+gnutls+p11-kit+libtasn1+libunistring+nettle

2024-11-26 10:25:05 +03:00 · 2023-02-05 22:48:14 -05:00 · 2023-02-05 22:48:14 -05:00 · 65666ea1a7
commit 65666ea1a7
parent 6c846d99e6
7 changed files with 216 additions and 0 deletions
--- a/projects/freedesktop.org/p11-kit/package.yml
+++ b/projects/freedesktop.org/p11-kit/package.yml
@ -0,0 +1,28 @@
+distributable:
+  url: https://github.com/p11-glue/p11-kit/releases/download/{{ version }}/p11-kit-{{ version }}.tar.xz
+  strip-components: 1
+
+provides:
+  - bin/pkg-config
+
+versions:
+  github: p11-glue/p11-kit
+  strip: / \(stable\)$/
+
+dependencies:
+  sourceware.org/libffi: ^3
+  curl.se/ca-certs: '*'
+  gnu.org/gettext: '*'
+
+build:
+  dependencies:
+    tea.xyz/gx/cc: c99
+    tea.xyz/gx/make: '*'
+    gnu.org/libtasn1: ^4
+    freedesktop.org/pkg-config: '*'
+  script: |-
+    ./configure --prefix={{prefix}} --with-trust-paths={{deps.curl.se/ca-certs}}/ssl
+    make -j {{ hw.concurrency }} install
+
+test:
+  script: p11-kit list-modules
--- a/projects/gnu.org/libtasn1/assign.asn1
+++ b/projects/gnu.org/libtasn1/assign.asn1
@ -0,0 +1,3 @@
+dp PKIX1.Dss-Sig-Value
+r 42
+s 47
--- a/projects/gnu.org/libtasn1/package.yml
+++ b/projects/gnu.org/libtasn1/package.yml
@ -0,0 +1,26 @@
+distributable:
+  url: https://ftp.gnu.org/gnu/libtasn1/libtasn1-{{version}}.tar.gz
+  strip-components: 1
+
+versions:
+  - 4.19.0
+
+build:
+  dependencies:
+    tea.xyz/gx/cc: c99
+    tea.xyz/gx/make: '*'
+  script: |
+    ./configure --prefix={{ prefix }}
+    make --jobs {{ hw.concurrency }} install
+
+test:
+  dependencies:
+    tea.xyz/gx/cc: c99
+  script: |
+    asn1Coding pkix.asn assign.asn1
+    asn1Decoding pkix.asn assign.out PKIX1.Dss-Sig-Value 2>&1 | grep 'Decoding: SUCCESS'
+
+provides:
+  - bin/asn1Coding
+  - bin/asn1Decoding
+  - bin/asn1Parser
--- a/projects/gnu.org/libtasn1/pkix.asn
+++ b/projects/gnu.org/libtasn1/pkix.asn
@ -0,0 +1,8 @@
+PKIX1 { }
+DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+Dss-Sig-Value ::= SEQUENCE {
+     r       INTEGER,
+     s       INTEGER
+}
+END
--- a/projects/gnu.org/libunistring/package.yml
+++ b/projects/gnu.org/libunistring/package.yml
@ -0,0 +1,44 @@
+distributable:
+  url: https://ftp.gnu.org/gnu/libunistring/libunistring-{{version.raw}}.tar.gz
+  strip-components: 1
+
+versions:
+  - 1.1
+
+build:
+  dependencies:
+    tea.xyz/gx/cc: c99
+    tea.xyz/gx/make: '*'
+    gnu.org/gmp: '*'
+    gnu.org/m4: '*'
+  script: |
+    ./configure --prefix={{ prefix }}
+    make --jobs {{ hw.concurrency }} install
+
+test:
+  dependencies:
+    tea.xyz/gx/cc: c99
+  script: |
+    mv $FIXTURE test.c
+    cc -lunistring -o test test.c
+    test "$(./test)" = "🫖\n"
+  fixture: |
+    #include <uniname.h>
+    #include <unistdio.h>
+    #include <unistr.h>
+    #include <stdlib.h>
+    int main (void) {
+      uint32_t s[2] = {};
+      uint8_t buff[12] = {};
+      if (u32_uctomb (s, unicode_name_character ("TEAPOT"), sizeof s) != 1) abort();
