From c5092c358855c931966c504ebf5273097155ad1a Mon Sep 17 00:00:00 2001 From: Bertrand Jacquin Date: Wed, 1 Apr 2020 21:25:06 +0100 Subject: sys-firmware/gnuk: Version bump Package-Manager: Portage-2.3.89, Repoman-2.3.20 --- profiles/use.local.desc | 37 ++ sys-firmware/gnuk/files/1.2.14-Disable-PIE.patch | 47 -- .../files/1.2.14-Disable-stack-protector.patch | 46 -- ...-Always-get-version-from-the-VERSION-file.patch | 32 -- .../gnuk/files/1.2.14-tool-switch-to-python3.patch | 477 --------------------- ...-Always-get-version-from-the-VERSION-file.patch | 32 ++ ...2.15-build-discard-compiler-default-specs.patch | 26 ++ ...t-produce-a-dynamically-linked-position-i.patch | 24 ++ ...build-initilize-empty-MCFLAGS-and-LDFLAGS.patch | 37 ++ .../1.2.15-build-move-nostartfiles-earlier.patch | 26 ++ sys-firmware/gnuk/gnuk-1.2.14.ebuild | 123 ------ sys-firmware/gnuk/gnuk-1.2.15.ebuild | 123 ++++++ 12 files changed, 305 insertions(+), 725 deletions(-) delete mode 100644 sys-firmware/gnuk/files/1.2.14-Disable-PIE.patch delete mode 100644 sys-firmware/gnuk/files/1.2.14-Disable-stack-protector.patch delete mode 100644 sys-firmware/gnuk/files/1.2.14-MINOR-Always-get-version-from-the-VERSION-file.patch delete mode 100644 sys-firmware/gnuk/files/1.2.14-tool-switch-to-python3.patch create mode 100644 sys-firmware/gnuk/files/1.2.15-MINOR-Always-get-version-from-the-VERSION-file.patch create mode 100644 sys-firmware/gnuk/files/1.2.15-build-discard-compiler-default-specs.patch create mode 100644 sys-firmware/gnuk/files/1.2.15-build-do-not-produce-a-dynamically-linked-position-i.patch create mode 100644 sys-firmware/gnuk/files/1.2.15-build-initilize-empty-MCFLAGS-and-LDFLAGS.patch create mode 100644 sys-firmware/gnuk/files/1.2.15-build-move-nostartfiles-earlier.patch delete mode 100644 sys-firmware/gnuk/gnuk-1.2.14.ebuild create mode 100644 sys-firmware/gnuk/gnuk-1.2.15.ebuild diff --git a/profiles/use.local.desc b/profiles/use.local.desc index 362e721f..d7660eb5 100644 --- a/profiles/use.local.desc +++ b/profiles/use.local.desc @@ -2,6 +2,43 @@ # your descriptions to your package's metadata.xml ONLY. # * generated automatically using egencache * +cross-arm-none-eabi/binutils:default-gold - Set ld to point to ld.gold instead of ld.bfd +cross-arm-none-eabi/binutils:gold - Build ld.gold linker +cross-arm-none-eabi/binutils:multitarget - Adds support to binutils for cross compiling (does not work with gas) +cross-arm-none-eabi/binutils:plugins - Enable plugin support in tools +cross-arm-none-eabi/gcc:awt - Useful only when building GCJ, this enables Abstract Window Toolkit (AWT) peer support on top of GTK+ +cross-arm-none-eabi/gcc:boundschecking - Add the bounds checking patch by Haj Ten Brugge, this will DISABLE the hardened PIE+SSP patches +cross-arm-none-eabi/gcc:cilk - Support the Cilk Plus language (C/C++ based languages for parallel programming) +cross-arm-none-eabi/gcc:d - Enable support for the D programming language +cross-arm-none-eabi/gcc:fixed-point - Enable fixed-point arithmetic support for MIPS targets in gcc (Warning: significantly increases compile time!) +cross-arm-none-eabi/gcc:gcj - Build the GCJ Java language frontend. +cross-arm-none-eabi/gcc:go - Build the GCC Go language frontend. +cross-arm-none-eabi/gcc:graphite - Add support for the framework for loop optimizations based on a polyhedral intermediate representation +cross-arm-none-eabi/gcc:jit - Enable libgccjit so other applications can embed gcc for Just-In-Time compilation. This will slow down the compiler a bit as it forces all of the toolchain to be shared libs. +cross-arm-none-eabi/gcc:libssp - Build SSP support into a dedicated library rather than use the code in the C library (DO NOT ENABLE THIS IF YOU DON'T KNOW WHAT IT DOES) +cross-arm-none-eabi/gcc:lto - Build using Link Time Optimizations (LTO) +cross-arm-none-eabi/gcc:mpx - Enable support for Intel Memory Protection Extensions (MPX) +cross-arm-none-eabi/gcc:mudflap - Add support for mudflap, a pointer use checking library +cross-arm-none-eabi/gcc:nopie - Disable PIE support (NOT FOR GENERAL USE) +cross-arm-none-eabi/gcc:nossp - Disable SSP support (NOT FOR GENERAL USE) +cross-arm-none-eabi/gcc:nptl - Enable support for Native POSIX Threads Library, the new threading module (requires linux-2.6 or better usually) +cross-arm-none-eabi/gcc:objc - Build support for the Objective C code language +cross-arm-none-eabi/gcc:objc++ - Build support for the Objective C++ language +cross-arm-none-eabi/gcc:objc-gc - Build support for the Objective C code language Garbage Collector +cross-arm-none-eabi/gcc:pgo - Build GCC using Profile Guided Optimization (PGO) +cross-arm-none-eabi/gcc:sanitize - Build support for various sanitizer functions (ASAN/TSAN/etc...) +cross-arm-none-eabi/gcc:ssp - Build packages with stack smashing protector on by default +cross-arm-none-eabi/gcc:systemtap - enable systemtap static probe points +cross-arm-none-eabi/gcc:vtv - Build support for virtual table verification (a C++ hardening feature) +cross-arm-none-eabi/gdb:client - Install the main "gdb" program (most people want this) +cross-arm-none-eabi/gdb:lzma - Support lzma compression in ELF debug info +cross-arm-none-eabi/gdb:multitarget - Support all known targets in one gdb binary +cross-arm-none-eabi/gdb:python - Enable support for the new internal scripting language, as well as extended pretty printers +cross-arm-none-eabi/gdb:server - Install the "gdbserver" program (useful for embedded/remote targets) +cross-arm-none-eabi/gdb:source-highlight - Enable listing highlighting via dev-util/source-highlight +cross-arm-none-eabi/gdb:xml - Support parsing XML data files needed (at least) for cpu features, memory maps, and syscall tracing +cross-arm-none-eabi/gdb:xxhash - Use dev-libs/xxhash to speed up internal hashing. +cross-arm-none-eabi/newlib:nano - Build additional newlib-nano library dev-lang/lua:deprecated - make deprecated data structures/routines available dev-lang/luajit:lua52compat - Enable some upwards-compatible features from Lua 5.2 that are unlikely to break existing code. dev-lang/php:adabas - Adds support for the Adabas database engine diff --git a/sys-firmware/gnuk/files/1.2.14-Disable-PIE.patch b/sys-firmware/gnuk/files/1.2.14-Disable-PIE.patch deleted file mode 100644 index 4071def8..00000000 --- a/sys-firmware/gnuk/files/1.2.14-Disable-PIE.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 16bf07e3880a45af9a6c8e477166733577f05a1c Mon Sep 17 00:00:00 2001 -From: Bertrand Jacquin -Date: Tue, 28 Aug 2018 21:51:26 +0100 -Subject: [PATCH 1/2] Disable PIE - -If gcc is built using --enable-default-pie, generated binary will -contain dynamic relocations which is irrelevant for firmware build ---- - regnual/Makefile | 2 +- - src/Makefile | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/regnual/Makefile b/regnual/Makefile -index b3ae5973d8e8..9479776ad681 100644 ---- a/regnual/Makefile -+++ b/regnual/Makefile -@@ -24,7 +24,7 @@ CWARN = -Wall -Wextra -Wstrict-prototypes - MCFLAGS= -mcpu=$(MCU) - DEFS += -DFREE_STANDING - --CFLAGS = -O2 -g -+CFLAGS = -O2 -g -fno-pie - CFLAGS += -Wa,-alms=$(notdir $(<:.c=.lst)) -fpie - CFLAGS += $(CWARN) -I . -I ../chopstx -fno-common $(MCFLAGS) $(TOPT) $(DEFS) - -diff --git a/src/Makefile b/src/Makefile -index ba2c3bf863d2..d5e1b7299702 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -63,7 +63,7 @@ LD = $(CROSS)gcc - OBJCOPY = $(CROSS)objcopy - - CWARN = -Wall -Wextra -Wstrict-prototypes --OPT = -O3 -Os -g -+OPT = -O3 -Os -g -fno-pie - - ####################### - include $(CHOPSTX)/rules.mk -@@ -74,7 +74,7 @@ board.h: - - sys.c: board.h - --build/bignum.o: OPT = -O3 -g -+build/bignum.o: OPT = -O3 -g -fno-pie - - build/stdaln-sys.elf: build/sys-$(CHIP).o stdaln-sys.ld - @echo diff --git a/sys-firmware/gnuk/files/1.2.14-Disable-stack-protector.patch b/sys-firmware/gnuk/files/1.2.14-Disable-stack-protector.patch deleted file mode 100644 index 6c382d04..00000000 --- a/sys-firmware/gnuk/files/1.2.14-Disable-stack-protector.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 40fad3de514d5ba594fe0c6e3e5f732e14f8b9e3 Mon Sep 17 00:00:00 2001 -From: Bertrand Jacquin -Date: Sat, 11 Jan 2020 22:56:13 +0000 -Subject: [PATCH 2/2] Disable stack-protector - -newlib has no implementation of __stack_chk_fail ---- - regnual/Makefile | 2 +- - src/Makefile | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/regnual/Makefile b/regnual/Makefile -index 9479776ad681..db088cf69065 100644 ---- a/regnual/Makefile -+++ b/regnual/Makefile -@@ -24,7 +24,7 @@ CWARN = -Wall -Wextra -Wstrict-prototypes - MCFLAGS= -mcpu=$(MCU) - DEFS += -DFREE_STANDING - --CFLAGS = -O2 -g -fno-pie -+CFLAGS = -O2 -g -fno-pie -fno-stack-protector - CFLAGS += -Wa,-alms=$(notdir $(<:.c=.lst)) -fpie - CFLAGS += $(CWARN) -I . -I ../chopstx -fno-common $(MCFLAGS) $(TOPT) $(DEFS) - -diff --git a/src/Makefile b/src/Makefile -index d5e1b7299702..a2afce17f685 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -63,7 +63,7 @@ LD = $(CROSS)gcc - OBJCOPY = $(CROSS)objcopy - - CWARN = -Wall -Wextra -Wstrict-prototypes --OPT = -O3 -Os -g -fno-pie -+OPT = -O3 -Os -g -fno-pie -fno-stack-protector - - ####################### - include $(CHOPSTX)/rules.mk -@@ -74,7 +74,7 @@ board.h: - - sys.c: board.h - --build/bignum.o: OPT = -O3 -g -fno-pie -+build/bignum.o: OPT = -O3 -g -fno-pie -fno-stack-protector - - build/stdaln-sys.elf: build/sys-$(CHIP).o stdaln-sys.ld - @echo diff --git a/sys-firmware/gnuk/files/1.2.14-MINOR-Always-get-version-from-the-VERSION-file.patch b/sys-firmware/gnuk/files/1.2.14-MINOR-Always-get-version-from-the-VERSION-file.patch deleted file mode 100644 index 9db4e957..00000000 --- a/sys-firmware/gnuk/files/1.2.14-MINOR-Always-get-version-from-the-VERSION-file.patch +++ /dev/null @@ -1,32 +0,0 @@ -From e2ce363cd282781aab28cdb1c84c4493e57cba22 Mon Sep 17 00:00:00 2001 -From: Bertrand Jacquin -Date: Sun, 19 Feb 2017 02:18:13 +0000 -Subject: [PATCH] MINOR: Always get version from the VERSION file - ---- - src/configure | 12 +----------- - 1 file changed, 1 insertion(+), 11 deletions(-) - -diff --git a/src/configure b/src/configure -index d09cde68969b..54da932e1f27 100755 ---- a/src/configure -+++ b/src/configure -@@ -52,17 +52,7 @@ exec_prefix='${prefix}' - libexecdir='${exec_prefix}/libexec' - - # Revision number --if test -e ../.git; then -- if type git >/dev/null 2>&1; then -- REVISION=$(git describe --dirty="-modified") -- else -- # echo 'No git available, please install git' -- GIT_REVISION=$(sed -e 's/^\(.......\).