diff options
Diffstat (limited to 'meta-security/recipes-security/xmlsec1')
7 files changed, 333 insertions, 0 deletions
diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1/change-finding-path-of-nss.patch b/meta-security/recipes-security/xmlsec1/xmlsec1/change-finding-path-of-nss.patch new file mode 100644 index 000000000..fcc63b34c --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1/change-finding-path-of-nss.patch @@ -0,0 +1,72 @@ +From 47379747e34f952d31af028c672940ca7859ae3c Mon Sep 17 00:00:00 2001 +From: Yulong Pei <Yulong.pei@windriver.com> +Date: Wed, 21 Jul 2010 22:33:43 +0800 +Subject: [PATCH] change finding path of nss and nspr + +Upstream-Status: Pending + +Signed-off-by: Yulong Pei <Yulong.pei@windriver.com> +Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> + +--- + configure.ac | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 3278200..6edec7d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -644,7 +644,7 @@ if test "z$NSS_FOUND" = "zno" ; then + + if test "z$with_nspr" != "z" ; then + NSPR_PREFIX="$with_nspr" +- NSPR_CFLAGS="-I$with_nspr/include -I$with_nspr/include/nspr" ++ NSPR_CFLAGS="-I$with_nspr/usr/include -I$with_nspr/usr/include/nspr4" + if test "z$with_gnu_ld" = "zyes" ; then + NSPR_LIBS="-Wl,-rpath-link -Wl,$with_nspr/lib -L$with_nspr/lib $NSPR_LIBS_LIST" + else +@@ -652,7 +652,7 @@ if test "z$NSS_FOUND" = "zno" ; then + fi + NSPR_INCLUDES_FOUND="yes" + NSPR_LIBS_FOUND="yes" +- NSPR_PRINIT_H="$with_nspr/include/prinit.h" ++ NSPR_PRINIT_H="$with_nspr/usr/include/nspr4/prinit.h" + else + for dir in $ac_nss_inc_dir ; do + if test -f $dir/nspr/prinit.h ; then +@@ -690,7 +690,7 @@ if test "z$NSS_FOUND" = "zno" ; then + OLD_CPPFLAGS=$CPPFLAGS + CPPFLAGS="$NSPR_CFLAGS" + AC_EGREP_CPP(yes,[ +- #include <prinit.h> ++ #include <nspr4/prinit.h> + #if PR_VMAJOR >= 4 + yes + #endif +@@ -715,7 +715,7 @@ if test "z$NSS_FOUND" = "zno" ; then + NSS_NSS_H="" + + if test "z$with_nss" != "z" ; then +- NSS_CFLAGS="$NSS_CFLAGS -I$with_nss/include -I$with_nss/include/nss" ++ NSS_CFLAGS="$NSS_CFLAGS -I$with_nss/usr/include -I$with_nss/usr/include/nss3 -I$with_nspr/usr/include/nspr4" + if test "z$with_gnu_ld" = "zyes" ; then + NSS_LIBS="$NSS_LIBS -Wl,-rpath-link -Wl,$with_nss/lib -L$with_nss/lib $NSS_LIBS_LIST" + else +@@ -723,7 +723,7 @@ if test "z$NSS_FOUND" = "zno" ; then + fi + NSS_INCLUDES_FOUND="yes" + NSS_LIBS_FOUND="yes" +- NSS_NSS_H="$with_nss/include/nss.h" ++ NSS_NSS_H="$with_nss/usr/include/nss3/nss.h" + else + for dir in $ac_nss_inc_dir ; do + if test -f $dir/nss/nss.h ; then +@@ -761,7 +761,7 @@ if test "z$NSS_FOUND" = "zno" ; then + OLD_CPPFLAGS=$CPPFLAGS + CPPFLAGS="$NSPR_CFLAGS $NSS_CFLAGS" + AC_EGREP_CPP(yes,[ +- #include <nss.h> ++ #include <nss3/nss.h> + #if NSS_VMAJOR >= 3 && NSS_VMINOR >= 2 + yes + #endif diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1/fix-ltmain.sh.patch b/meta-security/recipes-security/xmlsec1/xmlsec1/fix-ltmain.sh.patch new file mode 100644 index 000000000..af598fe74 --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1/fix-ltmain.sh.patch @@ -0,0 +1,26 @@ +From 847dc52f5a50e34ee4d6e3dc2c708711747a58ca Mon Sep 17 00:00:00 2001 +From: Yulong Pei <Yulong.pei@windriver.com> +Date: Thu, 21 Jan 2010 14:11:20 +0800 +Subject: [PATCH] force to use our own libtool + +Upstream-Status: Inappropriate [ OE specific ] + +Signed-off-by: Yulong Pei <Yulong.pei@windriver.com> + +--- + ltmain.