1 files changed, 284 insertions, 0 deletions
diff --git a/libkcapi.spec b/libkcapi.spec
new file mode 100644
index 0000000..02229f7
--- /dev/null
+++ b/libkcapi.spec
@@ -0,0 +1,284 @@
+%global sysctl_prio       50
+%global sysctl_optmem_max 81920
+%global distroname_ext    %{_vendor}
+
+%if %{?openEuler:1}0
+%define enable_docbook_pdf 1
+%else
+%define enable_docbook_pdf 0
+%endif
+
+Name:           libkcapi
+Version:        1.4.0
+Release:        1
+Summary:        libkcapi - Linux Kernel Crypto API User Space Interface Library
+
+License:        BSD or GPLv2
+URL:            http://www.chronox.de/%{name}.html
+Source0:        http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz
+Source1:        http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz.asc
+
+Patch0:       libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
+
+BuildRequires:  clang coreutils cppcheck gcc hardlink
+BuildRequires:  libtool openssl perl systemd xmlto  kernel-headers >= 4.10.0
+%if 0%{?enable_docbook_pdf}
+BuildRequires:  docbook-utils-pdf
+%endif
+
+Requires:       systemd
+
+Provides:       %{name}-tools
+Provides:       hmaccalc          == 0.9.14-10.1
+Provides:       hmaccalc%{?_isa}  == 0.9.14-10.1
+Provides:       %{name}-hmaccalc
+
+Obsoletes:      %{name}-replacements <= %{version}-%{release}
+Obsoletes:      %{name}-tools
+Obsoletes:      hmaccalc          <= 0.9.14-10
+Obsoletes:      %{name}-hmaccalc
+
+%description
+The Linux kernel exports a Netlink interface of type AF_ALG to allow user space to utilize the kernel crypto API.
+libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.
+The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing.
+Results from the kernel crypto API are returned to the consumer via the library API.
+
+%package        devel
+Summary:        Development files for the %{name} package
+Requires:       %{name} == %{version}-%{release}
+
+Obsoletes:      %{name}-static
+Provides:       %{name}-static
+
+%description    devel
+Header files for applications that use %{name}.
+
+%package tests
+Summary:        Testing scripts for the %{name} package
+Requires:       %{name}%{?_isa}  == %{version}-%{release}
+Requires:       %{name}-tools
+Requires:       %{name}-hmaccalc
+Requires:       coreutils
+Requires:       openssl
+Requires:       perl
+
+%description    tests
+Auxiliary scripts for testing %{name}.
+
+%package_help
+
+%prep
+%autosetup -p 1
+
+cat << EOF > README.%{distroname_ext}
+This package increases the default limit of the ancillary buffer size
+per kernel socket defined in \`net.core.optmem_max\` to %{sysctl_optmem_max} bytes.
+
+For this preset to become active it requires a reboot after the
+installation of this package.  You can also manually increase this
+limit by invocing \`sysctl net.core.optmem_max=%{sysctl_optmem_max}\` as the
+super-user, e.g. using \`su\` or \`sudo\` on the terminal.
+
+This is done to provide consumers of the new Linux Kernel Crypto API
+User Space Interface a well sufficient and reasonable maximum limit
+by default, especially when using AIO with a larger amount of IOVECs.
+
+For further information about the AF_ALG kernel socket and AIO, see
+the discussion at the kernel-crypto mailing-list:
+https://www.mail-archive.com/linux-crypto@vger.kernel.org/msg30417.html
+
+See the instructions given in '%{_sysctldir}/50-default.conf',
+if you need or want to override the preset made by this package.
+EOF
+
+cat << EOF > %{sysctl_prio}-%{name}-optmem_max.conf
+# See the 'README.%{distroname_ext}' file shipped in %%doc
+# with the %{name} package.
+#
+# See '%{_sysctldir}/50-default.conf',
+# if you need or want to override this preset.
+
+# Increase the ancillary buffer size per socket.
+net.core.optmem_max = %{sysctl_optmem_max}
+EOF
+
+%{_bindir}/autoreconf -fiv
+
+
+%build
+%configure               \
+  --libdir=/%{_lib}      \
+  --disable-silent-rules \
+  --enable-kcapi-encapp  \
+  --enable-kcapi-dgstapp \
+  --enable-kcapi-hasher  \
+  --enable-kcapi-rngapp  \
+  --enable-kcapi-speed   \
+  --enable-kcapi-test    \
+  --enable-shared        \
+  --enable-static        \
+  --enable-sum-prefix=   \
+  --enable-sum-dir=/%{_lib} \
+  --with-pkgconfigdir=%{_libdir}/pkgconfig
+%make_build all doc
+
+
+%install
+%make_install
+
+# Install sysctl.d preset.
+mkdir -p %{buildroot}%{_sysctldir}
+install -Dpm 0644 -t %{buildroot}%{_sysctldir} %{sysctl_prio}-%{name}-optmem_max.conf
+
+# Install into proper location for inclusion by %%doc.
