initial import

.gitignore

@@ -0,0 +1 @@
+/fido-device-onboard-rs-*.4.9.tar.gz

0001-chore-update-libcryptsetup-rs-to-0.8.patch

@@ -0,0 +1,64 @@
+From 5e57b7fc4afc170c65e4b9a283da2f59fb3f127e Mon Sep 17 00:00:00 2001
+From: Irene Diez <idiez@redhat.com>
+Date: Tue, 13 Jun 2023 17:40:05 +0200
+Subject: [PATCH] chore: update libcryptsetup to 0.8.0 and fix API changes
+
+Signed-off-by: Irene Diez <idiez@redhat.com>
+---
+ Cargo.lock                              | 4 ++--
+ client-linuxapp/Cargo.toml              | 2 +-
+ client-linuxapp/src/reencrypt/rebind.rs | 4 ++--
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/client-linuxapp/Cargo.toml b/client-linuxapp/Cargo.toml
+index f97a649d..cbd132b8 100644
+--- a/client-linuxapp/Cargo.toml
++++ b/client-linuxapp/Cargo.toml
+@@ -17,7 +17,7 @@ rand = "0.8.4"
+ nix = "0.26"
+ uuid = "1.3"
+ thiserror = "1"
+-libcryptsetup-rs = { version = "0.6.1", features = ["mutex"] }
++libcryptsetup-rs = { version = "0.8.0", features = ["mutex"] }
+ secrecy = "0.8"
+ devicemapper = "0.33"
+ 
+diff --git a/client-linuxapp/src/reencrypt/mod.rs b/client-linuxapp/src/reencrypt/mod.rs
+index da2b7d38..1e38d35a 100644
+--- a/client-linuxapp/src/reencrypt/mod.rs
++++ b/client-linuxapp/src/reencrypt/mod.rs
+@@ -64,7 +64,7 @@ fn perform_reencrypt(dev_name: &str) -> Result<()> {
+         .context("Error opening device")?;
+ 
+     dev.context_handle()
+-        .load::<libcryptsetup_rs::CryptParamsLuks2>(None, None)
++        .load::<()>(None, None)
+         .context("Error loading device context")?;
+ 
+     let status = dev
+diff --git a/client-linuxapp/src/reencrypt/rebind.rs b/client-linuxapp/src/reencrypt/rebind.rs
+index 0c35a71c..693beb1f 100644
+--- a/client-linuxapp/src/reencrypt/rebind.rs
++++ b/client-linuxapp/src/reencrypt/rebind.rs
+@@ -154,7 +154,7 @@ fn clevis_bind(
+     log::trace!("Clevis bind successful");
+ 
+     dev.context_handle()
+-        .load::<libcryptsetup_rs::CryptParamsLuks2>(None, None)
++        .load::<()>(None, None)
+         .context("Error re-loading device context")?;
+ 
+     log::trace!("Reloaded device context");
+diff --git a/client-linuxapp/src/serviceinfo.rs b/client-linuxapp/src/serviceinfo.rs
+index 43c60302..89ce7e6b 100644
+--- a/client-linuxapp/src/serviceinfo.rs
++++ b/client-linuxapp/src/serviceinfo.rs
+@@ -253,7 +253,7 @@ impl DiskEncryptionInProgress {
+         log::debug!("Device initiated");
+ 
+         dev.context_handle()
+-            .load::<libcryptsetup_rs::CryptParamsLuks2>(None, None)
++            .load::<()>(None, None)
+             .context("Error loading device context")?;
+ 
+         log::debug!("Device information loaded");