*$/g\1/' "../.git/$(sed -e 's/^ref: //' ../.git/HEAD)") -- REVISION=$(cat ../VERSION)-$GIT_REVISION -- fi --else -- REVISION=$(cat ../VERSION) --fi -+REVISION=$(cat ../VERSION) - - # Process each option - for option; do diff --git a/sys-firmware/gnuk/files/1.2.14-tool-switch-to-python3.patch b/sys-firmware/gnuk/files/1.2.14-tool-switch-to-python3.patch deleted file mode 100644 index dd9d3632..00000000 --- a/sys-firmware/gnuk/files/1.2.14-tool-switch-to-python3.patch +++ /dev/null @@ -1,477 +0,0 @@ -From a6bb96bb94ce324e7b1ddd5fb67367517d1562eb Mon Sep 17 00:00:00 2001 -From: Bertrand Jacquin -Date: Sat, 11 Jan 2020 18:00:48 +0000 -Subject: [PATCH] tool: switch to python3 - -python2 is no longer maintained upstream ---- - tool/add_openpgp_authkey_from_gpgssh.py | 8 +- - tool/calc_precompute_table_ecc.py | 14 +-- - tool/dfuse.py | 32 +++---- - tool/dump_mem.py | 8 +- - tool/get_raw_public_key.py | 2 +- - tool/pageant_proxy_to_gpg.py | 2 +- - tool/pinpadtest.py | 114 ++++++++++++------------ - 7 files changed, 91 insertions(+), 91 deletions(-) - -diff --git a/tool/add_openpgp_authkey_from_gpgssh.py b/tool/add_openpgp_authkey_from_gpgssh.py -index 1eb80de9c8a8..2f9f0e13ad03 100644 ---- a/tool/add_openpgp_authkey_from_gpgssh.py -+++ b/tool/add_openpgp_authkey_from_gpgssh.py -@@ -109,15 +109,15 @@ def build_rsakey_from_ssh_key_under_gpg_agent(g, timestamp=None): - # The information is in SEXP format, extract N and E - s = sexp(pubkey_info_str) - if s[0] != 'public-key': -- print s -+ print(s) - exit(1) - rsa = s[1] - if rsa[0] != 'rsa': -- print rsa -+ print(rsa) - exit(1) - n_x = rsa[1] - if n_x[0] != 'n': -- print n_x -+ print(n_x) - exit(1) - n_byte_str = n_x[1] - while n_byte_str[0] == '\x00': -@@ -125,7 +125,7 @@ def build_rsakey_from_ssh_key_under_gpg_agent(g, timestamp=None): - n = n_byte_str - e_x = rsa[2] - if e_x[0] != 'e': -- print e_x -+ print(e_x) - exit(1) - e = e_x[1] - if not timestamp: -diff --git a/tool/calc_precompute_table_ecc.py b/tool/calc_precompute_table_ecc.py -index 2b59789329ad..5536db1ebd2b 100644 ---- a/tool/calc_precompute_table_ecc.py -+++ b/tool/calc_precompute_table_ecc.py -@@ -8,21 +8,21 @@ def print_nG(n): - nGy_str = "%064x" % nG.y() - print256(nGx_str) - print256(nGy_str) -- print -+ print() - - def print256(s): - print("0x%s, 0x%s, 0x%s, 0x%s," % (s[56:64], s[48:56], s[40:48], s[32:40])) - print("0x%s, 0x%s, 0x%s, 0x%s" % (s[24:32], s[16:24], s[8:16], s[0:8])) -- print -+ print() - - - for i in range(1,16): -- n = (i & 1) + (i & 2) * 0x8000000000000000L + (i & 4) * 0x40000000000000000000000000000000L + (i & 8) * 0x200000000000000000000000000000000000000000000000L -- print "%064x" % n -+ n = (i & 1) + (i & 2) * 0x8000000000000000 + (i & 4) * 0x40000000000000000000000000000000 + (i & 8) * 0x200000000000000000000000000000000000000000000000 -+ print("%064x" % n) - print_nG(n) - - for i in range(1,16): -- n = (i & 1) + (i & 2) * 0x8000000000000000L + (i & 4) * 0x40000000000000000000000000000000L + (i & 8) * 0x200000000000000000000000000000000000000000000000L -- n = n * 0x100000000L -- print "%064x" % n -+ n = (i & 1) + (i & 2) * 0x8000000000000000 + (i & 4) * 0x40000000000000000000000000000000 + (i & 8) * 0x200000000000000000000000000000000000000000000000 -+ n = n * 0x100000000 -+ print("%064x" % n) - print_nG(n) -diff --git a/tool/dfuse.py b/tool/dfuse.py -index cd0f17284817..d108810e85e3 100755 ---- a/tool/dfuse.py -+++ b/tool/dfuse.py -@@ -104,9 +104,9 @@ class DFU_STM32(object): - interface: usb.Interface object representing the interface and altenate setting. - """ - if interface.interfaceClass != DFU_CLASS: -- raise ValueError, "Wrong interface class" -+ raise ValueError("Wrong interface class") - if interface.interfaceSubClass != DFU_SUBCLASS: -- raise ValueError, "Wrong interface sub class" -+ raise ValueError("Wrong interface sub class") - self.__protocol = interface.interfaceProtocol - self.__devhandle = device.open() - self.__devhandle.setConfiguration(configuration) -@@ -170,7 +170,7 @@ class DFU_STM32(object): - while s[4] == STATE_DFU_DOWNLOAD_BUSY: - time.sleep(0.1) - s = self.ll_get_status() -- raise ValueError, "Read memory failed (%d)" % s[0] -+ raise ValueError("Read memory failed (%d)" % s[0]) - - def dfuse_set_address_pointer(self, address): - bytes = get_four_bytes (address) -@@ -181,7 +181,7 @@ class DFU_STM32(object): - time.sleep(0.1) - s = self.ll_get_status() - if s[4] != STATE_DFU_DOWNLOAD_IDLE: -- raise ValueError, "Set Address Pointer failed" -+ raise ValueError("Set Address Pointer failed") - - def dfuse_erase(self, address): - bytes = get_four_bytes (address) -@@ -191,7 +191,7 @@ class DFU_STM32(object): - time.sleep(0.1) - s = self.ll_get_status() - if s[4] != STATE_DFU_DOWNLOAD_IDLE: -- raise ValueError, "Erase failed" -+ raise ValueError("Erase failed") - - def dfuse_write_memory(self, block): - blocknum = self.__blocknum -@@ -202,7 +202,7 @@ class DFU_STM32(object): - time.sleep(0.1) - s = self.ll_get_status() - if s[4] != STATE_DFU_DOWNLOAD_IDLE: -- raise ValueError, "Write memory failed" -+ raise ValueError("Write memory failed") - - def download(self, ih): - # First, erase pages -@@ -280,7 +280,7 @@ class DFU_STM32(object): - elif s[4] == STATE_DFU_MANIFEST_WAIT_RESET: - self.