4 files changed, 2 insertions, 145 deletions
diff --git a/meta-oe/recipes-support/opensc/files/0001-pkcs11-tool-Fix-private-key-import.patch b/meta-oe/recipes-support/opensc/files/0001-pkcs11-tool-Fix-private-key-import.patch
deleted file mode 100644
index e270a8e2e6..0000000000
--- a/meta-oe/recipes-support/opensc/files/0001-pkcs11-tool-Fix-private-key-import.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 6f868bbcd9e65447f459f74381c09d1e315a32f6 Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Thu, 1 Dec 2022 20:08:53 +0100
-Subject: [PATCH 1/2] pkcs11-tool: Fix private key import
-Upstream-Status: Backport
---
- src/tools/pkcs11-tool.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index aae205fe2cd6..cfee8526d5b0 100644
--- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
-                RSA_get0_factors(r, &r_p, &r_q);
-                RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
- #else
-               if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 ||
-+               if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 ||
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 ||
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
-                       EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) {
-                        util_fatal("OpenSSL error during RSA private key parsing");
-+                       EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
-                }
- #endif
-                RSA_GET_BN(rsa, private_exponent, r_d);
-- 
-2.30.2
diff --git a/meta-oe/recipes-support/opensc/files/0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch b/meta-oe/recipes-support/opensc/files/0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch
deleted file mode 100644
index 880a13ac61..0000000000
--- a/meta-oe/recipes-support/opensc/files/0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 4b5702409e7feea8cb410254285c120c57c10e1b Mon Sep 17 00:00:00 2001
-From: Jakub Jelen <jjelen@redhat.com>
-Date: Thu, 1 Dec 2022 20:11:41 +0100
-Subject: [PATCH 2/2] pkcs11-tool: Log more information on OpenSSL errors
-Upstream-Status: Backport
---
- src/tools/pkcs11-tool.c | 15 ++++++---------
- 1 file changed, 6 insertions(+), 9 deletions(-)
-diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
-index cfee8526d5b0..f2e6b1dd91cd 100644
--- a/src/tools/pkcs11-tool.c
-+++ b/src/tools/pkcs11-tool.c
-@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
-        const BIGNUM *r_dmp1, *r_dmq1, *r_iqmp;
-        r = EVP_PKEY_get1_RSA(pkey);
-        if (!r) {
-               if (private)
-                       util_fatal("OpenSSL error during RSA private key parsing");
-               else
-                       util_fatal("OpenSSL error during RSA public key parsing");
-+               util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
-+                       ERR_error_string(ERR_peek_last_error(), NULL));
-        }
- 
-        RSA_get0_key(r, &r_n, &r_e, NULL);
-@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
-        BIGNUM *r_dmp1 = NULL, *r_dmq1 = NULL, *r_iqmp = NULL;
-        if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 ||
-                EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) {
-               if (private)
-                       util_fatal("OpenSSL error during RSA private key parsing");
-               else
-                       util_fatal("OpenSSL error during RSA public key parsing");
-+               util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
-+                       ERR_error_string(ERR_peek_last_error(), NULL));
-         }
- #endif
-        RSA_GET_BN(rsa, modulus, r_n);
-@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
-                       util_fatal("OpenSSL error during RSA private key parsing");
-                        EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
-+                       util_fatal("OpenSSL error during RSA private key parsing: %s",
-+                               ERR_error_string(ERR_peek_last_error(), NULL));
-                }
- #endif
-                RSA_GET_BN(rsa, private_exponent, r_d);
-- 
-2.30.2
diff --git a/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch b/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch
deleted file mode 100644
index 165fc316bf..0000000000
--- a/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-CVE: CVE-2023-2977
-Upstream-Status: Backport [ https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a ]
-Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
-From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
-From: fullwaywang <fullwaywang@tencent.com>
-Date: Mon, 29 May 2023 10:38:48 +0800
-Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
- overrun bug. Fixes #2785
---
- src/pkcs15init/pkcs15-cardos.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
-index 9715cf390f..f41f73c349 100644
--- a/src/pkcs15init/pkcs15-cardos.c
-+++ b/src/pkcs15init/pkcs15-cardos.c
-@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
-        sc_apdu_t apdu;
-         u8        rbuf[SC_MAX_APDU_BUFFER_SIZE];
-         int       r;
-       const u8  *p = rbuf, *q;
-+       const u8  *p = rbuf, *q, *pp;
-        size_t    len, tlen = 0, ilen = 0;
- 
