From 0f1cfa4917759c3652143cf797b9045a9a2aacfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Wed, 7 Jun 2023 09:22:43 +0200 Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 tpm2-tss-engine revision 551379753a32e49f216bd07ee877d619 --- .gitattributes | 23 +++++ tpm2-tss-engine-1.2.0.tar.gz | 3 + tpm2-tss-engine-1.2.0.tar.gz.asc | 16 +++ tpm2-tss-engine.changes | 164 +++++++++++++++++++++++++++++++ tpm2-tss-engine.spec | 108 ++++++++++++++++++++ 5 files changed, 314 insertions(+) create mode 100644 .gitattributes create mode 100644 tpm2-tss-engine-1.2.0.tar.gz create mode 100644 tpm2-tss-engine-1.2.0.tar.gz.asc create mode 100644 tpm2-tss-engine.changes create mode 100644 tpm2-tss-engine.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/tpm2-tss-engine-1.2.0.tar.gz b/tpm2-tss-engine-1.2.0.tar.gz new file mode 100644 index 0000000..7901497 --- /dev/null +++ b/tpm2-tss-engine-1.2.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3c94fef110dd3630b3c28c5875febba76b7d5ba2fcc04a14c4a30f5d2157c265 +size 410605 diff --git a/tpm2-tss-engine-1.2.0.tar.gz.asc b/tpm2-tss-engine-1.2.0.tar.gz.asc new file mode 100644 index 0000000..ae6906f --- /dev/null +++ b/tpm2-tss-engine-1.2.0.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEW0grjj4Z2nyXjh0BbeLpB44fUMEFAmO8LTMACgkQbeLpB44f +UMGAgxAAzvCC2pGeHaYCnHIWVEBNwVgyBuTH2S2tfnvYbMMbEpi3MEaHP/aOhlLD +WtYK1OQiWs1CSzNVLTf5dHfrBUyAQlOYprOzxSizpExBlU55JIE7CS6W6pGn7hDC +XjGz4yGbZuj/Z7JBMW8cjgJCsmDW6ENRl4WhfBq0GpRqtE9WmH6AcjSS4f8BnvvC +UWLFD3XKkbShDL28k5jspLKtkY1MfNgl+8YwWDsS5Ako7+mEPuUq7mzEQSy70ol8 +gnrXixFYGmbA9Zo4x/+FZ/iaHAvhbA6+9ekzGSLFaZic2AdsumUrSHJ+8F7jgiml +uk6orfcim8k6abrBFetlzlq3pEwJhJbRSienyIDaRhCvuFP5x1/YA+dPC5vak6S/ +QcwFy9O0AXpvnDDR3pv7zIiWmjFctTJtne7UrwtcK0/m8Wmg/LKJIGcGNWGn4/9c +/I6D3P8G5Il7l1oGMDDPKec3/re3aQxBQklTKcvKkCv0TfyqnFAgn6PHXRZABlrm +aCRnwy39pvlu6nL0dW49J/9FaoMqK8fqiioL+PSlwnbDL1oMDZCQckNiITWjq9nN +4VC5/igDKuecjUZZYIJTh1mOz7frAHTWrA857nmDu3HJxZlyFVd1IgMUKGvKiTQ7 +PWddzbYs8it+zp3xs3PoQEg9QOdPFnR7XGSfJMv4auEa2YUDwJo= +=u5BH +-----END PGP SIGNATURE----- diff --git a/tpm2-tss-engine.changes b/tpm2-tss-engine.changes new file mode 100644 index 0000000..6ceac6e --- /dev/null +++ b/tpm2-tss-engine.changes @@ -0,0 +1,164 @@ +------------------------------------------------------------------- +Thu Jun 1 13:10:48 UTC 2023 - Frederic Crozat + +- Fix download url and add gpg signature for tarball. + +------------------------------------------------------------------- +Mon Feb 6 14:18:15 UTC 2023 - Pedro Monreal + +- Update to upstream version 1.2.0: + * Fixed: + - Updated minimal version of tpm2-tss to 2.4.x + - Fix encoding of emptyauth + - Fix some memory leaks + - Parent handle issues with signed representation by switching + parent handle to BIGNUM. + - Fixed RSA_NO_PADDING modes with OpenSSL 1.1.1 + - Fixed autogen (bootstrap) call from release package by + embedding VERSION file. + * Added: + - Use of restricted keys for signing + - StirRandom + - Run tests using swtpm + - The ability to import key blobs from things like the + tpm2-tools project. + - Compatibility with openssl >=1.1.x + - Support for ECDH + - QNX support. + - Only set -Werror for non-release builds. + - Additional checks on TPM responses + - CODE_OF_CONDUCT + - SECURITY reporting instructions + +------------------------------------------------------------------- +Wed Mar 3 12:29:05 UTC 2021 - Matthias Gerstner + +- pass --disable-defaultflags to avoid breakage of our gcc-PIE profile (-> + resulted in non-position-independent executable) (bsc#1183895). + +------------------------------------------------------------------- +Wed Mar 3 11:51:40 UTC 2021 - Matthias Gerstner + +- Update to upstream version 1.1.0: + * Added: + - Configure option for ptpm tests + - Configure script AX_CHECK_ENABLE_DEBUG + - Option for setting tcti on executable + - TCTI-env variable used by default + - Support for parent key passwords + - openssl.cnf sample file + * Changed: + - Fix several build system, autotools and testing related issues + Now adhere to CFLAGS conventions + - Include pkg-config dependecy on libtss2-mu in order to work with tpm2-tss 2.3 + - Enables parallel testing of integration tests: + Make integration tests