__devhandle.reset() - elif s[4] != STATE_DFU_IDLE: -- raise ValueError, "write failed (%d)." % s[4] -+ raise ValueError("write failed (%d)." % s[4]) - else: - self.ll_clear_status() - self.ll_clear_status() -@@ -315,7 +315,7 @@ class DFU_STM32(object): - j = 0 - for c in data[0:(addr + 1024 - start_addr)]: - if (ord(c)&0xff) != block[j + start_addr - addr]: -- raise ValueError, "verify failed at %08x" % (addr + i*1024+j) -+ raise ValueError("verify failed at %08x" % (addr + i*1024+j)) - j += 1 - data = data[(addr + 1024 - start_addr):] - addr += 1024 -@@ -330,7 +330,7 @@ class DFU_STM32(object): - j = 0 - for c in data[i*1024:(i+1)*1024]: - if (ord(c)&0xff) != block[j]: -- raise ValueError, "verify failed at %08x" % (addr + i*1024+j) -+ raise ValueError("verify failed at %08x" % (addr + i*1024+j)) - j += 1 - if i & 0x03 == 0x03: - sys.stdout.write("#") -@@ -367,25 +367,25 @@ def get_device(): - (alt.interfaceProtocol == DFU_STM32PROTOCOL_0 or \ - alt.interfaceProtocol == DFU_STM32PROTOCOL_2): - return dev, config, alt -- raise ValueError, "Device not found" -+ raise ValueError("Device not found") - - def main(filename): - dev, config, intf = get_device() -- print "Device:", dev.filename -- print "Configuration", config.value -- print "Interface", intf.interfaceNumber -+ print("Device:", dev.filename) -+ print("Configuration", config.value) -+ print("Interface", intf.interfaceNumber) - dfu = DFU_STM32(dev, config, intf) -- print dfu.ll_get_string(intf.iInterface) -+ print(dfu.ll_get_string(intf.iInterface)) - s = dfu.ll_get_status() - if s[4] == STATE_DFU_ERROR: - dfu.ll_clear_status() - s = dfu.ll_get_status() -- print s -+ print(s) - if s[4] == STATE_DFU_IDLE: - exit - transfer_size = 1024 - if s[0] != DFU_STATUS_OK: -- print s -+ print(s) - exit - ih = intel_hex(filename) - dfu.download(ih) -diff --git a/tool/dump_mem.py b/tool/dump_mem.py -index 806bafe5b1b5..d793271c7dc5 100755 ---- a/tool/dump_mem.py -+++ b/tool/dump_mem.py -@@ -27,22 +27,22 @@ from dfuse import * - - dev, config, intf = get_device() - dfu = DFU_STM32(dev, config, intf) --print dfu.ll_get_string(intf.iInterface) -+print(dfu.ll_get_string(intf.iInterface)) - s = dfu.ll_get_status() - dfu.ll_clear_status() - s = dfu.ll_get_status() --print s -+print(s) - dfu.dfuse_set_address_pointer(int(sys.argv[1], 16)) - s = dfu.ll_get_status() - dfu.ll_clear_status() - s = dfu.ll_get_status() - dfu.ll_clear_status() - s = dfu.ll_get_status() --print s -+print(s) - block = dfu.dfuse_read_memory() - count = 0 - for d in block: -- print "%02x" % d, -+ print("%02x" % d) - if count & 0x0f == 0x0f: - print - count += 1 -diff --git a/tool/get_raw_public_key.py b/tool/get_raw_public_key.py -index fb1272f09163..f09bba89c754 100755 ---- a/tool/get_raw_public_key.py -+++ b/tool/get_raw_public_key.py -@@ -20,7 +20,7 @@ def get_gpg_public_key(keygrip): - pos_last = key.index(")(1:e3:") - key = key[pos:pos_last] - if len(key) != 256: -- raise ValueError, binascii.hexlify(key) -+ raise ValueError(binascii.hexlify(key)) - return key - - if __name__ == '__main__': -diff --git a/tool/pageant_proxy_to_gpg.py b/tool/pageant_proxy_to_gpg.py -index a755efcd282d..ec7ddc3f6d49 100644 ---- a/tool/pageant_proxy_to_gpg.py -+++ b/tool/pageant_proxy_to_gpg.py -@@ -28,7 +28,7 @@ from sexp import sexp - # Assume it's only OPENPGP.3 key and it's 2048-bit - - def debug(string): -- print "DEBUG: %s" % string -+ print("DEBUG: %s" % string) - sys.stdout.flush() - - def get_keygrip_list(keyinfo_result): -diff --git a/tool/pinpadtest.py b/tool/pinpadtest.py -index 99b132636083..bebe7845313d 100755 ---- a/tool/pinpadtest.py -+++ b/tool/pinpadtest.py -@@ -82,7 +82,7 @@ class Card(object): - elif code == FEATURE_MODIFY_PIN_DIRECT: - self.modify_ioctl = ioctl - if self.verify_ioctl == -1: -- raise ValueError, "Not supported" -+ raise ValueError("Not supported") - - def cmd_select_openpgp(self): - apdu = [0x00, 0xa4, 0x04, 0x00, 6, 0xd2, 0x76, 0x00, 0x01, 0x24, 0x01 ] -@@ -90,7 +90,7 @@ class Card(object): - if sw1 == 0x61: # More data - response, sw1, sw2 = self.connection.transmit([0x00, 0xc0, 0, 0, sw2]) - elif not (sw1 == 0x90 and sw2 == 0x00): -- raise ValueError, ("cmd_select_openpgp %02x %02x" % (sw1, sw2)) -+ raise ValueError("cmd_select_openpgp %02x %02x" % (sw1, sw2)) - - def possibly_add_dummy_byte(self): - if self.another_byte: -@@ -135,11 +135,11 @@ class Card(object): - sw1 = data[0] - sw2 = data[1] - if not (sw1 == 0x90 and sw2 == 0x00): -- raise ValueError, ("cmd_verify_pinpad %02x %02x" % (sw1, sw2)) -+ raise ValueError("cmd_verify_pinpad %02x %02x" % (sw1, sw2)) - - def send_modify_pinpad(self, apdu, single_step, command): - if self.modify_ioctl == -1: -- raise ValueError, "Not supported" -+ raise ValueError("Not supported") - pin_modify = [ 0x00, # bTimerOut - 0x00, # bTimerOut2 - 0x82, # bmFormatString: Byte, pos=0, left, ASCII. -@@ -171,7 +171,7 @@ class Card(object): - sw1 = data[0] - sw2 = data[1] - if not (sw1 == 0x90 and sw2 == 0x00): -- raise ValueError, ("%s %02x %02x" % (command, sw1, sw2)) -+ raise ValueError("%s %02x %02x" % (command, sw1, sw2)) - - def cmd_reset_retry_counter(self, who, data): - if who == BY_ADMIN: -@@ -180,7 +180,7 @@ class Card(object): - apdu = [0x00, 0x2c, 0x00, 0x81, len(data) ] + data # BY_USER with resetcode - response, sw1, sw2 = self.connection.transmit(apdu) - if not (sw1 == 0x90 and sw2 == 