kumquat-buildroot/package/libp11/libp11.mk

################################################################################
#
# libp11
#
################################################################################

LIBP11_VERSION = 0.4.12
LIBP11_SITE = https://github.com/OpenSC/libp11/releases/download/libp11-$(LIBP11_VERSION)
LIBP11_DEPENDENCIES = openssl host-pkgconf
LIBP11_INSTALL_STAGING = YES
LIBP11_LICENSE = LGPL-2.1+
LIBP11_LICENSE_FILES = COPYING

ifeq ($(BR2_PACKAGE_LIBOPENSSL),y)
LIBP11_ENGINESDIR = enginesdir
else ifeq ($(BR2_PACKAGE_LIBRESSL),y)
LIBP11_ENGINESDIR = libdir
endif

# pkg-config returns a libcrypto enginesdir prefixed with the sysroot,
# so let's rip it out.
LIBP11_CONF_OPTS = \
	--with-enginesdir=`$(PKG_CONFIG_HOST_BINARY) --variable $(LIBP11_ENGINESDIR) libcrypto | xargs readlink -f | sed 's%^$(STAGING_DIR)%%'`

ifeq ($(BR2_PACKAGE_P11_KIT),y)
LIBP11_CONF_OPTS += --with-pkcs11-module=/usr/lib/p11-kit-proxy.so
endif

HOST_LIBP11_DEPENDENCIES = host-pkgconf host-openssl

$(eval $(autotools-package))
$(eval $(host-autotools-package))
package/libp11: new package Library for using PKCS#11, which includes an engine for OpenSSL that lets it use PKCS#11 modules. Which is really what this package is about, not that libp11 library itself, which has no users outside the of OpenSSL engine. If p11-kit is enabled, configure the engine to use that as the default PKCS#11 module. That module is a sort of multiplexer that allows multiple modules to be used at once, so it makes sense to use it even if there are other modules present, e.g. softhsm2, nssckbi, pkcs11-proxy, ykcs11, etc. A host package is created too, with a host configuration option. Since this a dynamically loaded module, there is no build time reason to select it from a host package. It could be used by host openssl, to allow host rauc to sign a software update bundle using a key from a HSM with a PKCS#11 interface. Signed-off-by: Trent Piepho <tpiepho@impinj.com> Tested-by: Frank Hunleth <fhunleth@troodon-software.com> [Thomas: - add entry in DEVELOPERS file - add missing !BR2_STATIC_LIBS dependency - fix license information, as noticed by Frank Hunleth - add missing dependency on host-pkgconf, needed by the configure script to detect openssl - explicitly pass --with-enginesdir as the value returned by pkg-config is incorrectly prefixed by the sysroot] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-12-07 19:13:30 +01:00			`################################################################################`
			`#`
			`# libp11`
			`#`
			`################################################################################`

package/libp11: bump to version 0.4.12 - Drop patch (already in version) - This bump will also fix the following build failure with libressl raised since bump to version 3.5.2 in commit 8b216927db080b38fdbf1f8b025b6f90a89d4bc2: p11_cert.c: In function 'pkcs11_store_certificate': p11_cert.c:310:34: error: dereferencing pointer to incomplete type 'X509' {aka 'struct x509_st'} 310 \| signature_nid = OBJ_obj2nid(x509->sig_alg->algorithm); \| ^~ https://github.com/OpenSC/libp11/releases/tag/libp11-0.4.12 Fixes: - http://autobuild.buildroot.org/results/3acfa1419b59f7daa58fa8e61abc63ecb00f853c Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> 2022-07-16 00:39:29 +02:00			`LIBP11_VERSION = 0.4.12`
package/libp11: new package Library for using PKCS#11, which includes an engine for OpenSSL that lets it use PKCS#11 modules. Which is really what this package is about, not that libp11 library itself, which has no users outside the of OpenSSL engine. If p11-kit is enabled, configure the engine to use that as the default PKCS#11 module. That module is a sort of multiplexer that allows multiple modules to be used at once, so it makes sense to use it even if there are other modules present, e.g. softhsm2, nssckbi, pkcs11-proxy, ykcs11, etc. A host package is created too, with a host configuration option. Since this a dynamically loaded module, there is no build time reason to select it from a host package. It could be used by host openssl, to allow host rauc to sign a software update bundle using a key from a HSM with a PKCS#11 interface. Signed-off-by: Trent Piepho <tpiepho@impinj.com> Tested-by: Frank Hunleth <fhunleth@troodon-software.com> [Thomas: - add entry in DEVELOPERS file - add missing !BR2_STATIC_LIBS dependency - fix license information, as noticed by Frank Hunleth - add missing dependency on host-pkgconf, needed by the configure script to detect openssl - explicitly pass --with-enginesdir as the value returned by pkg-config is incorrectly prefixed by the sysroot] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-12-07 19:13:30 +01:00			`LIBP11_SITE = https://github.com/OpenSC/libp11/releases/download/libp11-$(LIBP11_VERSION)`
			`LIBP11_DEPENDENCIES = openssl host-pkgconf`
			`LIBP11_INSTALL_STAGING = YES`
			`LIBP11_LICENSE = LGPL-2.1+`
			`LIBP11_LICENSE_FILES = COPYING`

package/libp11: fix build with libressl Fix the following build failure with libressl: p11_rsa.c:355:14: error: static declaration of 'RSA_meth_get_finish' follows non-static declaration 355 \| static int (RSA_meth_get_finish(const RSA_METHOD meth)) (RSA *rsa) \| ^~~~~~~~~~~~~~~~~~~ Fixes: - http://autobuild.buildroot.org/results/de3b1e97796f717eac47d291911e3e1517cb557b Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2022-04-04 18:22:48 +02:00			`ifeq ($(BR2_PACKAGE_LIBOPENSSL),y)`
			`LIBP11_ENGINESDIR = enginesdir`
			`else ifeq ($(BR2_PACKAGE_LIBRESSL),y)`
			`LIBP11_ENGINESDIR = libdir`
			`endif`

