* [Buildroot] [PATCH v2] package/softhsm2: new package
@ 2021-10-19 8:04 José Pekkarinen
2021-10-24 8:38 ` Gilles Talis
0 siblings, 1 reply; 4+ messages in thread
From: José Pekkarinen @ 2021-10-19 8:04 UTC (permalink / raw)
To: buildroot; +Cc: José Pekkarinen
This patch adds a package for softhsm2.
Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
---
[ v1 -> v2 ]
- Added hash file and license information
- Moved recipe to use tarball
- Provided support to build against different ssl libraries
- Fixed toolchain dependencies and ssl select
- Referenced the package in package/Config.in
- Added myself as developer
DEVELOPERS | 3 +++
package/Config.in | 1 +
package/softhsm2/Config.in | 35 ++++++++++++++++++++++++++++++++++
package/softhsm2/softhsm2.hash | 4 ++++
package/softhsm2/softhsm2.mk | 16 ++++++++++++++++
5 files changed, 59 insertions(+)
create mode 100644 package/softhsm2/Config.in
create mode 100644 package/softhsm2/softhsm2.hash
create mode 100644 package/softhsm2/softhsm2.mk
diff --git a/DEVELOPERS b/DEVELOPERS
index f6c39516b5..83d20d56cc 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -2927,3 +2927,6 @@ F: package/qjson/
F: package/quazip/
F: package/shapelib/
F: package/tinc/
+
+N: José Pekkarinen <jose.pekkarinen@unikie.com>
+F: package/softhsm2/
diff --git a/package/Config.in b/package/Config.in
index 7971726875..4f9cd38a97 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2019,6 +2019,7 @@ menu "Security"
source "package/libsemanage/Config.in"
source "package/libsepol/Config.in"
source "package/safeclib/Config.in"
+ source "package/softhsm2/Config.in"
endmenu
menu "Text and terminal handling"
diff --git a/package/softhsm2/Config.in b/package/softhsm2/Config.in
new file mode 100644
index 0000000000..e4ca75de12
--- /dev/null
+++ b/package/softhsm2/Config.in
@@ -0,0 +1,35 @@
+config BR2_PACKAGE_SOFTHSM2
+ bool "softhsm2"
+ depends on BR2_INSTALL_LIBSTDCPP
+ depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
+ depends on !BR2_STATIC_LIBS # dlopen()
+ select BR2_PACKAGE_OPENSSL
+ select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
+ help
+ SoftHSM is an implementation of a cryptographic store
+ accessible through a PKCS#11 interface. You can use it
+ to explore PKCS#11 without having a Hardware Security
+ Module.
+
+ https://www.opendnssec.org/softhsm
+
+choice
+ prompt "SSL/TLS library to use"
+
+config BR2_PACKAGE_SOFTHSM2_OPENSSL
+ bool "OpenSSL"
+ depends on BR2_PACKAGE_OPENSSL
+ select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL
+
+config BR2_PACKAGE_SOFTHSM2_BEARSSL
+ bool "BearSSL"
+ depends on BR2_PACKAGE_BEARSSL
+
+config BR2_PACKAGE_SOFTHSM2_WOLFSSL
+ bool "WolfSSL"
+ depends on BR2_PACKAGE_WOLFSSL
+ select BR2_PACKAGE_WOLFSSL_ALL
+
+endchoice
+
+comment "softhsm2 needs a toolchain with dynamic library"
diff --git a/package/softhsm2/softhsm2.hash b/package/softhsm2/softhsm2.hash
new file mode 100644
index 0000000000..a33e0d7e6f
--- /dev/null
+++ b/package/softhsm2/softhsm2.hash
@@ -0,0 +1,4 @@
+# From https://www.opendnssec.org/2020/04/1602/
+sha256 61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2 softhsm-2.6.1.tar.gz
+# Locally computed
+sha256 230cab7102816e99f7ce03ef476352fcad09d742fcbc6580d44393db6280b64c LICENSE
diff --git a/package/softhsm2/softhsm2.mk b/package/softhsm2/softhsm2.mk
new file mode 100644
index 0000000000..4b47def3bf
--- /dev/null
+++ b/package/softhsm2/softhsm2.mk
@@ -0,0 +1,16 @@
+################################################################################