fido-device-onboard.spec

@@ -0,0 +1,263 @@
+%global dracutlibdir %{_prefix}/lib/dracut
+%bcond_without check
+%global combined_license Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR ISC OR MIT) AND (Apache-2.0 OR MIT) AND ((Apache-2.0 OR MIT) AND BSD-3-Clause) AND (Apache-2.0 ITH LLVM-exception OR Apache-2.0 OR MIT) AND BSD-2-Clause AND BSD-3-Clause AND (CC0-1.0 OR Apache-2.0) AND (CC0-1.0 OR MIT-0 OR Apache 2.0) AND ISC AND MIT AND ((MIT OR Apache-2.0) AND Unicode-DFS-2016) AND (Apache-2.0 OR MIT OR Zlib) AND MPL-2.0 AND (Unlicense OR MIT)
+
+Name:           fido-device-onboard
+Version:        0.4.9
+Release:        5%{?dist}
+Summary:        A rust implementation of the FIDO Device Onboard Specification
+License:        BSD-3-Clause
+
+
+URL:            https://github.com/fedora-iot/fido-device-onboard-rs
+Source0:        %{url}/archive/v%{version}/%{name}-rs-%{version}.tar.gz
+# From upstream
+Patch0:         0001-chore-update-libcryptsetup-rs-to-0.8.patch
+
+%if 0%{?rhel} && !0%{?eln}
+BuildRequires:  rust-toolset
+%else
+BuildRequires:  rust-packaging
+%endif
+BuildRequires:  clang-devel
+BuildRequires:  cryptsetup-devel
+BuildRequires:  device-mapper-devel
+BuildRequires:  golang
+BuildRequires:  openssl-devel >= 3.0.1-12
+BuildRequires:  systemd-rpm-macros
+BuildRequires:  tpm2-tss-devel
+
+%description
+%{summary}.
+
+%prep
+%autosetup -p1 -n %{name}-rs-%{version}
+
+%cargo_prep
+
+%generate_buildrequires
+%cargo_generate_buildrequires -a
+
+%build
+%cargo_build \
+-F openssl-kdf/deny_custom
+
+%cargo_license_summary
+%{cargo_license} > LICENSE.dependencies
+
+%install
+install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-client-linuxapp
+install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufacturing-client
+install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-manufacturing-server
+install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-owner-onboarding-server
+install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-rendezvous-server
+install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-serviceinfo-api-server
+install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-owner-tool
+install -D -m 0755 -t %{buildroot}%{_bindir} target/release/fdo-admin-tool
+install -D -m 0644 -t %{buildroot}%{_unitdir} examples/systemd/*
+install -D -m 0644 -t %{buildroot}%{_docdir}/fdo examples/config/*
+# duplicates as needed by AIO command so link them
+ln -s %{_bindir}/fdo-owner-tool  %{buildroot}%{_libexecdir}/fdo/fdo-owner-tool
+ln -s %{_bindir}/fdo-admin-tool %{buildroot}%{_libexecdir}/fdo/fdo-admin-tool
+mkdir -p %{buildroot}%{_sysconfdir}/fdo
+# Dracut manufacturing service
+install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/module-setup.sh
+install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client-generator
+install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client-service
+install -D -m 0755 -t %{buildroot}%{dracutlibdir}/modules.d/52fdo dracut/52fdo/manufacturing-client.service
+
+%package -n fdo-init
+Summary: dracut module for device initialization
+License: %combined_license
+Requires: openssl-libs >= 3.0.1-12
+Requires: dracut
+%description -n fdo-init
+%{summary}
+
+%files -n fdo-init
+%license LICENSE LICENSE.dependencies
+%{dracutlibdir}/modules.d/52fdo/
+%{_libexecdir}/fdo/fdo-manufacturing-client
+
+%package -n fdo-owner-onboarding-server
+Summary: FDO Owner Onboarding Server implementation
+License: %combined_license
+Requires: openssl-libs >= 3.0.1-12
+%description -n fdo-owner-onboarding-server
+%{summary}
+
+%files -n fdo-owner-onboarding-server
+%license LICENSE LICENSE.dependencies
+%{_libexecdir}/fdo/fdo-owner-onboarding-server
+%{_libexecdir}/fdo/fdo-serviceinfo-api-server
+%dir %{_docdir}/fdo
+%{_docdir}/fdo/serviceinfo-api-server.yml
+%{_docdir}/fdo/owner-onboarding-server.yml
+%{_unitdir}/fdo-serviceinfo-api-server.service
+%{_unitdir}/fdo-owner-onboarding-server.service
+
+%post -n fdo-owner-onboarding-server
+%systemd_post fdo-owner-onboarding-server.service
+%systemd_post fdo-serviceinfo-api-server.service
+
+%preun -n fdo-owner-onboarding-server
+%systemd_preun fdo-owner-onboarding-server.service
+%systemd_post fdo-serviceinfo-api-server.service
+
+%postun -n fdo-owner-onboarding-server
+%systemd_postun_with_restart fdo-owner-onboarding-server.service
+%systemd_postun_with_restart fdo-serviceinfo-api-server.service
+
+%package -n fdo-rendezvous-server
+Summary: FDO Rendezvous Server implementation
+License: %combined_license
+%description -n fdo-rendezvous-server
+%{summary}
+
