commit f41f1db20f3fe16e613f2a8a4dad9b142e24c2e8
Author: overweight <5324761+overweight@user.noreply.gitee.com>
Date:   Mon Sep 30 10:56:50 2019 -0400

    Package init

diff --git a/libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch b/libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
new file mode 100644
index 0000000..220ba6d
--- /dev/null
+++ b/libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
@@ -0,0 +1,33 @@
+From b2e9360dab74de1ffcb8527610e88b0da87c701e Mon Sep 17 00:00:00 2001
+From: Ondrej Mosnacek <omosnace@redhat.com>
+Date: Mon, 30 Jul 2018 17:17:59 +0200
+Subject: [PATCH] lib: Fix _kcapi_handle_destroy() closing FD 0
+
+The kcapi_handle structure is initialized with zeroes at allocation.
+However, since it contains several file descriptor variables, it may
+happen that _kcapi_handle_destroy() is executed while some of these are
+set to 0, causing an unwanted call to close(0).
+
+This patch prevents it by initializing all FD variables to -1 right
+after handle allocation.
+---
+ lib/kcapi-kernel-if.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c
+index 595ce68..dfa94b4 100644
+--- a/lib/kcapi-kernel-if.c
++++ b/lib/kcapi-kernel-if.c
+@@ -1146,6 +1146,12 @@ int _kcapi_handle_init(struct kcapi_handle **caller, const char *type,
+ 
+ 	handle->tfm = tfm;
+ 
++	/* Initialize all fd vars to -1 to avoid unwanted close(0) */
++	handle->pipes[0] = -1;
++	handle->pipes[1] = -1;
++	handle->opfd = -1;
++	handle->aio.efd = -1;
++
+ 	ret = _kcapi_handle_init_tfm(handle, type, ciphername);
+ 	if (ret)
+ 		goto err;
diff --git a/libkcapi-1.1.5.tar.xz b/libkcapi-1.1.5.tar.xz
new file mode 100644
index 0000000..9720e08
Binary files /dev/null and b/libkcapi-1.1.5.tar.xz differ
diff --git a/libkcapi-1.1.5.tar.xz.asc b/libkcapi-1.1.5.tar.xz.asc
new file mode 100644
index 0000000..62e5d39
--- /dev/null
+++ b/libkcapi-1.1.5.tar.xz.asc
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEzBAABCAAdFiEEO8xD1NLIfReEtp7kQh7pNjJqwVsFAl1BSvEACgkQQh7pNjJq
+wVtOogf/UzYn7DUB4x0QQxODtaVbXrZ5FfFWDpKJxCVXWI64VK1kF6SSm+qD305h
+Dj0lA7+TpIKhwKlc4kofaLjW/yeUPEoZCBjFSTeLc+A/7XP5m1Xqnz6fuH2lZwRK
+o1p8ICPj9bOW9rj2K59pdHVTdXW1fj5sJOi25n9fLf5PcaPMxoawHG4l18tp7qNd
+XXrqcfeSe+IF3Z4MJQee4lnsQE37wOJC8lanNDMXs7XZJ4RGUrJWfMWzVhVbh+D4
+n6Ow6H0ZaJDUksSh6faKBwAlo+c9J2CRe80+EIiAcYCKzQOH6ylnhdU1qKVD/kNK
+7XMwTY3intV9FP3mhM/RPSLSOw7NLA==
+=UN86
+-----END PGP SIGNATURE-----
diff --git a/libkcapi.spec b/libkcapi.spec
new file mode 100644
index 0000000..1e07c3c
--- /dev/null
+++ b/libkcapi.spec
@@ -0,0 +1,183 @@
+%global sysctl_prio       50
+%global sysctl_optmem_max 81920
+%global distroname_ext    %{_vendor}
+
+Name:           libkcapi
+Version:        1.1.5
+Release:        1
+Summary:        libkcapi - Linux Kernel Crypto API User Space Interface Library
+
+License:        BSD or GPLv2
+URL:            http://www.chronox.de/%{name}.html
+Source0:        http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz
+Source1:        http://www.chronox.de/%{name}/%{name}-%{version}.tar.xz.asc
+
+Patch0:       libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
+
+BuildRequires:  clang coreutils cppcheck docbook-utils-pdf gcc git hardlink
+BuildRequires:  libtool openssl perl systemd xmlto  kernel-headers >= 4.10.0
+
+Requires:       systemd
+
+Obsoletes:      %{name}-replacements <= %{version}-%{release}
+
+Obsoletes:      %{name}-tools
+Provides:       %{name}-tools
+
+%description
+The Linux kernel exports a Netlink interface of type AF_ALG to allow user space to utilize the kernel crypto API.
+libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.
+The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing.
+Results from the kernel crypto API are returned to the consumer via the library API.
+
+%package        devel
+Summary:        Development files for the %{name} package
+Requires:       %{name} == %{version}-%{release}
+Requires:       coreutils
+Requires:       openssl
+Requires:       perl
+
+Obsoletes:      hmaccalc          <= 0.9.14-10
+Provides:       hmaccalc          == 0.9.14-10.1
+
+Obsoletes:      %{name}-hmaccalc
+Provides:       %{name}-hmaccalc
+
+Obsoletes:      %{name}-static
+Provides:       %{name}-static
+
+Obsoletes:      %{name}-tests
+Provides:       %{name}-tests
+
+%description    devel
+Header files for applications that use %{name}.