+#
+# softhsm2
+#
+################################################################################
+
+SOFTHSM2_VERSION = 2.6.1
+SOFTHSM2_SOURCE = softhsm-$(SOFTHSM2_VERSION).tar.gz
+SOFTHSM2_SITE = https://dist.opendnssec.org/source
+SOFTHSM2_LICENSE = BSD-2-Clause
+SOFTHSM2_LICENSE_FILES = LICENSE
+SOFTHSM2_DEPENDENCIES = openssl
+SOFTHSM2_AUTORECONF = YES
+SOFTHSM2_INSTALL_STAGING = YES
+
+$(eval $(autotools-package))
--
2.25.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH v2] package/softhsm2: new package
2021-10-19 8:04 [Buildroot] [PATCH v2] package/softhsm2: new package José Pekkarinen
@ 2021-10-24 8:38 ` Gilles Talis
2021-10-25 5:47 ` José Pekkarinen
2021-10-25 7:20 ` José Pekkarinen
0 siblings, 2 replies; 4+ messages in thread
From: Gilles Talis @ 2021-10-24 8:38 UTC (permalink / raw)
To: José Pekkarinen; +Cc: buildroot
[-- Attachment #1.1: Type: text/plain, Size: 5758 bytes --]
Hi José,
Le mar. 19 oct. 2021 à 10:05, José Pekkarinen <jose.pekkarinen@unikie.com>
a écrit :
> This patch adds a package for softhsm2.
>
> Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
> ---
> [ v1 -> v2 ]
> - Added hash file and license information
> - Moved recipe to use tarball
> - Provided support to build against different ssl libraries
> - Fixed toolchain dependencies and ssl select
> - Referenced the package in package/Config.in
> - Added myself as developer
>
thanks for this update. There are still a few things to fix in your patch.
> DEVELOPERS | 3 +++
> package/Config.in | 1 +
> package/softhsm2/Config.in | 35 ++++++++++++++++++++++++++++++++++
> package/softhsm2/softhsm2.hash | 4 ++++
> package/softhsm2/softhsm2.mk | 16 ++++++++++++++++
> 5 files changed, 59 insertions(+)
> create mode 100644 package/softhsm2/Config.in
> create mode 100644 package/softhsm2/softhsm2.hash
> create mode 100644 package/softhsm2/softhsm2.mk
>
> diff --git a/DEVELOPERS b/DEVELOPERS
> index f6c39516b5..83d20d56cc 100644
> --- a/DEVELOPERS
> +++ b/DEVELOPERS
> @@ -2927,3 +2927,6 @@ F: package/qjson/
> F: package/quazip/
> F: package/shapelib/
> F: package/tinc/
> +
> +N: José Pekkarinen <jose.pekkarinen@unikie.com>
> +F: package/softhsm2/
> diff --git a/package/Config.in b/package/Config.in
> index 7971726875..4f9cd38a97 100644
> --- a/package/Config.in
> +++ b/package/Config.in
> @@ -2019,6 +2019,7 @@ menu "Security"
> source "package/libsemanage/Config.in"
> source "package/libsepol/Config.in"
> source "package/safeclib/Config.in"
> + source "package/softhsm2/Config.in"
> endmenu
>
> menu "Text and terminal handling"
> diff --git a/package/softhsm2/Config.in b/package/softhsm2/Config.in
> new file mode 100644
> index 0000000000..e4ca75de12
> --- /dev/null
> +++ b/package/softhsm2/Config.in
> @@ -0,0 +1,35 @@
> +config BR2_PACKAGE_SOFTHSM2
> + bool "softhsm2"
> + depends on BR2_INSTALL_LIBSTDCPP
> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
> + depends on !BR2_STATIC_LIBS # dlopen()
> + select BR2_PACKAGE_OPENSSL
> + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
>
I know I somewhat confused you in my first review :-) But did you check
whether your package could work with libressl. If it does, you do not need
the select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL.
Please refer to Arnout's comment on the first version of your patch.
+ help
> + SoftHSM is an implementation of a cryptographic store
> + accessible through a PKCS#11 interface. You can use it
> + to explore PKCS#11 without having a Hardware Security
> + Module.