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ltmain.sh b/ltmain.sh +index 147d758..a61f16b 100644 +--- a/ltmain.sh ++++ b/ltmain.sh +@@ -6969,7 +6969,7 @@ func_mode_link () + dir=$func_resolve_sysroot_result + # We need an absolute path. + case $dir in +- [\\/]* | [A-Za-z]:[\\/]*) ;; ++ =* | [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + absdir=`cd "$dir" && pwd` + test -z "$absdir" && \ diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1/makefile-ptest.patch b/meta-security/recipes-security/xmlsec1/xmlsec1/makefile-ptest.patch new file mode 100644 index 000000000..d45356924 --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1/makefile-ptest.patch @@ -0,0 +1,40 @@ +From 83a1381e1d6bd1b5ec3df6f7c4bc1f4fe4f860b6 Mon Sep 17 00:00:00 2001 +From: Jackie Huang <jackie.huang@windriver.com> +Date: Thu, 15 Jun 2017 14:44:01 +0800 +Subject: [PATCH] xmlsec1: add new recipe + +This enables the building of the examples directory +and it's installed as ptest. + +Upstream-Status: Inappropriate [ OE ptest specific ] + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +--- + examples/Makefile | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/examples/Makefile b/examples/Makefile +index 89b1d61..c1cbcca 100644 +--- a/examples/Makefile ++++ b/examples/Makefile +@@ -8,9 +8,17 @@ PROGRAMS = \ + decrypt1 decrypt2 decrypt3 \ + xmldsigverify + ++ifndef CC + CC = gcc +-CFLAGS += -g $(shell xmlsec1-config --cflags) -DUNIX_SOCKETS +-LDLIBS += -g $(shell xmlsec1-config --libs) ++endif ++ ++CFLAGS += -I../include -g $(shell PKG_CONFIG_PATH=.. pkg-config --cflags xmlsec1 ) -DUNIX_SOCKETS ++LDLIBS += -L../src/.libs -g $(shell PKG_CONFIG_PATH=.. pkg-config --libs xmlsec1 ) ++ ++DESTDIR = /usr/share/xmlsec1 ++install-ptest: ++ if [ ! -d $(DESTDIR) ]; then mkdir -p $(DESTDIR); fi ++ cp * $(DESTDIR) + + all: $(PROGRAMS) + diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1/run-ptest b/meta-security/recipes-security/xmlsec1/xmlsec1/run-ptest new file mode 100755 index 000000000..a203c38f2 --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1/run-ptest @@ -0,0 +1,85 @@ +#!/bin/sh + +check_return() { + if [ $? == 0 ]; then + echo -e "PASS: $1\n" + else + echo -e "FAIL: $1\n" + fi +} + +echo "---------------------------------------------------" +echo "Signing a template file..." +./sign1 sign1-tmpl.xml rsakey.pem > sign1-res.xml +./verify1 sign1-res.xml rsapub.pem +check_return sign-tmpl + +echo "---------------------------------------------------" +echo "Signing a dynamicaly created template..." +./sign2 sign2-doc.xml rsakey.pem > sign2-res.xml +./verify1 sign2-res.xml rsapub.pem +check_return sign-dynamic-templ + +echo "---------------------------------------------------" +echo "Signing with X509 certificate..." +./sign3 sign3-doc.xml rsakey.pem rsacert.pem > sign3-res.xml +./verify3 sign3-res.xml ca2cert.pem cacert.pem +check_return sign-x509 + +echo "---------------------------------------------------" +echo "Verifying a signature with a single key..." +./verify1 sign1-res.xml rsapub.pem +./verify1 sign2-res.xml rsapub.pem +check_return verify-single-key + +echo "---------------------------------------------------" +echo "Verifying