-        sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
-@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
-                return 0;
- 
-        while (len != 0) {
-               p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
-               if (p == NULL)
-+               pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
-+               if (pp == NULL)
-                        return 0;
-                if (card->type == SC_CARD_TYPE_CARDOS_M4_3)     {
-                        /* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */
-                        /* and Package Number 0x07                                      */
-                       q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
-+                       q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
-                        if (q == NULL || ilen != 4)
-                                return 0;
-                        if (q[0] == 0x07)
-@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
-                } else if (card->type == SC_CARD_TYPE_CARDOS_M4_4)      {
-                        /* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03  */
-                        /* and Package Number 0x02                                      */
-                       q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
-+                       q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
-                        if (q == NULL || ilen != 4)
-                                return 0;
-                        if (q[0] == 0x02)
diff --git a/meta-oe/recipes-support/opensc/opensc_0.23.0.bb b/meta-oe/recipes-support/opensc/opensc_0.24.0.bb
index b3fc1f0458..fd64cf9e85 100644
--- a/meta-oe/recipes-support/opensc/opensc_0.23.0.bb
+++ b/meta-oe/recipes-support/opensc/opensc_0.24.0.bb
@@ -12,11 +12,8 @@ LICENSE = "LGPL-2.0-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=cb8aedd3bced19bd8026d96a8b6876d7"
 #v0.21.0
-SRCREV = "5497519ea6b4af596628f8f8f2f904bacaa3148f"
+SRCREV = "f15d0c5295f3247ae56bf976cf411fec4b47b6ec"
 SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \
-           file://0001-pkcs11-tool-Fix-private-key-import.patch \
-           file://0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch \
-           file://CVE-2023-2977.patch \
          "
 DEPENDS = "virtual/libiconv openssl"
@@ -44,6 +41,7 @@ FILES:${PN} += "\
    ${libdir}/pkcs11-spy.so \
 "
 FILES:${PN}-dev += "\
+    ${libdir}/onepin-opensc-pkcs11.so \
    ${libdir}/pkcs11/opensc-pkcs11.so \
    ${libdir}/pkcs11/onepin-opensc-pkcs11.so \
    ${libdir}/pkcs11/pkcs11-spy.so \

diff --git a/meta-oe/recipes-support/opensc/files/0001-pkcs11-tool-Fix-private-key-import.patch b/meta-oe/recipes-support/opensc/files/0001-pkcs11-tool-Fix-private-key-import.patch deleted file mode 100644 index e270a8e2e6..0000000000 --- a/meta-oe/recipes-support/opensc/files/0001-pkcs11-tool-Fix-private-key-import.patch +++ /dev/null
@@ -1,33 +0,0 @@
1	From 6f868bbcd9e65447f459f74381c09d1e315a32f6 Mon Sep 17 00:00:00 2001
2	From: Jakub Jelen <jjelen@redhat.com>
3	Date: Thu, 1 Dec 2022 20:08:53 +0100
4	Subject: [PATCH 1/2] pkcs11-tool: Fix private key import
5
6	Upstream-Status: Backport
7	---
8	src/tools/pkcs11-tool.c \| 4 ++--
9	1 file changed, 2 insertions(+), 2 deletions(-)
10
11	diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
12	index aae205fe2cd6..cfee8526d5b0 100644
13	--- a/src/tools/pkcs11-tool.c
14	+++ b/src/tools/pkcs11-tool.c
15	@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY pkey, int private, struct rsakey_info rsa)
16	RSA_get0_factors(r, &r_p, &r_q);
17	RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
18	#else
19	- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 \|\|
20	+ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 \|\|
21	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 \|\|
22	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 \|\|
23	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 \|\|
24	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 \|\|
25	- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) {
26	util_fatal("OpenSSL error during RSA private key parsing");
27	+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
28	}
29	#endif
30	RSA_GET_BN(rsa, private_exponent, r_d);
31	--
32	2.30.2
33


diff --git a/meta-oe/recipes-support/opensc/files/0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch b/meta-oe/recipes-support/opensc/files/0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch deleted file mode 100644 index 880a13ac61..0000000000 --- a/meta-oe/recipes-support/opensc/files/0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch +++ /dev/null
@@ -1,54 +0,0 @@
1	From 4b5702409e7feea8cb410254285c120c57c10e1b Mon Sep 17 00:00:00 2001
2	From: Jakub Jelen <jjelen@redhat.com>
3	Date: Thu, 1 Dec 2022 20:11:41 +0100
4	Subject: [PATCH 2/2] pkcs11-tool: Log more information on OpenSSL errors
5
6	Upstream-Status: Backport
7	---
8	src/tools/pkcs11-tool.c \| 15 ++++++---------
9	1 file changed, 6 insertions(+), 9 deletions(-)
10
11	diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
12	index cfee8526d5b0..f2e6b1dd91cd 100644
13	--- a/src/tools/pkcs11-tool.c
14	+++ b/src/tools/pkcs11-tool.c
15	@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY pkey, int private, struct rsakey_info rsa)