> +
> + https://www.opendnssec.org/softhsm
The upstream url should have the same indentation as the help text above.
Please make sure you run the "./utils/check-package" utility before pushing
your patch.
>
> +
> +choice
> + prompt "SSL/TLS library to use"
> +
> +config BR2_PACKAGE_SOFTHSM2_OPENSSL
> + bool "OpenSSL"
> + depends on BR2_PACKAGE_OPENSSL
> + select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL
> +
> +config BR2_PACKAGE_SOFTHSM2_BEARSSL
> + bool "BearSSL"
> + depends on BR2_PACKAGE_BEARSSL
> +
> +config BR2_PACKAGE_SOFTHSM2_WOLFSSL
> + bool "WolfSSL"
> + depends on BR2_PACKAGE_WOLFSSL
> + select BR2_PACKAGE_WOLFSSL_ALL
> +
> +endchoice
>
This is not required. You can get rid of the choice menu, as you are not
interested in supporting botan.
+
> +comment "softhsm2 needs a toolchain with dynamic library"
>
a few comments there:
1) this should appear conditionally so you should mention the dependencies.
Please refer to other packages that have the same type of constraints.
2) you should mention the CPP and C++11 requirements ("sofhsm2 needs a
toolchain w/ C++, gcc >= 4.8 and dynamic library support")
> diff --git a/package/softhsm2/softhsm2.hash
> b/package/softhsm2/softhsm2.hash
> new file mode 100644
> index 0000000000..a33e0d7e6f
> --- /dev/null
> +++ b/package/softhsm2/softhsm2.hash
> @@ -0,0 +1,4 @@
> +# From https://www.opendnssec.org/2020/04/1602/
> +sha256 61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2
> softhsm-2.6.1.tar.gz
> +# Locally computed
> +sha256 230cab7102816e99f7ce03ef476352fcad09d742fcbc6580d44393db6280b64c
> LICENSE
>
the correct indentation is
sha256 <2 spaces> sha256sum <2 spaces> package/license
diff --git a/package/softhsm2/softhsm2.mk b/package/softhsm2/softhsm2.mk
> new file mode 100644
> index 0000000000..4b47def3bf
> --- /dev/null
> +++ b/package/softhsm2/softhsm2.mk
> @@ -0,0 +1,16 @@
>
> +################################################################################
> +#
> +# softhsm2
> +#
>
> +################################################################################
> +
> +SOFTHSM2_VERSION = 2.6.1
> +SOFTHSM2_SOURCE = softhsm-$(SOFTHSM2_VERSION).tar.gz
>
This is not required as it is the default
> +SOFTHSM2_SITE = https://dist.opendnssec.org/source
> +SOFTHSM2_LICENSE = BSD-2-Clause
> +SOFTHSM2_LICENSE_FILES = LICENSE
> +SOFTHSM2_DEPENDENCIES = openssl
> +SOFTHSM2_AUTORECONF = YES
>
you should explain why it is required, e.g. "no configure script provided"
+SOFTHSM2_INSTALL_STAGING = YES
> +
> +$(eval $(autotools-package))
> --
> 2.25.1
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
>
[-- Attachment #1.2: Type: text/html, Size: 10086 bytes --]
[-- Attachment #2: Type: text/plain, Size: 150 bytes --]
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH v2] package/softhsm2: new package
2021-10-24 8:38 ` Gilles Talis
@ 2021-10-25 5:47 ` José Pekkarinen
2021-10-25 7:20 ` José Pekkarinen
1 sibling, 0 replies; 4+ messages in thread
From: José Pekkarinen @ 2021-10-25 5:47 UTC (permalink / raw)
To: Gilles Talis; +Cc: buildroot
[-- Attachment #1.1: Type: text/plain, Size: 6261 bytes --]
On Sun, Oct 24, 2021 at 11:39 AM Gilles Talis <gilles.talis@gmail.com>
wrote:
> Hi José,
>
> Le mar. 19 oct. 2021 à 10:05, José Pekkarinen <jose.pekkarinen@unikie.com>
> a écrit :
>
>> This patch adds a package for softhsm2.