0x00): -- raise ValueError, ("cmd_reset_retry_counter %02x %02x" % (sw1, sw2)) -+ raise ValueError("cmd_reset_retry_counter %02x %02x" % (sw1, sw2)) - - # Note: CCID specification doesn't permit this (only 0x20 and 0x24) - def cmd_reset_retry_counter_pinpad(self, who): -@@ -195,7 +195,7 @@ class Card(object): - apdu = [0x00, 0xda, 0x00, 0xd3, len(data) ] + data # BY_ADMIN - response, sw1, sw2 = self.connection.transmit(apdu) - if not (sw1 == 0x90 and sw2 == 0x00): -- raise ValueError, ("cmd_put_resetcode %02x %02x" % (sw1, sw2)) -+ raise ValueError("cmd_put_resetcode %02x %02x" % (sw1, sw2)) - - # Note: CCID specification doesn't permit this (only 0x20 and 0x24) - def cmd_put_resetcode_pinpad(self): -@@ -225,8 +225,8 @@ def main(who, method, add_a_byte, pinmin, pinmax, change_by_two_steps, fixed): - card.connection.connect() - - ident = card.connection.getReader() -- print "Reader/Token:", ident -- print "ATR:", toHexString( card.connection.getATR() ) -+ print("Reader/Token:", ident) -+ print("ATR:", toHexString( card.connection.getATR() )) - - if ident == COVADIS_VEGA_ALPHA: - card.cmd_vega_alpha_disable_empty_verify() -@@ -236,29 +236,29 @@ def main(who, method, add_a_byte, pinmin, pinmax, change_by_two_steps, fixed): - card.cmd_select_openpgp() - if method == "verify": - if who == BY_USER: -- print "Please input User's PIN" -+ print("Please input User's PIN") - else: -- print "Please input Admin's PIN" -+ print("Please input Admin's PIN") - card.cmd_verify_pinpad(who) - elif method == "change": - if change_by_two_steps: - if who == BY_USER: -- print "Please input User's PIN" -+ print("Please input User's PIN") - else: -- print "Please input Admin's PIN" -+ print("Please input Admin's PIN") - card.cmd_verify_pinpad(who) - if who == BY_USER: -- print "Please input New User's PIN twice" -+ print("Please input New User's PIN twice") - else: -- print "Please input New Admin's PIN twice" -+ print("Please input New Admin's PIN twice") - card.cmd_change_reference_data_pinpad(who, True) - else: - if who == BY_USER: -- print "Please input User's PIN" -- print "and New User's PIN twice" -+ print("Please input User's PIN") -+ print("and New User's PIN twice") - else: -- print "Please input Admin's PIN" -- print "and New Admin's PIN twice" -+ print("Please input Admin's PIN") -+ print("and New Admin's PIN twice") - card.cmd_change_reference_data_pinpad(who, False) - elif method == "unblock": - if change_by_two_steps: -@@ -268,66 +268,66 @@ def main(who, method, add_a_byte, pinmin, pinmax, change_by_two_steps, fixed): - newpin=s2l(getpass("Please input New User's PIN from keyboard: ")) - card.cmd_reset_retry_counter(who,resetcode+newpin) - else: -- print "Please input Admin's PIN" -+ print("Please input Admin's PIN") - card.cmd_verify_pinpad(BY_ADMIN) - newpin=s2l(getpass("Please input New User's PIN from keyboard: ")) - card.cmd_reset_retry_counter(who,newpin) - else: - if who == BY_USER: -- print "Please input reset code" -- print "and New User's PIN twice" -+ print("Please input reset code") -+ print("and New User's PIN twice") - else: -- print "Please input Admin's PIN" -+ print("Please input Admin's PIN") - card.cmd_verify_pinpad(BY_ADMIN) -- print "Please input New User's PIN twice" -+ print("Please input New User's PIN twice") - card.cmd_reset_retry_counter_pinpad(who) - elif method == "put": - if change_by_two_steps: - # It means using keyboard for new PIN -- print "Please input Admin's PIN" -+ print("Please input Admin's PIN") - card.cmd_verify_pinpad(BY_ADMIN) - resetcode=s2l(getpass("Please input New Reset Code from keyboard: ")) - card.cmd_put_resetcode(resetcode) - else: -- print "Please input Admin's PIN" -+ print("Please input Admin's PIN") - card.cmd_verify_pinpad(BY_ADMIN) -- print "Please input New Reset Code twice" -+ print("Please input New Reset Code twice") - card.cmd_put_resetcode_pinpad() - else: -- raise ValueError, method -+ raise ValueError(method) - card.connection.disconnect() - -- print "OK." -+ print("OK.") - return 0 - - def print_usage(): -- print "pinpad-test: testing pinentry of PC/SC card reader" -- print " help:" -- print "\t--help:\t\tthis message" -- print " method:\t\t\t\t\t\t\t[verify]" -- print "\t--verify:\tverify PIN" -- print "\t--change:\tchange PIN (old PIN, new PIN twice)" -- print "\t--change2:\tchange PIN by two steps (old PIN, new PIN twice)" -- print "\t--unblock:\tunblock PIN (admin PIN/resetcode, new PIN twice)" -- print "\t--unblock2:\tunblock PIN (admin PIN:pinpad, new PIN:kbd)" -- print "\t--put:\t\tsetup resetcode (admin PIN, new PIN twice)" -- print "\t--put2::\t\tsetup resetcode (admin PIN:pinpad, new PIN:kbd)" -- print " options:" -- print "\t--fixed N:\tUse fixed length input" -- print "\t--admin:\tby administrator\t\t\t[False]" -- print "\t--add:\t\tadd a dummy byte at the end of APDU\t[False]" -- print "\t--pinmin:\tspecify minimum length of PIN\t\t[6]" -- print "\t--pinmax:\tspecify maximum length of PIN\t\t[15]" -- print "EXAMPLES:" -- print " $ pinpad-test # verify user's PIN " -- print " $ pinpad-test --admin # verify admin's PIN " -- print " $ pinpad-test --change # change user's PIN " -- print " $ pinpad-test --change --admin # change admin's PIN " -- print " $ pinpad-test --change2 # change user's PIN by two steps" -- print " $ pinpad-test --change2 --admin # change admin's PIN by two steps" -- print " $ pinpad-test --unblock # change user's PIN by reset code" -- print " $ pinpad-test --unblock --admin # change user's PIN by admin's PIN" -- print " $ pinpad-test --put # setup resetcode " -+ print("pinpad-test: testing pinentry of PC/SC card reader") -+ print(" help:") -+ print("\t--help:\t\tthis message") -+ print(" method:\t\t\t\t\t\t\t[verify]") -+ print("\t--verify:\tverify PIN") -+ print("\t--change:\tchange PIN (old PIN, new PIN twice)") -+ print("\t--change2:\tchange PIN by two steps (old PIN, new PIN twice)") -+ print("\t--unblock:\tunblock PIN (admin PIN/resetcode, new PIN twice)") -+ print("\t--unblock2:\tunblock PIN (admin PIN:pinpad, new PIN:kbd)") -+ print("\t--put:\t\tsetup resetcode (admin PIN, new PIN twice)") -+ print("\t--put2::\t\tsetup resetcode (admin PIN:pinpad, new PIN:kbd)") -+ print(" options:") -+ print("\t--fixed N:\tUse fixed length input") -+ print("\t--admin:\tby administrator\t\t\t[False]") -+ print("\t--add:\t\tadd a dummy byte at the end of APDU\t[False]") -+ print("\t--pinmin:\tspecify minimum length of PIN\t\t[6]") -+ print("\t--pinmax:\tspecify maximum length of PIN\t\t[15]") -+ print("EXAMPLES:") -+ print(" $ pinpad-test # verify user's PIN ") -+ print(" $ pinpad-test --admin # verify admin's PIN ") -+ print(" $ pinpad-test --change # change user's PIN ") -+ print(" $ pinpad-test --change --admin # change admin's PIN ") -+ print(" $ pinpad-test --change2 # change user's PIN by two steps") -+ print(" $ pinpad-test --change2 --admin # change admin's PIN by two steps") -+ print(" $ pinpad-test --unblock # change user's PIN by reset code") -+ print(" $ pinpad-test --unblock --admin # change user's PIN by admin's PIN") -+ print(" $ pinpad-test --put # setup resetcode ") - - if __name__ == '__main__': - who = BY_USER -@@ -374,7 +374,7 @@ if __name__ == '__main__': - print_usage() - exit(0) - else: -- raise ValueError, option -+ raise ValueError(option) - main(who, method, add_a_byte, pinmin, pinmax, change_by_two_steps, fixed) - - # Failure diff --git a/sys-firmware/gnuk/files/1.2.15-MINOR-Always-get-version-from-the-VERSION-file.patch b/sys-firmware/gnuk/files/1.2.15-MINOR-Always-get-version-from-the-VERSION-file.patch new file mode 100644 index 00000000..9db4e957 --- /dev/null +++ b/sys-firmware/gnuk/files/1.2.15-MINOR-Always-get-version-from-the-VERSION-file.patch @@ -0,0 +1,32 @@ +From e2ce363cd282781aab28cdb1c84c4493e57cba22 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin +Date: Sun, 19 Feb 2017 02:18:13 +0000 +Subject: [PATCH] MINOR: Always get version from the VERSION file + +--- + src/configure | 12 +----------- + 1 file changed, 1 insertion(+), 11 deletions(-) + +diff --git a/src/configure b/src/configure +index d09cde68969b..54da932e1f27 100755 +--- a/src/configure ++++ b/src/configure +@@ -52,17 +52,7 @@ exec_prefix='${prefix}' + libexecdir='${exec_prefix}/libexec' + + # Revision number +-if test -e ../.git; then +- if type git >/dev/null 2>&1; then +- REVISION=$(git describe --dirty="-modified") +- else +- # echo 'No git available, please install git' +- GIT_REVISION=$(sed -e 's/^\(.......\).*$/g\1/' "../.git/$(sed -e 's/^ref: //' ../.git/HEAD)") +- REVISION=$(cat ../VERSION)-$GIT_REVISION +- fi +-else +- REVISION=$(cat ../VERSION) +-fi ++REVISION=$(cat ../VERSION) + + # Process each option + for option; do diff --git a/sys-firmware/gnuk/files/1.2.15-build-discard-compiler-default-specs.patch b/sys-firmware/gnuk/files/1.2.15-build-discard-compiler-default-specs.patch new file mode 100644 index 00000000..972a09b2 --- /dev/null +++ b/sys-firmware/gnuk/files/1.2.15-build-discard-compiler-default-specs.patch @@ -0,0 +1,26 @@ +From b66bd970dbe4f3c9a0ccbe62debb1c8da287e13e Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin +Date: Sat, 25 Apr 2020 14:28:08 +0100 +Subject: [PATCH] build: discard compiler default specs + +This allow to overwrite any potential default specs defined in local gcc +build like stack-protector which is now enforced by more and more Linux +distributions while it should not apply in chopstx use case +--- + chopstx/rules.mk | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/chopstx/rules.mk b/chopstx/rules.mk +index 3915268418d4..c0f99a6c92e2 100644 +--- a/chopstx/rules.mk ++++ b/chopstx/rules.mk +@@ -57,6 +57,9 @@ LDFLAGS = + + ### + ifeq ($(EMULATION),) ++# Discard compiler default specs ++MCFLAGS += -specs=nosys.specs ++ + MCFLAGS += -mcpu=$(MCU) + LDFLAGS += $(MCFLAGS) -nostartfiles -T$(LDSCRIPT) \ + -Wl,-Map=$(BUILDDIR)/$(PROJECT).map,--cref,--no-warn-mismatch,--gc-sections diff --git a/sys-firmware/gnuk/files/1.2.15-build-do-not-produce-a-dynamically-linked-position-i.patch b/sys-firmware/gnuk/files/1.2.15-build-do-not-produce-a-dynamically-linked-position-i.patch new file mode 100644 index 00000000..34b5d354 --- /dev/null +++ b/sys-firmware/gnuk/files/1.2.15-build-do-not-produce-a-dynamically-linked-position-i.patch @@ -0,0 +1,24 @@ +From 1a16da9e480c5eeb7a76d14dcbb5c92fa71febbb Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin +Date: Tue, 28 Aug 2018 21:51:26 +0100 +Subject: [PATCH] build: do not produce a dynamically linked position + independent executable + +--- + chopstx/rules.mk | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/chopstx/rules.mk b/chopstx/rules.mk +index 23d55f677f58..5ff80d86509b 100644 +--- a/chopstx/rules.mk ++++ b/chopstx/rules.mk +@@ -63,6 +63,9 @@ MCFLAGS += -specs=nosys.specs + # Do not use the standard system startup files when linking + MCFLAGS += -nostartfiles + ++# Don't produce a dynamically linked position independent executable ++MCFLAGS += -fno-pie ++ + MCFLAGS += -mcpu=$(MCU) + LDFLAGS += $(MCFLAGS) -T$(LDSCRIPT) \ + -Wl,-Map=$(BUILDDIR)/$(PROJECT).map,--cref,--no-warn-mismatch,--gc-sections diff --git a/sys-firmware/gnuk/files/1.2.15-build-initilize-empty-MCFLAGS-and-LDFLAGS.patch b/sys-firmware/gnuk/files/1.2.15-build-initilize-empty-MCFLAGS-and-LDFLAGS.patch new file mode 100644 index 00000000..4669a194 --- /dev/null +++ b/sys-firmware/gnuk/files/1.2.15-build-initilize-empty-MCFLAGS-and-LDFLAGS.patch @@ -0,0 +1,37 @@ +From d9c65c613a6cccbcfd403ef00ffabccec25bf29f Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin +Date: Sat, 25 Apr 2020 14:26:46 +0100 +Subject: [PATCH] build: initilize empty MCFLAGS and LDFLAGS + +Such variables are modified later, it make it clearer to read when +variable are only appened +--- + chopstx/rules.mk | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/chopstx/rules.mk b/chopstx/rules.mk +index 110079efdaaa..3915268418d4 100644 +--- a/chopstx/rules.mk ++++ b/chopstx/rules.mk +@@ -50,14 +50,17 @@ IINCDIR = $(patsubst %,-I%,$(INCDIR)) + LLIBDIR = $(patsubst %,-L%,$(LIBDIR)) + + VPATH = $(sort $(dir $(CSRC))) ++ ++# Initilize empty LDFLAGS and MCFLAGS ++MCFLAGS = ++LDFLAGS = ++ + ### + ifeq ($(EMULATION),) +-MCFLAGS = -mcpu=$(MCU) +-LDFLAGS = $(MCFLAGS) -nostartfiles -T$(LDSCRIPT) \ ++MCFLAGS += -mcpu=$(MCU) ++LDFLAGS += $(MCFLAGS) -nostartfiles -T$(LDSCRIPT) \ + -Wl,-Map=$(BUILDDIR)/$(PROJECT).map,--cref,--no-warn-mismatch,--gc-sections + else +-MCFLAGS = +-LDFLAGS = + DEFS += -D_GNU_SOURCE + endif + diff --git a/sys-firmware/gnuk/files/1.2.15-build-move-nostartfiles-earlier.patch b/sys-firmware/gnuk/files/1.2.15-build-move-nostartfiles-earlier.patch new file mode 100644 index 00000000..fcee56ee --- /dev/null +++ b/sys-firmware/gnuk/files/1.2.15-build-move-nostartfiles-earlier.patch @@ -0,0 +1,26 @@ +From 81395c4dcecf24a273184862a95c422576228978 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin +Date: Sat, 25 Apr 2020 14:40:36 +0100 +Subject: [PATCH] build: move -nostartfiles earlier + +--- + chopstx/rules.mk | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/chopstx/rules.mk b/chopstx/rules.mk +index c0f99a6c92e2..23d55f677f58 100644 +--- a/chopstx/rules.mk ++++ b/chopstx/rules.mk +@@ -60,8 +60,11 @@ ifeq ($(EMULATION),) + # Discard compiler default specs + MCFLAGS += -specs=nosys.specs + ++# Do not use the standard system startup files when linking ++MCFLAGS += -nostartfiles ++ + MCFLAGS += -mcpu=$(MCU) +-LDFLAGS += $(MCFLAGS) -nostartfiles -T$(LDSCRIPT) \ ++LDFLAGS += $(MCFLAGS) -T$(LDSCRIPT) \ + -Wl,-Map=$(BUILDDIR)/$(PROJECT).map,--cref,--no-warn-mismatch,--gc-sections + else + DEFS += -D_GNU_SOURCE diff --git a/sys-firmware/gnuk/gnuk-1.2.14.ebuild b/sys-firmware/gnuk/gnuk-1.2.14.ebuild deleted file mode 100644 index 66ed7202..00000000 --- a/sys-firmware/gnuk/gnuk-1.2.14.ebuild +++ /dev/null @@ -1,123 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -PYTHON_COMPAT=( python{3_6,3_7} ) -inherit git-r3 eutils python-r1 udev - -DESCRIPTION="An Implementation of USB Cryptographic Token for GnuPG" -HOMEPAGE="https://www.fsij.org/category/gnuk.html" -EGIT_REPO_URI="https://salsa.debian.org/gnuk-team/${PN}/${PN}.git" -EGIT_COMMIT="release/${PV}" - -LICENSE="GPL-3" -SLOT="0" -KEYWORDS="~amd64" -IUSE="debug doc tools" - -DEPEND="doc? ( dev-python/sphinx )" -RDEPEND="virtual/udev - tools? ( - ${PYTHON_DEPS} - dev-python/pyusb[${PYTHON_USEDEP}] - dev-python/colorama[${PYTHON_USEDEP}] - )" - -PATCHES=( - "${FILESDIR}/${PV}-MINOR-Always-get-version-from-the-VERSION-file.patch" - "${FILESDIR}/${PV}-Disable-PIE.patch" - "${FILESDIR}/${PV}-Disable-stack-protector.patch" - "${FILESDIR}/${PV}-tool-switch-to-python3.patch" -) - -pkg_pretend() { - if type -p arm-none-eabi-gcc > /dev/null 2>&1 ; then - return 0 - fi - - eerror "Before you could build the firmware, you need to install arm-none-eabi toolchain" - eerror "Run the following commands:" - eerror " emerge -vat crossdev" - eerror " crossdev --stable -t arm-none-eabi" - die "arm-none-eabi toolchain is needed" -} - -src_prepare () { - default - - mv tool/get_raw_public_key.py "tool/${PN}-get_raw_public_key.py" || die - mv tool/gnuk_get_random.py "tool/${PN}-get_random.py" || die - mv tool/gnuk_put_binary_libusb.py "tool/${PN}-put_binary_libusb.py" || die - mv tool/gnuk_remove_keys_libusb.py "tool/${PN}-remove_keys_libusb.py" || die - mv tool/gnuk_upgrade.py "tool/${PN}-upgrade.py" || die - mv tool/stlinkv2.py "tool/${PN}-stlinkv2.py" || die - mv tool/upgrade_by_passwd.py "tool/${PN}-upgrade_by_passwd.py" || die - mv tool/usb_strings.py "tool/${PN}-usb_strings.py" || die -} - -src_configure() { - cd "${S}/src" - ./configure \ - --target=FST_01 \ - --vidpid=234b:0000 \ - --enable-certdo \ - --enable-factory-reset \ - --enable-hid-card-change \ - $(use_enable debug) \ - || die "configure failed" -} - -src_compile() { - cd "${S}/src" - emake