+mkdir -p %{buildroot}%{_pkgdocdir}
+install -Dpm 0644 -t %{buildroot}%{_pkgdocdir} README.%{distroname_ext}  README.md CHANGES.md TODO
+%if 0%{?enable_docbook_pdf}
+install -Dpm 0644 -t %{buildroot}%{_pkgdocdir} doc/%{name}.p{df,s}
+%endif
+cp -pr lib/doc/html %{buildroot}%{_pkgdocdir}
+
+# Install replacement tools, if enabled.
+rm -f %{buildroot}%{_bindir}/md5sum       \
+      %{buildroot}%{_bindir}/sha*sum      \
+      %{buildroot}%{_bindir}/fips*        \
+      %{buildroot}%{_bindir}/sm*sum
+
+find %{buildroot} -type f -name '*.la' -print -delete
+find %{buildroot} -type f -name '*.hmac' -print -delete
+find %{buildroot} -type f -size 0 -print -delete
+find %{buildroot}%{_pkgdocdir} -type f -print | xargs %{__chmod} -c 0644
+find %{buildroot}%{_pkgdocdir} -type d -print | xargs %{__chmod} -c 0755
+
+for d in %{_mandir} %{_pkgdocdir}; do
+  hardlink -cfv %{buildroot}$d
+done
+
+%ldconfig_scriptlets
+
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha1hmac   | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha1hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha224hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha224hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha256hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha256hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha384hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha384hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha512hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha512hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sm3hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sm3hmac.hmac
+
+hardlink -cfv %{buildroot}%{_bindir}
+bin/kcapi-hasher -n fipshmac -d %{buildroot}/%{_lib}/fipscheck   %{buildroot}/%{_lib}/libkcapi.so.%{version} || exit 1
+ln -s libkcapi.so.%{version}.hmac    %{buildroot}/%{_lib}/fipscheck/libkcapi.so.1.hmac
+
+%check
+for t in cppcheck scan;do
+    %make_build $t
+done
+
+pushd test
+ENABLE_FUZZ_TEST=1 \
+NO_32BIT_TEST=1 \
+./test-invocation.sh ||:
+popd
+
+%files
+%doc %dir %{_pkgdocdir}
+%doc %{_pkgdocdir}/README.md
+%license COPYING*
+/%{_lib}/%{name}.so.*
+/%{_lib}/fipscheck/%{name}.so.*
+%doc %{_pkgdocdir}/README.%{distroname_ext}
+%{_sysctldir}/%{sysctl_prio}-%{name}-optmem_max.conf
+%{_bindir}/kcapi*
+%{_bindir}/sha*hmac
+%{_bindir}/sm*hmac
+/%{_lib}/hmaccalc/sha*hmac.hmac
+/%{_lib}/hmaccalc/sm*hmac.hmac
+
+%files          devel
+%doc %{_pkgdocdir}/CHANGES.md
+%doc %{_pkgdocdir}/TODO
+%{_includedir}/kcapi.h
+/%{_lib}/%{name}.so
+%{_libdir}/pkgconfig/%{name}.pc
+/%{_lib}/%{name}.a
+
+%files          tests
+%{_libexecdir}/%{name}/*
+
+%files          help
+%doc %{_pkgdocdir}
+%exclude %{_pkgdocdir}/README.md
+%exclude %{_pkgdocdir}/README.%{distroname_ext}
+%exclude %{_pkgdocdir}/CHANGES.md
+%exclude %{_pkgdocdir}/TODO
+%{_mandir}/man1/kcapi*.1.*
+%{_mandir}/man3/kcapi_*.3.*
+
+%changelog
+* Wed Nov 16 2022 yixiangzhike <yixiangzhike007@163.com> - 1.4.0-1
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:Update to 1.4.0
+
+* Wed Jul 13 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-5
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:add macro to control docbook-utils-pdf dependency
+
+* Fri Apr 29 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-4
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:delete duplicate files from libkcapi-help
+
+* Fri Apr 15 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:fix printf usage errors highlighted by covscan
+
+* Wed Jan 26 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-2
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:enable test suite in check
+
+* Thu Dec 30 2021 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-1
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:Update to 1.3.1
+
+* Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 1.2.0-5
+- DESC: delete -S git from %autosetup, and delete BuildRequires git
+
+* Fri Nov 20 2020 panxiaohe <panxiaohe@huawei.com> - 1.2.0-4
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:Solve the failure when installing libkcapi-devel
+
+* Thu Oct 22 2020 zhangxingliang <zhangxingliang3@huawei.com> - 1.2.0-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:Solve the failure when installing libkcapi-tests
+
+* Fri Oct 16 2020 zhangxingliang <zhangxingliang3@huawei.com> - 1.2.0-2
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:Detach the sub package libkcapi-tests from libkcapi
+
+* Fri Jul 17 2020 yang_zhuang_zhuang<yangzhuangzhuang1@huawei.com> - 1.2.0-1
+- Type:enhancement
+- ID:NA
+- SUG:NA
+- DESC:update to 1.2.0
+
+* Thu Nov 14 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.1.5-2
+- Correct provides of hmaccalc
+
+* Tue Sep 3 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.1.5-1
+- Package init