>>
>> Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
>> ---
>> [ v1 -> v2 ]
>> - Added hash file and license information
>> - Moved recipe to use tarball
>> - Provided support to build against different ssl libraries
>> - Fixed toolchain dependencies and ssl select
>> - Referenced the package in package/Config.in
>> - Added myself as developer
>>
> thanks for this update. There are still a few things to fix in your patch.
>
Hi,
No problem, I'll get to them.
>
>> DEVELOPERS | 3 +++
>> package/Config.in | 1 +
>> package/softhsm2/Config.in | 35 ++++++++++++++++++++++++++++++++++
>> package/softhsm2/softhsm2.hash | 4 ++++
>> package/softhsm2/softhsm2.mk | 16 ++++++++++++++++
>> 5 files changed, 59 insertions(+)
>> create mode 100644 package/softhsm2/Config.in
>> create mode 100644 package/softhsm2/softhsm2.hash
>> create mode 100644 package/softhsm2/softhsm2.mk
>>
>> diff --git a/DEVELOPERS b/DEVELOPERS
>> index f6c39516b5..83d20d56cc 100644
>> --- a/DEVELOPERS
>> +++ b/DEVELOPERS
>> @@ -2927,3 +2927,6 @@ F: package/qjson/
>> F: package/quazip/
>> F: package/shapelib/
>> F: package/tinc/
>> +
>> +N: José Pekkarinen <jose.pekkarinen@unikie.com>
>> +F: package/softhsm2/
>> diff --git a/package/Config.in b/package/Config.in
>> index 7971726875..4f9cd38a97 100644
>> --- a/package/Config.in
>> +++ b/package/Config.in
>> @@ -2019,6 +2019,7 @@ menu "Security"
>> source "package/libsemanage/Config.in"
>> source "package/libsepol/Config.in"
>> source "package/safeclib/Config.in"
>> + source "package/softhsm2/Config.in"
>> endmenu
>>
>> menu "Text and terminal handling"
>> diff --git a/package/softhsm2/Config.in b/package/softhsm2/Config.in
>> new file mode 100644
>> index 0000000000..e4ca75de12
>> --- /dev/null
>> +++ b/package/softhsm2/Config.in
>> @@ -0,0 +1,35 @@
>> +config BR2_PACKAGE_SOFTHSM2
>> + bool "softhsm2"
>> + depends on BR2_INSTALL_LIBSTDCPP
>> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
>> + depends on !BR2_STATIC_LIBS # dlopen()
>> + select BR2_PACKAGE_OPENSSL
>> + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
>>
> I know I somewhat confused you in my first review :-) But did you check
> whether your package could work with libressl. If it does, you do not need
> the select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL.
> Please refer to Arnout's comment on the first version of your patch.
>
Is this something I can quickly test by changing the
config snippet in test-pkg?
> + help
>> + SoftHSM is an implementation of a cryptographic store
>> + accessible through a PKCS#11 interface. You can use it
>> + to explore PKCS#11 without having a Hardware Security
>> + Module.
>> +
>> + https://www.opendnssec.org/softhsm
>
> The upstream url should have the same indentation as the help text above.
> Please make sure you run the "./utils/check-package" utility before pushing
> your patch.
>
Well, sorry, but I did, this is the output of the
patch before correcting the indentation:
$ ./utils/check-package package/softhsm2/*
55 lines processed
0 warnings generated
>
>> +
>> +choice
>> + prompt "SSL/TLS library to use"
>> +
>> +config BR2_PACKAGE_SOFTHSM2_OPENSSL
>> + bool "OpenSSL"
>> + depends on BR2_PACKAGE_OPENSSL
>> + select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL
>> +
>> +config BR2_PACKAGE_SOFTHSM2_BEARSSL
>> + bool "BearSSL"
>> + depends on BR2_PACKAGE_BEARSSL
>> +
>> +config BR2_PACKAGE_SOFTHSM2_WOLFSSL
>> + bool "WolfSSL"
>> + depends on BR2_PACKAGE_WOLFSSL
>> + select BR2_PACKAGE_WOLFSSL_ALL
>> +
>> +endchoice
>>
> This is not required. You can get rid of the choice menu, as you are not
> interested in supporting botan.
>
Alright, removing.