a signature with keys manager..." +./verify2 sign1-res.xml rsapub.pem +./verify2 sign2-res.xml rsapub.pem +check_return verify-keys-manager + +echo "---------------------------------------------------" +echo "Verifying a signature with X509 certificates..." +./verify3 sign3-res.xml ca2cert.pem cacert.pem +check_return verify-x509 + +echo "---------------------------------------------------" +echo "Verifying a signature with additional restrictions..." +./verify4 verify4-res.xml ca2cert.pem cacert.pem +check_return verify-res + +echo "---------------------------------------------------" +echo "Encrypting data with a template file..." +./encrypt1 encrypt1-tmpl.xml deskey.bin > encrypt1-res.xml +./decrypt1 encrypt1-res.xml deskey.bin +check_return encrypt-tmpl + +echo "---------------------------------------------------" +echo "Encrypting data with a dynamicaly created template..." +./encrypt2 encrypt2-doc.xml deskey.bin > encrypt2-res.xml +./decrypt1 encrypt2-res.xml deskey.bin +check_return encrypt-dynamic-tmpl + +echo "---------------------------------------------------" +echo "Encrypting data with a session key..." +./encrypt3 encrypt3-doc.xml rsakey.pem > encrypt3-res.xml +./decrypt3 encrypt3-res.xml +check_return encrypt-session-key + +echo "---------------------------------------------------" +echo "Decrypting data with a single key..." +./decrypt1 encrypt1-res.xml deskey.bin +./decrypt1 encrypt2-res.xml deskey.bin +check_return encrypt-single-key + +echo "---------------------------------------------------" +echo "Decrypting data with keys manager..." +./decrypt2 encrypt1-res.xml deskey.bin +./decrypt2 encrypt2-res.xml deskey.bin +check_return encrypt-keys-manager + +echo "---------------------------------------------------" +echo "Writing a custom keys manager..." +./decrypt3 encrypt1-res.xml +./decrypt3 encrypt2-res.xml +check_return write-keys-manager diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1/xmlsec1-examples-allow-build-in-separate-dir.patch b/meta-security/recipes-security/xmlsec1/xmlsec1/xmlsec1-examples-allow-build-in-separate-dir.patch new file mode 100644 index 000000000..8b2533ed9 --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1/xmlsec1-examples-allow-build-in-separate-dir.patch @@ -0,0 +1,30 @@ +From 0c38c6864e7ba8f53a657d87894f24374a6a4932 Mon Sep 17 00:00:00 2001 +From: Jackie Huang <jackie.huang@windriver.com> +Date: Tue, 30 Dec 2014 11:18:17 +0800 +Subject: [PATCH] examples: allow build in separate dir + +Upstream-Status: Inappropriate [ OE specific ] + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +--- + examples/Makefile | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/examples/Makefile b/examples/Makefile +index c1cbcca..3f1bd14 100644 +--- a/examples/Makefile ++++ b/examples/Makefile +@@ -12,8 +12,10 @@ ifndef CC + CC = gcc + endif + +-CFLAGS += -I../include -g $(shell PKG_CONFIG_PATH=.. pkg-config --cflags xmlsec1 ) -DUNIX_SOCKETS +-LDLIBS += -L../src/.libs -g $(shell PKG_CONFIG_PATH=.. pkg-config --libs xmlsec1 ) ++top_srcdir = .. ++top_builddir = .. ++CFLAGS += -I$(top_srcdir)/include -g $(shell PKG_CONFIG_PATH=$(top_srcdir) pkg-config --cflags xmlsec1 ) -DUNIX_SOCKETS ++LDLIBS += -L$(top_builddir)/src/.libs -g $(shell PKG_CONFIG_PATH=$(top_srcdir) pkg-config --libs xmlsec1 ) + + DESTDIR = /usr/share/xmlsec1 + install-ptest: diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1/xmlsec1-fix-a-typo-in-examples-verify3.c.patch b/meta-security/recipes-security/xmlsec1/xmlsec1/xmlsec1-fix-a-typo-in-examples-verify3.c.patch new file mode 100644 index 000000000..5f967bbaa --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1/xmlsec1-fix-a-typo-in-examples-verify3.c.patch @@ -0,0 +1,23 @@ +From 1d8ae4b32bd76c19ec238f30eb9b1ee582cbe990 Mon Sep 17 00:00:00 2001 +From: Jackie Huang <jackie.huang@windriver.com> +Date: Fri, 2 Mar 2018 01:10:58 -0800 +Subject: [PATCH] xmlsec1: fix a typo in examples/verify3.c + +Upstream-Status: Submitted [https://github.com/lsh123/xmlsec/pull/153] + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> + +--- + examples/verify3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/examples/verify3.c b/examples/verify3.c +index 2d26ae7..68f52ab 100644 +--- a/examples/verify3.c ++++ b/examples/verify3.c +@@ -1,4 +1,4 @@ +-4/** ++/** + * XML Security Library example: Verifying a file signed with X509 certificate + * + * Verifies a file signed with X509 certificate. diff --git a/meta-security/recipes-security/xmlsec1/xmlsec1_1.2.25.bb b/meta-security/recipes-security/xmlsec1/xmlsec1_1.2.25.bb new file mode 100644 index 000000000..341ca08fd --- /dev/null +++ b/meta-security/recipes-security/xmlsec1/xmlsec1_1.2.25.bb @@ -0,0 +1,57 @@ +SUMMARY = "XML Security Library is a C library based on LibXML2" +DESCRIPTION = "\ + XML Security Library is a C library based on \ + LibXML2 and OpenSSL. The library was created with a goal to support major \ + XML security standards "XML Digital Signature" and "XML Encryption". \ + " +HOMEPAGE = "http://www.aleksey.com/xmlsec/" +DEPENDS = "libtool libxml2 libxslt openssl zlib libgcrypt gnutls nss nspr libgpg-error" + +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://COPYING;md5=352791d62092ea8104f085042de7f4d0" + +SECTION = "libs" + +SRC_URI = "http://www.aleksey.com/xmlsec/download/${BP}.tar.gz \ + file://fix-ltmain.sh.patch \ + file://change-finding-path-of-nss.patch \ + file://makefile-ptest.patch \ + file://xmlsec1-examples-allow-build-in-separate-dir.patch \ + file://xmlsec1-fix-a-typo-in-examples-verify3.c.patch \ + file://run-ptest \ + " + +SRC_URI[md5sum] = "dbbef1efc69e61bc4629650205a05b41" +SRC_URI[sha256sum] = "967ca83edf25ccb5b48a3c4a09ad3405a63365576503bf34290a42de1b92fcd2" + +inherit autotools-brokensep ptest pkgconfig + +CFLAGS += "-I${STAGING_INCDIR}/nspr4 -I${STAGING_INCDIR}/nss3" +CPPFLAGS += "-I${STAGING_INCDIR}/nspr4 -I${STAGING_INCDIR}/nss3" + +EXTRA_OECONF = "\ + --with-nss=${STAGING_LIBDIR}/../.. --with-nspr=${STAGING_LIBDIR}/../.. \ + " + +FILES_${PN}-dev += "${libdir}/xmlsec1Conf.sh" +FILES_${PN}-dbg += "${PTEST_PATH}/.debug/*" + +RDEPENDS_${PN}-ptest += "${PN}-dev" +INSANE_SKIP_${PN}-ptest += "dev-deps" + +PTEST_EXTRA_ARGS = "top_srcdir=${S} top_builddir=${B}" + +do_compile_ptest () { + oe_runmake -C ${S}/examples ${PTEST_EXTRA_ARGS} all +} + +do_install_append() { + for i in ${bindir}/xmlsec1-config ${libdir}/xmlsec1Conf.sh \ + ${libdir}/pkgconfig/xmlsec1-openssl.pc; do + sed -i -e "s@${RECIPE_SYSROOT}@@g" ${D}$i + done +} + +do_install_ptest () { + oe_runmake -C ${S}/examples DESTDIR=${D}${PTEST_PATH} ${PTEST_EXTRA_ARGS} install-ptest +} |