+
+%package_help
+
+%prep
+%autosetup -p 1 -S git
+
+cat << EOF > README.%{distroname_ext}
+This package increases the default limit of the ancillary buffer size
+per kernel socket defined in \`net.core.optmem_max\` to %{sysctl_optmem_max} bytes.
+
+For this preset to become active it requires a reboot after the
+installation of this package.  You can also manually increase this
+limit by invocing \`sysctl net.core.optmem_max=%{sysctl_optmem_max}\` as the
+super-user, e.g. using \`su\` or \`sudo\` on the terminal.
+
+This is done to provide consumers of the new Linux Kernel Crypto API
+User Space Interface a well sufficient and reasonable maximum limit
+by default, especially when using AIO with a larger amount of IOVECs.
+
+For further information about the AF_ALG kernel socket and AIO, see
+the discussion at the kernel-crypto mailing-list:
+https://www.mail-archive.com/linux-crypto@vger.kernel.org/msg30417.html
+
+See the instructions given in '%{_sysctldir}/50-default.conf',
+if you need or want to override the preset made by this package.
+EOF
+
+cat << EOF > %{sysctl_prio}-%{name}-optmem_max.conf
+# See the 'README.%{distroname_ext}' file shipped in %%doc
+# with the %{name} package.
+#
+# See '%{_sysctldir}/50-default.conf',
+# if you need or want to override this preset.
+
+# Increase the ancillary buffer size per socket.
+net.core.optmem_max = %{sysctl_optmem_max}
+EOF
+
+%{_bindir}/autoreconf -fiv
+
+
+%build
+%configure               \
+  --libdir=/%{_lib}      \
+  --disable-silent-rules \
+  --enable-kcapi-encapp  \
+  --enable-kcapi-dgstapp \
+  --enable-kcapi-hasher  \
+  --enable-kcapi-rngapp  \
+  --enable-kcapi-speed   \
+  --enable-kcapi-test    \
+  --enable-shared        \
+  --enable-static        \
+  --enable-sum-prefix=   \
+  --enable-sum-dir=/%{_lib} \
+  --with-pkgconfigdir=%{_libdir}/pkgconfig
+%make_build all doc
+
+
+%install
+%make_install
+
+# Install sysctl.d preset.
+mkdir -p %{buildroot}%{_sysctldir}
+install -Dpm 0644 -t %{buildroot}%{_sysctldir} %{sysctl_prio}-%{name}-optmem_max.conf
+
+# Install into proper location for inclusion by %%doc.
+mkdir -p %{buildroot}%{_pkgdocdir}
+install -Dpm 0644 -t %{buildroot}%{_pkgdocdir} README.%{distroname_ext}  README.md CHANGES.md TODO doc/%{name}.p{df,s}
+cp -pr lib/doc/html %{buildroot}%{_pkgdocdir}
+
+# Install replacement tools, if enabled.
+rm -f %{buildroot}%{_bindir}/md5sum       \
+      %{buildroot}%{_bindir}/sha*sum      \
+      %{buildroot}%{_bindir}/fips*
+
+find %{buildroot} -type f -name '*.la' -print -delete
+find %{buildroot} -type f -name '*.hmac' -print -delete
+find %{buildroot} -type f -size 0 -print -delete
+find %{buildroot}%{_pkgdocdir} -type f -print | xargs %{__chmod} -c 0644
+find %{buildroot}%{_pkgdocdir} -type d -print | xargs %{__chmod} -c 0755
+
+for d in %{_mandir} %{_pkgdocdir}; do
+  %{_sbindir}/hardlink -cfv %{buildroot}$d
+done
+
+%ldconfig_scriptlets
+
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha1hmac   | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha1hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha224hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha224hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha256hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha256hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha384hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha384hmac.hmac
+bin/kcapi-hasher -n sha512hmac %{buildroot}%{_bindir}/sha512hmac | cut -f 1 -d ' ' > %{buildroot}/%{_lib}/hmaccalc/sha512hmac.hmac
+
+%{_sbindir}/hardlink -cfv %{buildroot}%{_bindir}
+bin/kcapi-hasher -n fipshmac -d %{buildroot}/%{_lib}/fipscheck   %{buildroot}/%{_lib}/libkcapi.so.%{version} || exit 1
+ln -s libkcapi.so.%{version}.hmac    %{buildroot}/%{_lib}/fipscheck/libkcapi.so.1.hmac
+
+%check
+
+%files
+%doc %dir %{_pkgdocdir}
+%doc %{_pkgdocdir}/README.md
+%license COPYING*
+/%{_lib}/%{name}.so.*
+/%{_lib}/fipscheck/%{name}.so.*
+%doc %{_pkgdocdir}/README.%{distroname_ext}
+%{_sysctldir}/%{sysctl_prio}-%{name}-optmem_max.conf
+%{_bindir}/kcapi*
+
+
+%files          devel
+%doc %{_pkgdocdir}/CHANGES.md
+%doc %{_pkgdocdir}/TODO
+%{_includedir}/kcapi.h
+/%{_lib}/%{name}.so
+%{_libdir}/pkgconfig/%{name}.pc
+%{_bindir}/sha*hmac
+/%{_lib}/hmaccalc/sha*hmac.hmac
+/%{_lib}/%{name}.a
+%{_libexecdir}/%{name}/*
+
+%files          help
+%doc %{_pkgdocdir}
+%{_mandir}/man1/kcapi*.1.*
+%{_mandir}/man3/kcapi_*.3.*
+
+%changelog
+* Tue Sep 3 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.1.5-1
+- Package init