+
>> +comment "softhsm2 needs a toolchain with dynamic library"
>>
> a few comments there:
> 1) this should appear conditionally so you should mention the
> dependencies. Please refer to other packages that have the same type of
> constraints.
> 2) you should mention the CPP and C++11 requirements ("sofhsm2 needs a
> toolchain w/ C++, gcc >= 4.8 and dynamic library support")
>
>
>> diff --git a/package/softhsm2/softhsm2.hash
>> b/package/softhsm2/softhsm2.hash
>> new file mode 100644
>> index 0000000000..a33e0d7e6f
>> --- /dev/null
>> +++ b/package/softhsm2/softhsm2.hash
>> @@ -0,0 +1,4 @@
>> +# From https://www.opendnssec.org/2020/04/1602/
>> +sha256 61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2
>> softhsm-2.6.1.tar.gz
>> +# Locally computed
>> +sha256 230cab7102816e99f7ce03ef476352fcad09d742fcbc6580d44393db6280b64c
>> LICENSE
>>
> the correct indentation is
> sha256 <2 spaces> sha256sum <2 spaces> package/license
>
Ack.
> diff --git a/package/softhsm2/softhsm2.mk b/package/softhsm2/softhsm2.mk
>> new file mode 100644
>> index 0000000000..4b47def3bf
>> --- /dev/null
>> +++ b/package/softhsm2/softhsm2.mk
>> @@ -0,0 +1,16 @@
>>
>> +################################################################################
>> +#
>> +# softhsm2
>> +#
>>
>> +################################################################################
>> +
>> +SOFTHSM2_VERSION = 2.6.1
>> +SOFTHSM2_SOURCE = softhsm-$(SOFTHSM2_VERSION).tar.gz
>>
> This is not required as it is the default
>
Ack.
> +SOFTHSM2_SITE = https://dist.opendnssec.org/source
>> +SOFTHSM2_LICENSE = BSD-2-Clause
>> +SOFTHSM2_LICENSE_FILES = LICENSE
>> +SOFTHSM2_DEPENDENCIES = openssl
>> +SOFTHSM2_AUTORECONF = YES
>>
> you should explain why it is required, e.g. "no configure script provided"
>
Hum... I thought I removed this because of previous comments,
I'll recheck this out.
Thanks!
José.
[-- Attachment #1.2: Type: text/html, Size: 12924 bytes --]
[-- Attachment #2: Type: text/plain, Size: 150 bytes --]
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH v2] package/softhsm2: new package
2021-10-24 8:38 ` Gilles Talis
2021-10-25 5:47 ` José Pekkarinen
@ 2021-10-25 7:20 ` José Pekkarinen
1 sibling, 0 replies; 4+ messages in thread
From: José Pekkarinen @ 2021-10-25 7:20 UTC (permalink / raw)
To: Gilles Talis; +Cc: buildroot
[-- Attachment #1.1: Type: text/plain, Size: 8151 bytes --]
On Sun, Oct 24, 2021 at 11:39 AM Gilles Talis <gilles.talis@gmail.com>
wrote:
> Hi José,
>
> Le mar. 19 oct. 2021 à 10:05, José Pekkarinen <jose.pekkarinen@unikie.com>
> a écrit :
>
>> This patch adds a package for softhsm2.
>>
>> Signed-off-by: José Pekkarinen <jose.pekkarinen@unikie.com>
>> ---
>> [ v1 -> v2 ]
>> - Added hash file and license information
>> - Moved recipe to use tarball
>> - Provided support to build against different ssl libraries
>> - Fixed toolchain dependencies and ssl select
>> - Referenced the package in package/Config.in
>> - Added myself as developer
>>
> thanks for this update. There are still a few things to fix in your patch.