+      if (u8_sprintf (buff, "%llU", s) != 4) abort();
+      printf ("%s\\n", buff);
+      return 0;
+    }
+
+provides:
+  - bin/libunistring-hash
+  - bin/libunistring-lfib-stream
+  - bin/libunistring-pbkdf2
+  - bin/pkcs1-conv
+  - bin/sexp-conv
--- a/projects/gnu.org/nettle/package.yml
+++ b/projects/gnu.org/nettle/package.yml
@ -0,0 +1,56 @@
+distributable:
+  url: https://ftp.gnu.org/gnu/nettle/nettle-{{version}}.tar.gz
+  strip-components: 1
+
+versions:
+  github: gnutls/nettle/tags
+  strip:
+    - /^nettle_/
+    - /_release_\d+/
+
+build:
+  dependencies:
+    tea.xyz/gx/cc: c99
+    tea.xyz/gx/make: '*'
+    gnu.org/gmp: '*'
+    gnu.org/m4: '*'
+  script: |
+    ./configure --prefix={{ prefix }}
+    make --jobs {{ hw.concurrency }} install
+
+test:
+  dependencies:
+    tea.xyz/gx/cc: c99
+  script: |
+    mv $FIXTURE test.c
+    cc -lnettle -o test test.c
+    ./test
+  fixture: |
+      #include <nettle/sha1.h>
+      #include <stdio.h>
+
+      int main()
+      {
+        struct sha1_ctx ctx;
+        uint8_t digest[SHA1_DIGEST_SIZE];
+        unsigned i;
+
+        sha1_init(&ctx);
+        sha1_update(&ctx, 4, "test");
+        sha1_digest(&ctx, SHA1_DIGEST_SIZE, digest);
+
+        printf("SHA1(test)=");
+
+        for (i = 0; i<SHA1_DIGEST_SIZE; i++)
+          printf("%02x", digest[i]);
+
+        printf("\\n");
+        return 0;
+      }
+
+provides:
+  - bin/nettle-hash
+  - bin/nettle-lfib-stream
+  - bin/nettle-pbkdf2
+  - bin/pkcs1-conv
+  - bin/sexp-conv
--- a/projects/gnutls.org/package.yml
+++ b/projects/gnutls.org/package.yml
@ -0,0 +1,51 @@
+distributable:
+  url: https://www.gnupg.org/ftp/gcrypt/gnutls/v{{ version.major }}.{{ version.minor }}/gnutls-{{ version.raw }}.tar.xz
+  strip-components: 1
+
+versions:
+  #TODO HTML listing: https://ftp.gnu.org/gnu/gnutls/
+  - 3.6.16
+
+dependencies:
+  freedesktop.org/p11-kit: '*'
+  gnu.org/libidn2: '*'
+  gnu.org/libunistring: ^1
+  gnu.org/libtasn1: ^4
+  gnu.org/nettle: '*'
+  gnu.org/gettext: '*'
+  gnu.org/gmp: '*'
+  unbound.net: ^1
+  curl.se/ca-certs: '*'
+
+build:
+  dependencies:
+    tea.xyz/gx/cc: c99
+    tea.xyz/gx/make: '*'
+    freedesktop.org/pkg-config: '*'
+  script: |
+    # clang doesn't like the -march=all flag
+    if test "{{hw.platform}}+{{hw.arch}}" = "linux+aarch64"; then
+      cd lib/accelerated/aarch64/
+      sed -i.bak -e 's/-march=all/-mcpu=generic/' Makefile.am Makefile.in
+      rm Makefile.am.bak Makefile.in.bak
+      cd ../../..
+    fi
+
+    #FIXME: use similar logic to the one in openssl.org/x509_def.c to
+    # locate {{deps.curl.se/ca-certs.prefix}}/ssl/cert.pem
+
+    ./configure --prefix={{ prefix }} --disable-guile
+    make --jobs {{ hw.concurrency }} install
+
+test: gnutls-cli --x509cafile={{deps.curl.se/ca-certs.prefix}}/ssl/cert.pem tea.xyz <<< "GET /"
+
+provides:
+  - bin/certtool
+  - bin/danetool
+  - bin/gnutls-cli
+  - bin/gnutls-cli-debug
+  - bin/gnutls-serv
+  - bin/ocsptool
+  - bin/p11tool
+  - bin/psktool
+  - bin/srptool