app-crypt/sac-core: add new ebuild

SafeNet Authentication Client is a widely used middleware for qualified digital certificates and other auth mechanisms for EU government services. Unfortunately it is not open source, however it integrates well with pcslite and ccid and is useable for proving gov id for various services. Signed-off-by: Adrian Ratiu <adrian.ratiu@collabora.com>
2025-04-20 00:08:58 -04:00 · 2024-05-06 01:58:04 +03:00 · 2024-05-06 01:58:04 +03:00 · 30b5af1d5b
commit 30b5af1d5b
parent 99f2f25aff
4 changed files with 99 additions and 0 deletions
--- a/app-crypt/sac-core/Manifest
+++ b/app-crypt/sac-core/Manifest
@ -0,0 +1 @@
+DIST SAC_Linux_10.8.105_R1_GA.zip 118355633 BLAKE2B 19040c84e10290f64b9225a7e093ff86f4b2e6dbf0dae2798526fecf754daf39c74db6dc257a4d90b4fac8a536c1707cde4458b4905f826d84ad2e03f3583f8e SHA512 6f3fac16a73f0d1074abf59039e4efea7dfb07193b24e24bf3944a7b2779c00d74c4e9471fa39571701c3694c2e4260ff9d7792ddfdbae8b6a5337dcf3ac7634
--- a/app-crypt/sac-core/files/safenetauthenticationclient.service
+++ b/app-crypt/sac-core/files/safenetauthenticationclient.service
@ -0,0 +1,8 @@
+[Unit]
+Description=Thales eToken SACSrv daemon
+
+[Service]
+ExecStart=/usr/bin/SACSrv
+
+[Install]
+WantedBy=multi-user.target
--- a/app-crypt/sac-core/metadata.xml
+++ b/app-crypt/sac-core/metadata.xml
@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <longdescription>
+    SAC is a Public Key Infrastructure (PKI) middleware that provides a secure
+    method for exchanging information based on public key cryptography, enabling
+    trusted third-party verification of user identities.
+
+    It utilizes a system of digital certificates, Certificate Authorities, and
+    other registration authorities that verify and authenticate the validity of
+    each party involved in an internet transaction.
+  </longdescription>
+  <maintainer type="person">
+    <name>Adrian Ratiu</name>
+    <email>adrian.ratiu@collabora.com</email>
+  </maintainer>
+</pkgmetadata>
--- a/app-crypt/sac-core/sac-core-10.8.1050.ebuild
+++ b/app-crypt/sac-core/sac-core-10.8.1050.ebuild
@ -0,0 +1,73 @@
+# Copyright 2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="Thales/Gemalto SafeNet Authentication Client for eToken 5110/5300 & IDPrime (core PKCS#11 modules)"
+
+SRC_URI="https://nullroute.lt/tmp/2023/pkg/SAC_Linux_10.8.105_R1_GA.zip"
+
+HOMEPAGE="https://cpl.thalesgroup.com/access-management/security-applications/authentication-client-token-management"
+# see usr/share/doc copyright file
+LICENSE="no-source-code EULA"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="+ssl"
+
+# binaries are already stripped
+RESTRICT="strip"
+
+inherit systemd
+
+RDEPEND="
+	dev-libs/openssl
+	sys-apps/pcsc-lite
+	app-crypt/ccid
+	virtual/libusb:0
+	ssl? ( dev-libs/libp11 )
+"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}"
+
+src_unpack() {
+	default
+
+	cd "$S" || die
+
+	unpack "SAC Linux ${PV} R1 GA/Installation/withoutUI/Ubuntu-2204/safenetauthenticationclient-core_${PV}_amd64.deb" || die
+	unpack "./data.tar.gz" || die
+}
+
+src_install() {
+	# v10.8 is 64bit only, so move to the proper libdir
+	mv usr/lib usr/$(get_libdir) || die
+
+	# libs are not marked as executable
+	chmod 755 usr/$(get_libdir)/lib*.${PV} || die
+
+	# move docs to proper location
+	mkdir -p "usr/share/doc/${PF}" || die
+	mv usr/share/doc/safenetauthenticationclient-core "usr/share/doc/${PF}/" || die
+
+	# exclude already compressed file from compression
+	docompress -x "/usr/share/doc/${PF}/safenetauthenticationclient-core/changelog.gz" || die
+
+	# Create missing SONAME symlinks
+	ln -s libSACLog.so.${PV} "usr/$(get_libdir)/libSACLog.so.10" || die
+	ln -s libeTokenHID.so.${PV} "usr/$(get_libdir)/libeTokenHID.so.10" || die
+	ln -s libIDPrimePKCS11.so.${PV} "usr/$(get_libdir)/libIDPrimePKCS11.so.10" || die
+	ln -s libIDPrimeTokenEngine.so.${PV} "usr/$(get_libdir)/libIDPrimeTokenEngine.so.10" || die
+	ln -s libIDClassicSISTokenEngine.so.${PV} "usr/$(get_libdir)/libIDClassicSISTokenEngine.so.10" || die
+	ln -s libIDPrimeSISTokenEngine.so.${PV} "usr/$(get_libdir)/libIDPrimeSISTokenEngine.so.10" || die
+
+	mv usr/ "${D}/" || die
+	mv etc/ "${D}/" || die
+
+	systemd_dounit "${FILESDIR}/safenetauthenticationclient.service"
+}
+
+pkg_posintst() {
+	einfo "To allow pcscd access to usb devices:"
+	einfo "usermod -aG usb pcscd"
+}
				`@ -0,0 +1 @@`
				`DIST SAC_Linux_10.8.105_R1_GA.zip 118355633 BLAKE2B 19040c84e10290f64b9225a7e093ff86f4b2e6dbf0dae2798526fecf754daf39c74db6dc257a4d90b4fac8a536c1707cde4458b4905f826d84ad2e03f3583f8e SHA512 6f3fac16a73f0d1074abf59039e4efea7dfb07193b24e24bf3944a7b2779c00d74c4e9471fa39571701c3694c2e4260ff9d7792ddfdbae8b6a5337dcf3ac7634`