>
>
>> DEVELOPERS | 3 +++
>> package/Config.in | 1 +
>> package/softhsm2/Config.in | 35 ++++++++++++++++++++++++++++++++++
>> package/softhsm2/softhsm2.hash | 4 ++++
>> package/softhsm2/softhsm2.mk | 16 ++++++++++++++++
>> 5 files changed, 59 insertions(+)
>> create mode 100644 package/softhsm2/Config.in
>> create mode 100644 package/softhsm2/softhsm2.hash
>> create mode 100644 package/softhsm2/softhsm2.mk
>>
>> diff --git a/DEVELOPERS b/DEVELOPERS
>> index f6c39516b5..83d20d56cc 100644
>> --- a/DEVELOPERS
>> +++ b/DEVELOPERS
>> @@ -2927,3 +2927,6 @@ F: package/qjson/
>> F: package/quazip/
>> F: package/shapelib/
>> F: package/tinc/
>> +
>> +N: José Pekkarinen <jose.pekkarinen@unikie.com>
>> +F: package/softhsm2/
>> diff --git a/package/Config.in b/package/Config.in
>> index 7971726875..4f9cd38a97 100644
>> --- a/package/Config.in
>> +++ b/package/Config.in
>> @@ -2019,6 +2019,7 @@ menu "Security"
>> source "package/libsemanage/Config.in"
>> source "package/libsepol/Config.in"
>> source "package/safeclib/Config.in"
>> + source "package/softhsm2/Config.in"
>> endmenu
>>
>> menu "Text and terminal handling"
>> diff --git a/package/softhsm2/Config.in b/package/softhsm2/Config.in
>> new file mode 100644
>> index 0000000000..e4ca75de12
>> --- /dev/null
>> +++ b/package/softhsm2/Config.in
>> @@ -0,0 +1,35 @@
>> +config BR2_PACKAGE_SOFTHSM2
>> + bool "softhsm2"
>> + depends on BR2_INSTALL_LIBSTDCPP
>> + depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11
>> + depends on !BR2_STATIC_LIBS # dlopen()
>> + select BR2_PACKAGE_OPENSSL
>> + select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
>>
> I know I somewhat confused you in my first review :-) But did you check
> whether your package could work with libressl. If it does, you do not need
> the select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL.
> Please refer to Arnout's comment on the first version of your patch.
>
Seems it is needed according to test-pkg, see the output:
In file included from OSSLComp.cpp:34:
OSSLComp.h:87:2: error: #error This OpenSSL version is incompatible with
EDDSA
87 | #error This OpenSSL version is incompatible with EDDSA
| ^~~~~
libtool: compile:
/home/pekkari/br-test-pkg/bootlin-armv5-uclibc/host/bin/arm-linux-g++
-DHAVE_CONFIG_H -I. -I../../.. -I./.. -I./../common -I./../data_mgr
-I./../pkcs11 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LA
RGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -Wall -Wextra
-fvisibility=hidden -c OSSLDHPublicKey.cpp -fPIC -DPIC -o
.libs/OSSLDHPublicKey.o
In file included from OSSLDH.cpp:38:
OSSLComp.h:87:2: error: #error This OpenSSL version is incompatible with
EDDSA
87 | #error This OpenSSL version is incompatible with EDDSA
| ^~~~~
make[7]: *** [Makefile:865: OSSLComp.lo] Error 1
make[7]: *** Waiting for unfinished jobs....
In file included from OSSLDHPrivateKey.cpp:35:
OSSLComp.h:87:2: error: #error This OpenSSL version is incompatible with
EDDSA
87 | #error This OpenSSL version is incompatible with EDDSA
| ^~~~~
libtool: compile:
/home/pekkari/br-test-pkg/bootlin-armv5-uclibc/host/bin/arm-linux-g++
-DHAVE_CONFIG_H -I. -I../../.. -I./.. -I./../common -I./../data_mgr
-I./../pkcs11 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LA
RGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -Wall -Wextra
-fvisibility=hidden -c OSSLDSA.cpp -fPIC -DPIC -o .libs/OSSLDSA.o
In file included from OSSLDHPublicKey.cpp:35:
OSSLComp.h:87:2: error: #error This OpenSSL version is incompatible with
EDDSA
87 | #error This OpenSSL version is incompatible with EDDSA
| ^~~~~
In file included from OSSLDSA.cpp:39:
OSSLComp.h:87:2: error: #error This OpenSSL version is incompatible with
EDDSA
87 | #error This OpenSSL version is incompatible with EDDSA
| ^~~~~
$ cat softhsm2.config
BR2_PACKAGE_LIBRESSL=y
BR2_PACKAGE_SOFTHSM2=y
Best regards.
José.
