blob: 02229f74e95c2aee1a8e54339d8e5568170bd27f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
|
%global sysctl_prio 50
%global sysctl_optmem_max 81920
%global distroname_ext %{_vendor}
%if %{?openEuler:1}0
%define enable_docbook_pdf 1
%else
%define enable_docbook_pdf 0
%endif
Name: libkcapi
Version: 1.4.0
Release: 1
Summary: libkcapi - Linux Kernel Crypto API User Space Interface Library
License: BSD or GPLv2
URL: http://www.chronox.de/%{name}.html
Source0: http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz
Source1: http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz.asc
Patch0: libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
BuildRequires: clang coreutils cppcheck gcc hardlink
BuildRequires: libtool openssl perl systemd xmlto kernel-headers >= 4.10.0
%if 0%{?enable_docbook_pdf}
BuildRequires: docbook-utils-pdf
%endif
Requires: systemd
Provides: %{name}-tools
Provides: hmaccalc == 0.9.14-10.1
Provides: hmaccalc%{?_isa} == 0.9.14-10.1
Provides: %{name}-hmaccalc
Obsoletes: %{name}-replacements <= %{version}-%{release}
Obsoletes: %{name}-tools
Obsoletes: hmaccalc <= 0.9.14-10
Obsoletes: %{name}-hmaccalc
%description
The Linux kernel exports a Netlink interface of type AF_ALG to allow user space to utilize the kernel crypto API.
libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.
The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing.
Results from the kernel crypto API are returned to the consumer via the library API.
%package devel
Summary: Development files for the %{name} package
Requires: %{name} == %{version}-%{release}
Obsoletes: %{name}-static
Provides: %{name}-static
%description devel
Header files for applications that use %{name}.
%package tests
Summary: Testing scripts for the %{name} package
Requires: %{name}%{?_isa} == %{version}-%{release}
Requires: %{name}-tools
Requires: %{name}-hmaccalc
Requires: coreutils
Requires: openssl
Requires: perl
%description tests
Auxiliary scripts for testing %{name}.
%package_help
%prep
%autosetup -p 1
cat << EOF > README.%{distroname_ext}
This package increases the default limit of the ancillary buffer size
per kernel socket defined in \`net.core.optmem_max\` to %{sysctl_optmem_max} bytes.
For this preset to become active it requires a reboot after the
installation of this package. You can also manually increase this
limit by invocing \`sysctl net.core.optmem_max=%{sysctl_optmem_max}\` as the
super-user, e.g. using \`su\` or \`sudo\` on the terminal.
This is done to provide consumers of the new Linux Kernel Crypto API
User Space Interface a well sufficient and reasonable maximum limit
by default, especially when using AIO with a larger amount of IOVECs.
For further information about the AF_ALG kernel socket and AIO, see
the discussion at the kernel-crypto mailing-list:
https://www.mail-archive.com/linux-crypto@vger.kernel.org/msg30417.html
See the instructions given in '%{_sysctldir}/50-default.conf',
if you need or want to override the preset made by this package.
EOF
cat << EOF > %{sysctl_prio}-%{name}-optmem_max.conf
# See the 'README.%{distroname_ext}' file shipped in %%doc
# with the %{name} package.
#
# See '%{_sysctldir}/50-default.conf',
# if you need or want to override this preset.
# Increase the ancillary buffer size per socket.
net.core.optmem_max = %{sysctl_optmem_max}
EOF
%{_bindir}/autoreconf -fiv
%build
%configure \
--libdir=/%{_lib} \
--disable-silent-rules \
--enable-kcapi-encapp \
--enable-kcapi-dgstapp \
--enable-kcapi-hasher \
--enable-kcapi-rngapp \
--enable-kcapi-speed \
--enable-kcapi-test \
--enable-shared \
--enable-static \
--enable-sum-prefix= \
--enable-sum-dir=/%{_lib} \
--with-pkgconfigdir=%{_libdir}/pkgconfig
%make_build all doc
%install
%make_install
# Install sysctl.d preset.
mkdir -p %{buildroot}%{_sysctldir}
install -Dpm 0644 -t %{buildroot}%{_sysctldir} %{sysctl_prio}-%{name}-optmem_max.conf
# Install into proper location for inclusion by %%doc.
mkdir -p %{buildroot}%{_pkgdocdir}
install -Dpm 0644 -t %{buildroot}%{_pkgdocdir} README.%{distroname_ext} README.md CHANGES.md TODO
