends on !BR2_STATIC_LIBS # dlopen
|
2022-07-19 23:56:19 +02:00
|
|
|
depends on BR2_TOOLCHAIN_HAS_THREADS
|
package/libp11: new package
Library for using PKCS#11, which includes an engine for OpenSSL that
lets it use PKCS#11 modules. Which is really what this package is
about, not that libp11 library itself, which has no users outside the
of OpenSSL engine.
If p11-kit is enabled, configure the engine to use that as the default
PKCS#11 module. That module is a sort of multiplexer that allows
multiple modules to be used at once, so it makes sense to use it even
if there are other modules present, e.g. softhsm2, nssckbi,
pkcs11-proxy, ykcs11, etc.
A host package is created too, with a host configuration option.
Since this a dynamically loaded module, there is no build time reason
to select it from a host package. It could be used by host openssl,
to allow host rauc to sign a software update bundle using a key from a
HSM with a PKCS#11 interface.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Tested-by: Frank Hunleth <fhunleth@troodon-software.com>
[Thomas:
- add entry in DEVELOPERS file
- add missing !BR2_STATIC_LIBS dependency
- fix license information, as noticed by Frank Hunleth
- add missing dependency on host-pkgconf, needed by the configure
script to detect openssl
- explicitly pass --with-enginesdir as the value returned by
pkg-config is incorrectly prefixed by the sysroot]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-12-07 19:13:30 +01:00
|
|
|
select BR2_PACKAGE_OPENSSL
|
|
|
|
|
help
|
|
|
|
|
OpenSSL engine for PKCS#11 modules. Part of the OpenSC
|
|
|
|
|
project.
|
|
|
|
|
|
|
|
|
|
https://github.com/OpenSC/OpenSC/wiki
|
|
|
|
|
|
2022-07-19 23:56:19 +02:00
|
|
|
comment "libp11 needs a toolchain w/ dynamic library, threads"
|
|
|
|
|
depends on BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS
|