CROSS="arm-none-eabi-" - - if use doc ; then - cd "${S}/doc" - emake html - emake man - fi - - cd "${S}/regnual" - emake TRGT="arm-none-eabi-" -} - -src_install() { - insinto "/usr/share/${PN}/firmware" - doins "src/build/${PN}.bin" - doins "regnual/regnual.bin" - - udev_dorules "${FILESDIR}/60-${PN}.rules" - - if use doc ; then - HTML_DOCS=( doc/_build/html/* ) - doman doc/_build/man/* - fi - - install_example() { - python_export PYTHON_SCRIPTDIR - insinto "${PYTHON_SCRIPTDIR}" - doins "${1}" - } - - if use tools ; then - python_foreach_impl python_domodule tool/gnuk_token.py - python_foreach_impl python_domodule tool/gpg_agent.py - python_foreach_impl python_domodule tool/kdf_calc.py - python_foreach_impl python_domodule tool/rsa.py - - python_foreach_impl python_doscript "tool/${PN}-get_random.py" - python_foreach_impl python_doscript "tool/${PN}-get_raw_public_key.py" - python_foreach_impl python_doscript "tool/${PN}-put_binary_libusb.py" - python_foreach_impl python_doscript "tool/${PN}-remove_keys_libusb.py" - python_foreach_impl python_doscript "tool/${PN}-stlinkv2.py" - python_foreach_impl python_doscript "tool/${PN}-upgrade.py" - python_foreach_impl python_doscript "tool/${PN}-upgrade_by_passwd.py" - python_foreach_impl python_doscript "tool/${PN}-usb_strings.py" - python_foreach_impl install_example tool/rsa_example.key - - udev_dorules "${FILESDIR}/10-stlink.rules" - fi - - dodoc AUTHORS ChangeLog NEWS README THANKS - dodoc -r doc/note -} diff --git a/sys-firmware/gnuk/gnuk-1.2.15.ebuild b/sys-firmware/gnuk/gnuk-1.2.15.ebuild new file mode 100644 index 00000000..f52f14aa --- /dev/null +++ b/sys-firmware/gnuk/gnuk-1.2.15.ebuild @@ -0,0 +1,123 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +PYTHON_COMPAT=( python{3_6,3_7,3_8} ) +inherit git-r3 eutils python-r1 udev + +DESCRIPTION="An Implementation of USB Cryptographic Token for GnuPG" +HOMEPAGE="https://www.fsij.org/category/gnuk.html" +EGIT_REPO_URI="https://salsa.debian.org/gnuk-team/${PN}/${PN}" +EGIT_COMMIT="release/${PV}" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64" +IUSE="debug doc tools" + +DEPEND="doc? ( dev-python/sphinx )" +RDEPEND="virtual/udev + tools? ( + ${PYTHON_DEPS} + dev-python/pyusb[${PYTHON_USEDEP}] + dev-python/colorama[${PYTHON_USEDEP}] + )" + +PATCHES=( + "${FILESDIR}/${PV}-MINOR-Always-get-version-from-the-VERSION-file.patch" + "${FILESDIR}/${PV}-build-initilize-empty-MCFLAGS-and-LDFLAGS.patch" + "${FILESDIR}/${PV}-build-discard-compiler-default-specs.patch" + "${FILESDIR}/${PV}-build-move-nostartfiles-earlier.patch" + "${FILESDIR}/${PV}-build-do-not-produce-a-dynamically-linked-position-i.patch" +) + +pkg_pretend() { + if type -p arm-none-eabi-gcc > /dev/null 2>&1 ; then + return 0 + fi + + eerror "Before you could build the firmware, you need to install arm-none-eabi toolchain" + eerror "Run the following commands:" + eerror " emerge -vat crossdev" + eerror " crossdev --target arm-none-eabi" + die "arm-none-eabi toolchain is needed" +} + +src_prepare () { + default + + mv tool/get_raw_public_key.py "tool/${PN}-get_raw_public_key.py" || die + mv tool/gnuk_get_random.py "tool/${PN}-get_random.py" || die + mv tool/gnuk_put_binary_libusb.py "tool/${PN}-put_binary_libusb.py" || die + mv tool/gnuk_remove_keys_libusb.py "tool/${PN}-remove_keys_libusb.py" || die + mv tool/gnuk_upgrade.py "tool/${PN}-upgrade.py" || die + mv tool/stlinkv2.py "tool/${PN}-stlinkv2.py" || die + mv tool/upgrade_by_passwd.py "tool/${PN}-upgrade_by_passwd.py" || die + mv tool/usb_strings.py "tool/${PN}-usb_strings.py" || die +} + +src_configure() { + cd "${S}/src" + ./configure \ + --target=FST_01 \ + --vidpid=234b:0000 \ + --enable-certdo \ + --enable-factory-reset \ + --enable-hid-card-change \ + $(use_enable debug) \ + || die "configure failed" +} + +src_compile() { + cd "${S}/src" + emake CROSS="arm-none-eabi-" + + if use doc ; then + cd "${S}/doc" + emake html + emake man + fi + + cd "${S}/regnual" + emake TRGT="arm-none-eabi-" +} + +src_install() { + insinto "/usr/share/${PN}/firmware" + doins "src/build/${PN}.bin" + doins "regnual/regnual.bin" + + udev_dorules "${FILESDIR}/60-${PN}.rules" + + if use doc ; then + HTML_DOCS=( doc/_build/html/* ) + doman doc/_build/man/* + fi + + install_example() { + insinto "$(python_get_scriptdir)" + doins "${1}" + } + + if use tools ; then + python_foreach_impl python_domodule tool/gnuk_token.py + python_foreach_impl python_domodule tool/gpg_agent.py + python_foreach_impl python_domodule tool/kdf_calc.py + python_foreach_impl python_domodule tool/rsa.py + + python_foreach_impl python_doscript "tool/${PN}-get_random.py" + python_foreach_impl python_doscript "tool/${PN}-get_raw_public_key.py" + python_foreach_impl python_doscript "tool/${PN}-put_binary_libusb.py" + python_foreach_impl python_doscript "tool/${PN}-remove_keys_libusb.py" + python_foreach_impl python_doscript "tool/${PN}-stlinkv2.py" + python_foreach_impl python_doscript "tool/${PN}-upgrade.py" + python_foreach_impl python_doscript "tool/${PN}-upgrade_by_passwd.py" + python_foreach_impl python_doscript "tool/${PN}-usb_strings.py" + python_foreach_impl install_example tool/rsa_example.key + + udev_dorules "${FILESDIR}/10-stlink.rules" + fi + + dodoc AUTHORS ChangeLog NEWS README THANKS + dodoc -r doc/note +} -- cgit v1.2.3