> + help
>> + SoftHSM is an implementation of a cryptographic store
>> + accessible through a PKCS#11 interface. You can use it
>> + to explore PKCS#11 without having a Hardware Security
>> + Module.
>> +
>> + https://www.opendnssec.org/softhsm
>
> The upstream url should have the same indentation as the help text above.
> Please make sure you run the "./utils/check-package" utility before pushing
> your patch.
>
>
>>
>> +
>> +choice
>> + prompt "SSL/TLS library to use"
>> +
>> +config BR2_PACKAGE_SOFTHSM2_OPENSSL
>> + bool "OpenSSL"
>> + depends on BR2_PACKAGE_OPENSSL
>> + select BR2_PACKAGE_LIBOPENSSL_ENABLE_DES if BR2_PACKAGE_LIBOPENSSL
>> +
>> +config BR2_PACKAGE_SOFTHSM2_BEARSSL
>> + bool "BearSSL"
>> + depends on BR2_PACKAGE_BEARSSL
>> +
>> +config BR2_PACKAGE_SOFTHSM2_WOLFSSL
>> + bool "WolfSSL"
>> + depends on BR2_PACKAGE_WOLFSSL
>> + select BR2_PACKAGE_WOLFSSL_ALL
>> +
>> +endchoice
>>
> This is not required. You can get rid of the choice menu, as you are not
> interested in supporting botan.
>
> +
>> +comment "softhsm2 needs a toolchain with dynamic library"
>>
> a few comments there:
> 1) this should appear conditionally so you should mention the
> dependencies. Please refer to other packages that have the same type of
> constraints.
> 2) you should mention the CPP and C++11 requirements ("sofhsm2 needs a
> toolchain w/ C++, gcc >= 4.8 and dynamic library support")
>
>
>> diff --git a/package/softhsm2/softhsm2.hash
>> b/package/softhsm2/softhsm2.hash
>> new file mode 100644
>> index 0000000000..a33e0d7e6f
>> --- /dev/null
>> +++ b/package/softhsm2/softhsm2.hash
>> @@ -0,0 +1,4 @@
>> +# From https://www.opendnssec.org/2020/04/1602/
>> +sha256 61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2
>> softhsm-2.6.1.tar.gz
>> +# Locally computed
>> +sha256 230cab7102816e99f7ce03ef476352fcad09d742fcbc6580d44393db6280b64c
>> LICENSE
>>
> the correct indentation is
> sha256 <2 spaces> sha256sum <2 spaces> package/license
>
> diff --git a/package/softhsm2/softhsm2.mk b/package/softhsm2/softhsm2.mk
>> new file mode 100644
>> index 0000000000..4b47def3bf
>> --- /dev/null
>> +++ b/package/softhsm2/softhsm2.mk
>> @@ -0,0 +1,16 @@
>>
>> +################################################################################
>> +#
>> +# softhsm2
>> +#
>>
>> +################################################################################
>> +
>> +SOFTHSM2_VERSION = 2.6.1
>> +SOFTHSM2_SOURCE = softhsm-$(SOFTHSM2_VERSION).tar.gz
>>
> This is not required as it is the default
>
>
>> +SOFTHSM2_SITE = https://dist.opendnssec.org/source
>> +SOFTHSM2_LICENSE = BSD-2-Clause
>> +SOFTHSM2_LICENSE_FILES = LICENSE
>> +SOFTHSM2_DEPENDENCIES = openssl
>> +SOFTHSM2_AUTORECONF = YES
>>
> you should explain why it is required, e.g. "no configure script provided"
>
> +SOFTHSM2_INSTALL_STAGING = YES
>> +
>> +$(eval $(autotools-package))
>> --
>> 2.25.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot@buildroot.org
>> https://lists.buildroot.org/mailman/listinfo/buildroot
>>
>
--
José.
[-- Attachment #1.2: Type: text/html, Size: 13093 bytes --]
[-- Attachment #2: Type: text/plain, Size: 150 bytes --]
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-10-25 7:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-19 8:04 [Buildroot] [PATCH v2] package/softhsm2: new package José Pekkarinen
2021-10-24 8:38 ` Gilles Talis
2021-10-25 5:47 ` José Pekkarinen
2021-10-25 7:20 ` José Pekkarinen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.