package/libp11: new package Library for using PKCS#11, which includes an engine for OpenSSL that lets it use PKCS#11 modules. Which is really what this package is about, not that libp11 library itself, which has no users outside the of OpenSSL engine. If p11-kit is enabled, configure the engine to use that as the default PKCS#11 module. That module is a sort of multiplexer that allows multiple modules to be used at once, so it makes sense to use it even if there are other modules present, e.g. softhsm2, nssckbi, pkcs11-proxy, ykcs11, etc. A host package is created too, with a host configuration option. Since this a dynamically loaded module, there is no build time reason to select it from a host package. It could be used by host openssl, to allow host rauc to sign a software update bundle using a key from a HSM with a PKCS#11 interface. Signed-off-by: Trent Piepho <tpiepho@impinj.com> Tested-by: Frank Hunleth <fhunleth@troodon-software.com> [Thomas: - add entry in DEVELOPERS file - add missing !BR2_STATIC_LIBS dependency - fix license information, as noticed by Frank Hunleth - add missing dependency on host-pkgconf, needed by the configure script to detect openssl - explicitly pass --with-enginesdir as the value returned by pkg-config is incorrectly prefixed by the sysroot] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-12-07 19:13:30 +01:00			`# pkg-config returns a libcrypto enginesdir prefixed with the sysroot,`
			`# so let's rip it out.`
			`LIBP11_CONF_OPTS = \`
package/libp11: fix build with libressl Fix the following build failure with libressl: p11_rsa.c:355:14: error: static declaration of 'RSA_meth_get_finish' follows non-static declaration 355 \| static int (RSA_meth_get_finish(const RSA_METHOD meth)) (RSA *rsa) \| ^~~~~~~~~~~~~~~~~~~ Fixes: - http://autobuild.buildroot.org/results/de3b1e97796f717eac47d291911e3e1517cb557b Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> 2022-04-04 18:22:48 +02:00			--with-enginesdir=`$(PKG_CONFIG_HOST_BINARY) --variable $(LIBP11_ENGINESDIR) libcrypto \| xargs readlink -f \| sed 's%^$(STAGING_DIR)%%'`
package/libp11: new package Library for using PKCS#11, which includes an engine for OpenSSL that lets it use PKCS#11 modules. Which is really what this package is about, not that libp11 library itself, which has no users outside the of OpenSSL engine. If p11-kit is enabled, configure the engine to use that as the default PKCS#11 module. That module is a sort of multiplexer that allows multiple modules to be used at once, so it makes sense to use it even if there are other modules present, e.g. softhsm2, nssckbi, pkcs11-proxy, ykcs11, etc. A host package is created too, with a host configuration option. Since this a dynamically loaded module, there is no build time reason to select it from a host package. It could be used by host openssl, to allow host rauc to sign a software update bundle using a key from a HSM with a PKCS#11 interface. Signed-off-by: Trent Piepho <tpiepho@impinj.com> Tested-by: Frank Hunleth <fhunleth@troodon-software.com> [Thomas: - add entry in DEVELOPERS file - add missing !BR2_STATIC_LIBS dependency - fix license information, as noticed by Frank Hunleth - add missing dependency on host-pkgconf, needed by the configure script to detect openssl - explicitly pass --with-enginesdir as the value returned by pkg-config is incorrectly prefixed by the sysroot] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-12-07 19:13:30 +01:00
			`ifeq ($(BR2_PACKAGE_P11_KIT),y)`
			`LIBP11_CONF_OPTS += --with-pkcs11-module=/usr/lib/p11-kit-proxy.so`
			`endif`

package/libp11: add host-pkgconf dependency for host variant host-pkgconf is needed to find host-openssl Fixes: - http://autobuild.buildroot.org/results/05adf424050cb56f74ae4106b3c9b61f8daff7d2 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2019-12-14 10:02:29 +01:00			`HOST_LIBP11_DEPENDENCIES = host-pkgconf host-openssl`
package/libp11: new package Library for using PKCS#11, which includes an engine for OpenSSL that lets it use PKCS#11 modules. Which is really what this package is about, not that libp11 library itself, which has no users outside the of OpenSSL engine. If p11-kit is enabled, configure the engine to use that as the default PKCS#11 module. That module is a sort of multiplexer that allows multiple modules to be used at once, so it makes sense to use it even if there are other modules present, e.g. softhsm2, nssckbi, pkcs11-proxy, ykcs11, etc. A host package is created too, with a host configuration option. Since this a dynamically loaded module, there is no build time reason to select it from a host package. It could be used by host openssl, to allow host rauc to sign a software update bundle using a key from a HSM with a PKCS#11 interface. Signed-off-by: Trent Piepho <tpiepho@impinj.com> Tested-by: Frank Hunleth <fhunleth@troodon-software.com> [Thomas: - add entry in DEVELOPERS file - add missing !BR2_STATIC_LIBS dependency - fix license information, as noticed by Frank Hunleth - add missing dependency on host-pkgconf, needed by the configure script to detect openssl - explicitly pass --with-enginesdir as the value returned by pkg-config is incorrectly prefixed by the sysroot] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-12-07 19:13:30 +01:00
			`$(eval $(autotools-package))`
			`$(eval $(host-autotools-package))`