Main Inclusion Report for opencryptoki

Requirements

1. Availability:

   • source package: http://archive.ubuntu.com/ubuntu/pool/universe/o/opencryptoki/

   • binary packages needed in main: libopencryptoki-dev, libopencryptoki0

   • binary packages that are not required in main: opencryptoki, opencryptoki-dbg

   • available for all supported architectures

2. Rationale:

   • Build dependency of ecryptfs-utils (MainInclusionReportEcryptfsUtils)

3. Security:

   • CVE entries: none

   • Secunia history: none

   • No binaries running as root or suid/sgid in the libraries

   • No daemons are part of the library

   • The libraries do not hvae network activity or open ports

   • The libraries do not handle incoming network data

   • Any source code review performed ? no

4. Quality assurance:

   • The library works out of the box without configuration

   • Does the package does not ask any debconf questions higher than priority 'medium'

   • Debian bugs: no showstoppers

   • Maintenance in Debian is active ?

   • Upstream is active ?

   • Upstream bug tracker: no showstoppers

   • Hardware: The kernel TPM driver deals with opencryptoki cryptographic accelerators. These libraries expose the API to supported accelerators.

   • There is a test suit in an Upstream CVS module, but it is not part of the source package or build.

5. Standards compliance:

   • FHS, Debian Policy compliance ? yes

   • Debian library packaging guide standards compliance ? yes

   • Packaging system

     • debhelper

   • Patch system

     • dpatch

   • Packaging oddities

     • none

6. Build Dependencies

   • debhelper (>= 7), dpatch, autotools-dev, libtspi-dev

   • libtspi-dev is not in main, see MainInclusionReportTrousers, 247590

7. Background information: Quoting debian/control:

   • Description: PKCS#11 implementation for Linux (library) -- openCryptoki is a PKCS#11 Cryptographic Token Interface Standard implementation for Linux. It includes drivers and libraries to enable IBM cryptographic hardware such as Trusted Computing Platform (TPM) cryptographic devices as well as a software token for testing.

   • What do upstream call this software ? opencryptoki

   • Has it had different names in the past ? no

Reviewers

MIR bug: 247593

• Dustin Kirkland