# Generated by rust2rpm 27 %bcond check 1 # Enable gpg signature verification by default %bcond gpgcheck 1 %global soname libkryoptic_pkcs11 %global features kryoptic-lib/nssdb,kryoptic-lib/pqc,kryoptic-lib/standard,kryoptic-lib/dynamic,profiles %if 0%{?rhel} # RHEL: Use bundled deps as it doesn't ship Rust libraries %global bundled_rust_deps 1 %global __brp_mangle_shebangs_exclude_from ^/usr/src/debug/.*$ %else # Fedora: Use only system Rust libraries %global bundled_rust_deps 0 %endif Name: kryoptic Version: 1.5.0 Release: %autorelease Summary: PKCS #11 software token written in Rust SourceLicense: GPL-3.0-or-later # LICENSE.dependencies contains a full license breakdown License: %{shrink: Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR MIT) AND BSD-3-Clause AND GPL-3.0-or-later AND ISC AND MIT AND (MIT OR Apache-2.0) AND (MIT-0 OR Apache-2.0) AND (Unlicense OR MIT) AND Zlib } URL: https://github.com/latchset/kryoptic Source0: https://github.com/latchset/kryoptic/releases/download/v%{version}/%{name}-%{version}.tar.gz Source1: https://github.com/latchset/kryoptic/releases/download/v%{version}/%{name}-vendor-%{version}.tar.gz %if %{with gpgcheck} Source2: https://github.com/latchset/kryoptic/releases/download/v%{version}/%{name}-%{version}.tar.gz.asc Source3: https://github.com/latchset/kryoptic/releases/download/v%{version}/%{name}-vendor-%{version}.tar.gz.asc Source4: https://people.redhat.com/~ssorce/simo_redhat.asc %endif BuildRequires: openssl-devel BuildRequires: pandoc %if %{with gpgcheck} BuildRequires: gnupg2 %endif %if 0%{?bundled_rust_deps} BuildRequires: rust-toolset BuildRequires: clang # vendored rustqlite BuildRequires: sqlite-devel %else BuildRequires: cargo-rpm-macros >= 26 %endif %global _description %{expand: A PKCS #11 software token written in Rust.} %description %{_description} %package tools Requires: %{name}%{?_isa} = %{version}-%{release} Summary: Supporting tools for kryoptic software token %description tools Supporting tools for kryoptic software token. Most notably a migration tool for the SoftHSM database. %prep %if %{with gpgcheck} %{gpgverify} --keyring='%{SOURCE4}' --signature='%{SOURCE2}' --data='%{SOURCE0}' %{gpgverify} --keyring='%{SOURCE4}' --signature='%{SOURCE3}' --data='%{SOURCE1}' %endif %autosetup -p1 -N %{?bundled_rust_deps:-a1} %if 0%{?bundled_rust_deps} %cargo_prep -v vendor # don't lock the dependencies rm -f Cargo.lock %else %cargo_prep %generate_buildrequires %cargo_generate_buildrequires -f %{features} %endif %build export CONFDIR=%{_sysconfdir} %cargo_build -f %{features} -- --all %{cargo_license_summary -f %{features}} %{cargo_license -f %{features}} > LICENSE.dependencies pandoc -s -t man doc/kryoptic.conf.man.md -o kryoptic.conf.5 pandoc -s -t man doc/kryoptic.man.md -o kryoptic.7 pandoc -s -t man tools/softhsm/softhsm_migrate.man.md -o softhsm_migrate.1 %install install -Dp target/rpm/softhsm_migrate $RPM_BUILD_ROOT%{_bindir}/softhsm_migrate install -Dp target/rpm/%{soname}.so $RPM_BUILD_ROOT%{_libdir}/pkcs11/%{soname}.so mkdir -p $RPM_BUILD_ROOT%{_datadir}/p11-kit/modules/ echo "module: %{soname}.so" > $RPM_BUILD_ROOT%{_datadir}/p11-kit/modules/kryoptic.module install -Dp -m 0644 kryoptic.conf.5 $RPM_BUILD_ROOT%{_mandir}/man5/kryoptic.conf.5 install -Dp -m 0644 kryoptic.7 $RPM_BUILD_ROOT%{_mandir}/man7/kryoptic.7 install -Dp -m 0644 softhsm_migrate.1 $RPM_BUILD_ROOT%{_mandir}/man1/softhsm_migrate.1 %if %{with check} %check export TEST_PKCS11_MODULE=$RPM_BUILD_ROOT%{_libdir}/pkcs11/%{soname}.so %cargo_test -f %{features},integration_tests %endif %files %license LICENSE.txt %license LICENSE.dependencies %doc README.md %dir %{_libdir}/pkcs11 %{_libdir}/pkcs11/%{soname}.so # Co-owned with p11-kit so it is not hard dependency %dir %{_datadir}/p11-kit %dir %{_datadir}/p11-kit/modules %{_datadir}/p11-kit/modules/kryoptic.module %{_mandir}/man5/kryoptic.conf.5* %{_mandir}/man7/kryoptic.7* %files tools %{_bindir}/softhsm_migrate %{_mandir}/man1/softhsm_migrate.1* %changelog %autochangelog