16	const BIGNUM r_dmp1, r_dmq1, *r_iqmp;
17	r = EVP_PKEY_get1_RSA(pkey);
18	if (!r) {
19	- if (private)
20	- util_fatal("OpenSSL error during RSA private key parsing");
21	- else
22	- util_fatal("OpenSSL error during RSA public key parsing");
23	+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
24	+ ERR_error_string(ERR_peek_last_error(), NULL));
25	}
26
27	RSA_get0_key(r, &r_n, &r_e, NULL);
28	@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY pkey, int private, struct rsakey_info rsa)
29	BIGNUM r_dmp1 = NULL, r_dmq1 = NULL, *r_iqmp = NULL;
30	if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 \|\|
31	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) {
32	- if (private)
33	- util_fatal("OpenSSL error during RSA private key parsing");
34	- else
35	- util_fatal("OpenSSL error during RSA public key parsing");
36	+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
37	+ ERR_error_string(ERR_peek_last_error(), NULL));
38	}
39	#endif
40	RSA_GET_BN(rsa, modulus, r_n);
41	@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY pkey, int private, struct rsakey_info rsa)
42	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 \|\|
43	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 \|\|
44	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 \|\|
45	- util_fatal("OpenSSL error during RSA private key parsing");
46	EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
47	+ util_fatal("OpenSSL error during RSA private key parsing: %s",
48	+ ERR_error_string(ERR_peek_last_error(), NULL));
49	}
50	#endif
51	RSA_GET_BN(rsa, private_exponent, r_d);
52	--
53	2.30.2
54


diff --git a/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch b/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch deleted file mode 100644 index 165fc316bf..0000000000 --- a/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch +++ /dev/null
@@ -1,54 +0,0 @@
1	CVE: CVE-2023-2977
2	Upstream-Status: Backport [ https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a ]
3	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
4
5
6	From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
7	From: fullwaywang <fullwaywang@tencent.com>
8	Date: Mon, 29 May 2023 10:38:48 +0800
9	Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
10	overrun bug. Fixes #2785
11
12	---
13	src/pkcs15init/pkcs15-cardos.c \| 10 +++++-----
14	1 file changed, 5 insertions(+), 5 deletions(-)
15
16	diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
17	index 9715cf390f..f41f73c349 100644
18	--- a/src/pkcs15init/pkcs15-cardos.c
19	+++ b/src/pkcs15init/pkcs15-cardos.c
20	@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
21	sc_apdu_t apdu;
22	u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
23	int r;
24	- const u8 p = rbuf, q;
25	+ const u8 p = rbuf, q, *pp;
26	size_t len, tlen = 0, ilen = 0;
27
28	sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
29	@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
30	return 0;
31
32	while (len != 0) {
33	- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
34	- if (p == NULL)
35	+ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
36	+ if (pp == NULL)
37	return 0;
38	if (card->type == SC_CARD_TYPE_CARDOS_M4_3) {
39	/* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */
40	/* and Package Number 0x07 */
41	- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
42	+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
43	if (q == NULL \|\| ilen != 4)
44	return 0;
45	if (q[0] == 0x07)
46	@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
47	} else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) {
48	/* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */
49	/* and Package Number 0x02 */
50	- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
51	+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
52	if (q == NULL \|\| ilen != 4)
53	return 0;
54	if (q[0] == 0x02)


diff --git a/meta-oe/recipes-support/opensc/opensc_0.23.0.bb b/meta-oe/recipes-support/opensc/opensc_0.24.0.bb index b3fc1f0458..fd64cf9e85 100644 --- a/meta-oe/recipes-support/opensc/opensc_0.23.0.bb +++ b/meta-oe/recipes-support/opensc/opensc_0.24.0.bb
@@ -12,11 +12,8 @@ LICENSE = "LGPL-2.0-or-later"
12	LIC_FILES_CHKSUM = "file://COPYING;md5=cb8aedd3bced19bd8026d96a8b6876d7"	12	LIC_FILES_CHKSUM = "file://COPYING;md5=cb8aedd3bced19bd8026d96a8b6876d7"
13		13
14	#v0.21.0	14	#v0.21.0
15	SRCREV = "5497519ea6b4af596628f8f8f2f904bacaa3148f"	15	SRCREV = "f15d0c5295f3247ae56bf976cf411fec4b47b6ec"
16	SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \	16	SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \
17	file://0001-pkcs11-tool-Fix-private-key-import.patch \
18	file://0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch \
19	file://CVE-2023-2977.patch \
20	"	17	"
21	DEPENDS = "virtual/libiconv openssl"	18	DEPENDS = "virtual/libiconv openssl"
22		19
@@ -44,6 +41,7 @@ FILES:${PN} += "\
44	${libdir}/pkcs11-spy.so \	41	${libdir}/pkcs11-spy.so \
45	"	42	"
46	FILES:${PN}-dev += "\	43	FILES:${PN}-dev += "\
		44	${libdir}/onepin-opensc-pkcs11.so \
47	${libdir}/pkcs11/opensc-pkcs11.so \	45	${libdir}/pkcs11/opensc-pkcs11.so \
48	${libdir}/pkcs11/onepin-opensc-pkcs11.so \	46	${libdir}/pkcs11/onepin-opensc-pkcs11.so \
49	${libdir}/pkcs11/pkcs11-spy.so \	47	${libdir}/pkcs11/pkcs11-spy.so \