%if 0%{?enable_docbook_pdf}
install -Dpm 0644 -t %{buildroot}%{_pkgdocdir} doc/%{name}.p{df,s}
%endif
cp -pr lib/doc/html %{buildroot}%{_pkgdocdir}
# Install replacement tools, if enabled.
rm -f %{buildroot}%{_bindir}/md5sum \
%{buildroot}%{_bindir}/sha*sum \
%{buildroot}%{_bindir}/fips* \
%{buildroot}%{_bindir}/sm*sum
find %{buildroot} -type f -name '*.la' -print -delete
find %{buildroot} -type f -name '*.hmac' -print -delete
find %{buildroot} -type f -size 0 -print -delete
find %{buildroot}%{_pkgdocdir} -type f -print | xargs %{__chmod} -c 0644
find %{buildroot}%{_pkgdocdir} -type d -print | xargs %{__chmod} -c 0755
for d in %{_mandir} %{_pkgdocdir}; do
hardlink -cfv %{buildroot}$d
done
%ldconfig_scriptlets
bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha1hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha1hmac.hmac
bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha224hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha224hmac.hmac
bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha256hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha256hmac.hmac
bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha384hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha384hmac.hmac
bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha512hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha512hmac.hmac
bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sm3hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sm3hmac.hmac
hardlink -cfv %{buildroot}%{_bindir}
bin/kcapi-hasher -n fipshmac -d %{buildroot}/%{_lib}/fipscheck %{buildroot}/%{_lib}/libkcapi.so.%{version} || exit 1
ln -s libkcapi.so.%{version}.hmac %{buildroot}/%{_lib}/fipscheck/libkcapi.so.1.hmac
%check
for t in cppcheck scan;do
%make_build $t
done
pushd test
ENABLE_FUZZ_TEST=1 \
NO_32BIT_TEST=1 \
./test-invocation.sh ||:
popd
%files
%doc %dir %{_pkgdocdir}
%doc %{_pkgdocdir}/README.md
%license COPYING*
/%{_lib}/%{name}.so.*
/%{_lib}/fipscheck/%{name}.so.*
%doc %{_pkgdocdir}/README.%{distroname_ext}
%{_sysctldir}/%{sysctl_prio}-%{name}-optmem_max.conf
%{_bindir}/kcapi*
%{_bindir}/sha*hmac
%{_bindir}/sm*hmac
/%{_lib}/hmaccalc/sha*hmac.hmac
/%{_lib}/hmaccalc/sm*hmac.hmac
%files devel
%doc %{_pkgdocdir}/CHANGES.md
%doc %{_pkgdocdir}/TODO
%{_includedir}/kcapi.h
/%{_lib}/%{name}.so
%{_libdir}/pkgconfig/%{name}.pc
/%{_lib}/%{name}.a
%files tests
%{_libexecdir}/%{name}/*
%files help
%doc %{_pkgdocdir}
%exclude %{_pkgdocdir}/README.md
%exclude %{_pkgdocdir}/README.%{distroname_ext}
%exclude %{_pkgdocdir}/CHANGES.md
%exclude %{_pkgdocdir}/TODO
%{_mandir}/man1/kcapi*.1.*
%{_mandir}/man3/kcapi_*.3.*
%changelog
* Wed Nov 16 2022 yixiangzhike <yixiangzhike007@163.com> - 1.4.0-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:Update to 1.4.0
* Wed Jul 13 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-5
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:add macro to control docbook-utils-pdf dependency
* Fri Apr 29 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-4
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:delete duplicate files from libkcapi-help
* Fri Apr 15 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix printf usage errors highlighted by covscan
* Wed Jan 26 2022 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-2
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:enable test suite in check
* Thu Dec 30 2021 yixiangzhike <yixiangzhike007@163.com> - 1.3.1-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:Update to 1.3.1
* Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 1.2.0-5
- DESC: delete -S git from %autosetup, and delete BuildRequires git
* Fri Nov 20 2020 panxiaohe <panxiaohe@huawei.com> - 1.2.0-4
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:Solve the failure when installing libkcapi-devel
* Thu Oct 22 2020 zhangxingliang <zhangxingliang3@huawei.com> - 1.2.0-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:Solve the failure when installing libkcapi-tests
* Fri Oct 16 2020 zhangxingliang <zhangxingliang3@huawei.com> - 1.2.0-2
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:Detach the sub package libkcapi-tests from libkcapi
* Fri Jul 17 2020 yang_zhuang_zhuang<yangzhuangzhuang1@huawei.com> - 1.2.0-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update to 1.2.0
* Thu Nov 14 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.1.5-2
- Correct provides of hmaccalc
* Tue Sep 3 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.1.5-1
- Package init
|
