base: pkcs11-provider: add recipe

A pkcs#11 provider for OpenSSL 3.0+ This is an Openssl 3.x provider to access Hardware or Software Tokens using the PKCS#11 Cryptographic Token Interface Signed-off-by: Jose Quaresma <[email protected]>
foundriesio · Mar 2, 2023 · 89448de · 89448de
1 parent d1ef01c
commit 89448de
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 0 deletions.
diff --git a/...pes-security/pkcs11/files/0001-configure.ac-fix-libsoftokn3-detection-when-cross-co.patch b/...pes-security/pkcs11/files/0001-configure.ac-fix-libsoftokn3-detection-when-cross-co.patch
@@ -0,0 +1,45 @@
+From 4e17314c73ba7d50dacd74615d7db9d226085282 Mon Sep 17 00:00:00 2001
+From: Jose Quaresma <[email protected]>
+Date: Thu, 2 Mar 2023 15:45:40 +0000
+Subject: [PATCH] configure.ac: fix libsoftokn3 detection when cross compiling
+
+These fix cross compilation with bitbake:
+
+| checking for /build/tmp-lmp/work/corei7-64-lmp-linux/pkcs11-provider/0.1+git999-r0/recipe-sysroot/usr/lib/libsoftokn3.so... configure: error: cannot check for file existence when cross compiling
+
+Upstream-Status: Pending
+
+Signed-off-by: Jose Quaresma <[email protected]>
+---
+ configure.ac | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 7d3f163..0f66844 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -95,11 +95,17 @@ PKG_CHECK_EXISTS(
+         )]
+ )
+
+-AC_CHECK_FILE($SOFTOKENDIR/libsoftokn3$SHARED_EXT, [],
+-    [AC_CHECK_FILE($SOFTOKENDIR/nss/libsoftokn3$SHARED_EXT,
+-        [AC_SUBST([SOFTOKEN_SUBDIR], "nss/")],
++if test "$cross_compiling" != "yes"; then
++    AC_CHECK_FILE($SOFTOKENDIR/libsoftokn3$SHARED_EXT, [],
++        [AC_CHECK_FILE($SOFTOKENDIR/nss/libsoftokn3$SHARED_EXT,
++            [AC_SUBST([SOFTOKEN_SUBDIR], "nss/")],
++            [AC_MSG_WARN([Softoken library missing, tests will fail!])])
++        ])
++else
++    AS_IF([test -a "$SOFTOKENDIR/libsoftokn3$SHARED_EXT"],
++        [],
+         [AC_MSG_WARN([Softoken library missing, tests will fail!])])
+-    ])
++fi
+
+ # find p11-kit-client to separate softhsm openssl context from our tests
+ PKG_CHECK_EXISTS([p11-kit-1],
+-- 
+2.34.1
+
diff --git a/meta-lmp-base/recipes-security/pkcs11/pkcs11-provider_git.bb b/meta-lmp-base/recipes-security/pkcs11/pkcs11-provider_git.bb
@@ -0,0 +1,29 @@
+HOMEPAGE = "https://github.com/latchset/pkcs11-provider"
+SUMMARY =  "A pkcs#11 provider for OpenSSL 3.0+"
+DESCRIPTION = "This is an Openssl 3.x provider to access Hardware or Software \
+ Tokens using the PKCS#11 Cryptographic Token Interface"
+
+LICENSE = "Apache-2.0 & OASIS"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b53b787444a60266932bd270d1cf2d45 \
+                    file://LICENSES/LicenseRef-OASIS-IPR.txt;md5=d709b4c4f378c7ed5e113342135bfe57"
+
+SRC_URI = "git://github.com/latchset/pkcs11-provider;protocol=https;branch=main \
+           file://0001-configure.ac-fix-libsoftokn3-detection-when-cross-co.patch \
+           "
+
+PV = "0.1+git${SRCPV}"
+SRCREV = "f6d320951b61697986f57123b396962287764195"
+
+S = "${WORKDIR}/git"
+
+DEPENDS = "autoconf-archive nss p11-kit openssl"
+
+inherit pkgconfig autotools
+
+# SOFTOKENDIR value of libdir for nss-softokn, overriding pkg-config
+export SOFTOKENDIR="${STAGING_BASELIBDIR}"
+
+# Specify any options you want to pass to the configure script using EXTRA_OECONF:
+EXTRA_OECONF = ""
+
+FILES:${PN} += "${nonarch_base_libdir}/ossl-modules/pkcs11.so"