On Tue, Dec 19, 2023 at 8:27 AM Niko Mauno via lists.openembedded.org
<[email protected]> wrote:
>
> From: Niko Mauno <[email protected]>
>
> Starting with version 3.0 the OpenSSL project introduced a new modular
> system to extend OpenSSL that replaces the deprecated Engine modules.
>
> Providers are loaded via configuration directives in the openssl
> configuration file (or directly loaded by applications).
>
> The pkcs11 provider allows applications linked to openssl to use keys
> and cryptographic operations from a hardware or software token via
> their PKCS #11 driver and the use of PCKS #11 URIs.
>
> The pkcs11 provider can be configured to be automatically loaded via
> openssl.cnf
>
> For more details, visit
> https://github.com/latchset/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md
>
> Signed-off-by: Niko Mauno <[email protected]>
> ---
> .../pkcs11-provider/pkcs11-provider_git.bb | 28 +++++++++++++++++++
> 1 file changed, 28 insertions(+)
> create mode 100644
> meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb
>
> diff --git a/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb
> b/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb
> new file mode 100644
> index 000000000..2e25d91c5
> --- /dev/null
> +++ b/meta-oe/recipes-support/pkcs11-provider/pkcs11-provider_git.bb
> @@ -0,0 +1,28 @@
> +SUMMARY = "An OpenSSL provider that allows direct interfacing with pkcs11
> drivers"
> +DESCRIPTION = "\
> +This is an Openssl 3.x provider to access Hardware or Software Tokens using \
> +the PKCS#11 Cryptographic Token Interface\
> +\
> +This code targets version 3.1 of the interface but should be backwards \
> +compatible to previous versions as well.\
> +"
> +HOMEPAGE = "https://github.com/latchset/pkcs11-provider";
> +SECTION = "libs"
> +LICENSE = "Apache-2.0"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=b53b787444a60266932bd270d1cf2d45"
> +DEPENDS = "\
> + autoconf-archive \
> + openssl \
> + p11-kit \
> +"
> +
> +SRCREV = "e2abc4a7ae33159f2fb21b9d87a05ea9e79ef584"
> +PV = "0.2+git${SRCPV}"
I think SRCPV is redundant here as we do not need it on master.
> +
> +SRC_URI = "git://github.com/latchset/${BPN}.git;branch=main;protocol=https"
> +
> +S = "${WORKDIR}/git"
> +
> +inherit autotools pkgconfig
> +
> +FILES:${PN} += "${libdir}/ossl-modules/pkcs11.so"
> --
> 2.39.2
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#107639):
https://lists.openembedded.org/g/openembedded-devel/message/107639
Mute This Topic: https://lists.openembedded.org/mt/103265166/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
