[Buildroot] [PATCH] package/softhsm2: new package

Gilles Talis gilles.talis at gmail.com
Sun Oct 17 11:27:45 UTC 2021 

Hi José,

Le dim. 17 oct. 2021 à 13:13, Gilles Talis <gilles.talis at gmail.com> a
écrit :

> Hi José,
>
> Le ven. 15 oct. 2021 à 10:39, José Pekkarinen <jose.pekkarinen at unikie.com>
> a écrit :
>
>> The patch adds a basic config file and a basic
>> recipe to build softhsm2.
>>
>> Signed-off-by: José Pekkarinen <jose.pekkarinen at unikie.com>
>>
> Thanks for your contribution.
>
>
>> ---
>>  package/softhsm2/Config.in   |  8 ++++++++
>>  package/softhsm2/softhsm2.mk | 15 +++++++++++++++
>>  2 files changed, 23 insertions(+)
>>  create mode 100644 package/softhsm2/Config.in
>>  create mode 100644 package/softhsm2/softhsm2.mk
>
> You miss a few things here:
> 1)  an entry to the package/Config,in file that provides a link to your
> package, thus a way to find it and select it. In your case, it would go
> under "Security" menu.
> 2) a file that contains the hash sum of the package and its license file.
> 3) an entry to the DEVELOPERS file with your name and package.
>
>
>> diff --git a/package/softhsm2/Config.in b/package/softhsm2/Config.in
>> new file mode 100644
>> index 0000000000..10c9f0e557
>> --- /dev/null
>> +++ b/package/softhsm2/Config.in
>> @@ -0,0 +1,8 @@
>> +config BR2_PACKAGE_SOFTHSM2
>> +       bool "softhsm2"
>>
> what's a bit confusing is that the package name is SoftHSM on the
> opendnssec website, but called SoftHSM version 2 on github. I assume we
> could go for SoftHSM2
>
>
>> +       depends on BR2_PACKAGE_LIBOPENSSL
>>
> Even though the package has openssl as a dependency, "select
> BR2_PACKAGE_LIBOPENSSL" is more appropriate here. It means that openssl
> will be automatically selected when softhsm2 is selected. "depends on"
> means that your package will not appear in the list if openssl is not
> already slected.
> By the way, it seems like botan is a potential crypto library dependency.
> If you want to give the user the choice between the crypto libraries to
> use, please have a look at package/libcurl/Config.in in the "choice"
> section.
>
>
>> +       select BR2_PACKAGE_LIBTOOL
>>
> libtool does not need to be selected. buildroot build system will take
> care of installing it for you.
>
>
>> +       help
>> +               SoftHSM is an implementation of a cryptographic store
>> accessible through a PKCS\#11 interface. You can use it to explore PKCS\#11
>> without having a Hardware Security Module.
>>
> The help text should be indented with one tab and two spaces, lines should
> be wrapped to fit 72 columns, where tab counts for 8, so 62 characters in
> the text itself. You don't need the "\" before the #11
>
>
>> +
>> +               https://github.com/opendnssec/SoftHSMv2
>
> It seems like https://www.opendnssec.org/softhsm/ is the actual SoftHSM
> home page.
>
>
>> diff --git a/package/softhsm2/softhsm2.mk b/package/softhsm2/softhsm2.mk
>> new file mode 100644
>> index 0000000000..4496d70c3d
>> --- /dev/null
>> +++ b/package/softhsm2/softhsm2.mk
>> @@ -0,0 +1,15 @@
>>
>> +################################################################################
>> +#
>> +# softhsm2
>> +#
>>
>> +################################################################################
>> +
>> +SOFTHSM2_VERSION = 2.6.1
>> +SOFTHSM2_SITE = $(call github,opendnssec,SoftHSMv2,$(SOFTHSM2_VERSION))
>>
> The home page provides a tarball in (
> https://www.opendnssec.org/2020/04/1602/). We prefer to work with already
> packaged tarballs.
>
> +SOFTHSM2_LICENSE = GPL-2
>>
> It is actually BSD-2-Clause
>
> +SOFTHSM2_LICENSE_FILES = LICENSE
>> +SOFTHSM2_DEPENDENCIES = libtool openssl
>>
> As mentioned above, you do not need to mention libtool as a dependency.
>
> +SOFTHSM2_AUTORECONF = YES
>> +SOFTHSM2_INSTALL_TARGET = YES
>>
> It seems like SoftHSM also provides a library. In that case, you will need
> a SOFTHSM2_INSTALL_STAGING = YES as well.
>
>
>> +
>> +$(eval $(autotools-package))
>> --
>> 2.25.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at buildroot.org
>> https://lists.buildroot.org/mailman/listinfo/buildroot
>
> Can you please review my comments and send a second version?
> When in doubt, please consult the documentation:
> https://buildroot.org/downloads/manual/manual.html#adding-packages
>
> I would also recommend you run the following utilities to verify that your
> patch is correct:
> 1) check-package (
> https://buildroot.org/downloads/manual/manual.html#check-package) to
> check the coding style of added files
> 2) test-pkg (chapter 18.24.3 of the buildroot documentation) to check if
> your package can build in various configurations.
>
> Thanks
> Gilles.
>
I forgot to mention that your package is written in C++ 11, which means
that it has a dependency on the C++ library.
You will need to indicate this in the Config.in file of your package as
follows:
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # C++11

You will also need a comment in case the dependencies are not met. The
following file provides a reference: package/restclient-cpp/Config.in

thanks
Gilles
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.buildroot.org/pipermail/buildroot/attachments/20211017/92366f21/attachment.html>

More information about the buildroot mailing list