+%files -n fdo-rendezvous-server
+%license LICENSE LICENSE.dependencies
+%{_libexecdir}/fdo/fdo-rendezvous-server
+%dir %{_docdir}/fdo
+%{_docdir}/fdo/rendezvous-*.yml
+%{_unitdir}/fdo-rendezvous-server.service
+
+%post -n fdo-rendezvous-server
+%systemd_post fdo-rendezvous-server.service
+
+%preun -n fdo-rendezvous-server
+%systemd_preun fdo-rendezvous-server.service
+
+%postun -n fdo-rendezvous-server
+%systemd_postun_with_restart fdo-rendezvous-server.service
+
+%package -n fdo-manufacturing-server
+Summary: FDO Manufacturing Server implementation
+License: %combined_license
+Requires: openssl-libs >= 3.0.1-12
+%description -n fdo-manufacturing-server
+%{summary}
+
+%files -n fdo-manufacturing-server
+%license LICENSE LICENSE.dependencies
+%{_libexecdir}/fdo/fdo-manufacturing-server
+%dir %{_docdir}/fdo
+%{_docdir}/fdo/manufacturing-server.yml
+%{_unitdir}/fdo-manufacturing-server.service
+
+%post -n fdo-manufacturing-server
+%systemd_post fdo-manufacturing-server.service
+
+%preun -n fdo-manufacturing-server
+%systemd_preun fdo-manufacturing-server.service
+
+%postun -n fdo-manufacturing-server
+%systemd_postun_with_restart fdo-manufacturing-server.service
+
+%package -n fdo-client
+Summary: FDO Client implementation
+License: %combined_license
+Requires: openssl-libs >= 3.0.1-12
+Requires: clevis
+Requires: clevis-luks
+Requires: clevis-pin-tpm2
+Requires: cryptsetup
+%description -n fdo-client
+%{summary}
+
+%files -n fdo-client
+%license LICENSE LICENSE.dependencies
+%{_libexecdir}/fdo/fdo-client-linuxapp
+%{_unitdir}/fdo-client-linuxapp.service
+
+%post -n fdo-client
+%systemd_post fdo-client-linuxapp.service
+
+%preun -n fdo-client
+%systemd_preun fdo-client-linuxapp.service
+
+%postun -n fdo-client
+%systemd_postun_with_restart fdo-client-linuxapp.service
+
+%package -n fdo-owner-cli
+Summary: FDO Owner tools implementation
+License: %combined_license
+%description -n fdo-owner-cli
+%{summary}
+
+%files -n fdo-owner-cli
+%license LICENSE LICENSE.dependencies
+%{_bindir}/fdo-owner-tool
+%{_libexecdir}/fdo/fdo-owner-tool
+
+%package -n fdo-admin-cli
+Summary: FDO admin tools implementation
+License: %combined_license
+Requires: fdo-manufacturing-server = %{version}-%{release}
+Requires: fdo-init = %{version}-%{release}
+Requires: fdo-client = %{version}-%{release}
+Requires: fdo-rendezvous-server = %{version}-%{release}
+Requires: fdo-owner-onboarding-server = %{version}-%{release}
+Requires: fdo-owner-cli = %{version}-%{release}
+%description -n fdo-admin-cli
+%{summary}
+
+%files -n fdo-admin-cli
+%license LICENSE LICENSE.dependencies
+%{_bindir}/fdo-admin-tool
+%{_libexecdir}/fdo/fdo-admin-tool
+%{_unitdir}/fdo-aio.service
+%dir %{_sysconfdir}/fdo
+
+%post -n fdo-admin-cli
+%systemd_post fdo-aio.service
+
+%preun -n fdo-admin-cli
+%systemd_preun fdo-aio.service
+
+%postun -n fdo-admin-cli
+%systemd_postun_with_restart fdo-aio.service
+
+%changelog
+* Wed Jun 14 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-5
+- More spec updates
+
+* Wed Jun 14 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-4
+- Add patch for libcryptsetup-rs 0.8 API changes
+
+* Tue Jun 13 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-3
+- Updates for licenses
+
+* Tue May 30 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-2
+- Review feedback
+- Patch for libcryptsetup-rs 0.7
+
+* Thu May 11 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.9-1
+- Update to 0.4.9
+
+* Mon Feb 20 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-3
+- Fix services start
+
+* Wed Feb 15 2023 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-2
+- Upstream fix for rhbz#2168089
+
+* Wed Nov 30 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 0.4.7-1
+- Update to 0.4.7
+- Package updates and cleanup
+
+* Tue Mar 29 2022 Antonio Murdaca <runcom@linux.com> - 0.4.5-1
+- bump to 0.4.5
+
+* Mon Feb 28 2022 Antonio Murdaca <runcom@linux.com> - 0.4.0-2
+- fix runtime requirements to use openssl-libs and not -devel
+
+* Thu Feb 24 2022 Antonio Murdaca <runcom@linux.com> - 0.4.0-1
+- upgrade to 0.4.0
+
+* Tue Feb 01 2022 Antonio Murdaca <runcom@linux.com> - 0.3.0-1
+- bump to 0.3.0
+
+* Tue Jan 11 2022 Antonio Murdaca <runcom@linux.com> - 0.2.0-2
+- use patched vendor w/o win files and rename license
+
+* Mon Dec 13 2021 Antonio Murdaca <runcom@linux.com> - 0.2.0-1
+- import fido-device-onboard

sources

@@ -0,0 +1 @@
+SHA512 (fido-device-onboard-rs-0.4.9.tar.gz) = eae79e4af7557a574fad42d73bf6f8c382c1034baf73e1adf703a21c41636cdac8a961e10b9f651334268220f465a7ec6c682cbd9f3425e4de25518126490ba0