use TPM simulator; instead of first TPM it finds + Use of different port numbers for TCP based tests + - Fix EC param info (using named curve format) + - Use tpm2-tools 4.X stable branch for integration tests + - Use libtss2-tctildr.so instead of custom code for tcti setup + - Fix manpages for -P/--parent option and correct engine name + - Fix TCTI env variable handling + - Set parent handle to OWNER + +------------------------------------------------------------------- +Thu Apr 23 08:30:46 UTC 2020 - matthias.gerstner@suse.com + +- remove conditional pandoc BuildRequires for openSUSE. Nothing much is gained + from rebuilding the man pages. This shall help synchronizing SLE and + openSUSE package builds. (jsc#SLE-12137). + +------------------------------------------------------------------- +Fri Jan 10 11:12:19 UTC 2020 - matthias.gerstner@suse.com + +- remove the _service file as requested in declined OBS sr#762653. + download_files seems to work also without the _service file. + +------------------------------------------------------------------- +Fri Jan 10 09:57:10 UTC 2020 - Matthias Gerstner + +- switch the _service approach from using tar_scm to using download_files. We + need to use the actual release tarball which contains the generated man + pages. The reason is that on SLE we can't generate the man pages using + pandoc, since pandoc is not available on SLE. +- for the same reason make the pandoc BuildRequires conditional for openSUSE + vs. SLE. + +------------------------------------------------------------------- +Tue Jan 07 10:15:39 UTC 2020 - matthias.gerstner@suse.com + +- Update to stable upstream version v1.0.1: + * Release v1.0.1 + * test: use tpm2-tools 3.X + * Tests: Fix for latest tools + * Tests: Use long parameters for tpm2-tools + * test: migrate tpm2_create option from -A to -b + * build: link against tss2-mu + * Release v1.0.0 + * Release v1.0.0-rc3 + * Docu: Update Install.md + * Updates for 1.0.0-rc2 + * TESTS: Add test for client auth + * Bump required version of tpm2-tss to >=2.2.2 + * Build: Bump required tpm2-tss to 2.2 + * Update for v1.0.0-rc1 + * Dead code removal +- This fixes the build against tpm2-0-tss version >= 2.3 (bsc#1160123) + +------------------------------------------------------------------- +Fri Dec 20 13:19:08 UTC 2019 - matthias.gerstner@suse.com + +- move *.so files into the main package, not -devel. libtpm2tss.so is actually + the engine library itself, not a symlink. It's needed to actually use the + package. tpm2tss.so is probably a (backwards) compatiblity symlink. Both are + not intended for linking and therefore not suitable for the -devel package. + +------------------------------------------------------------------- +Sun Mar 03 18:01:10 UTC 2019 - jsikes@suse.de + +- Update to version 0+git20190222.cef2c43: + * build: install existing man pages even if pandoc is not available + * Updated organizational files in preparation for release + * Add configure switch for unit and integration tests + * Silence clang warning on field initializers + * Fix parallel connections to TPM. + * Fix segfault on non-null auth'd persistent keys. + * Update tests to also run on physical TPMs + * build: install aclocal files + * build: update for ax_code_coverage.m4 version 2019.01.06 + * ECDSA truncation and s_server test + +------------------------------------------------------------------- +Thu Jan 31 22:46:46 UTC 2019 - Jason Sikes + +- Now tpm2-tss-engine-bash-completion auto-installs only when bash-completion + is present. +- Changed author of comment dated "Wed Jan 23 04:39:01 UTC 2019" from + opensuse-packaging@opensuse.org to me. + +------------------------------------------------------------------- +Wed Jan 23 20:15:01 UTC 2019 - Jan Engelhardt + +- Build bash-completion as noarch. + +------------------------------------------------------------------- +Wed Jan 23 04:39:01 UTC 2019 - Jason Sikes + +- Update to version 0+git20190115.6cfaeb7: + * Initialize/Finalize TCTI based on opts + * init_tpm_parent: use ESYS_AUXCONTEXT as 1st argument + * init_tpm_key: use ESYS_AUXCONTEXT as 1st argument + * tpm2-tss-engine-ecc.c: use ESYS_AUXCONTEXT + * tpm2-tss-engine-rsa.c: use ESYS_AUXCONTEXT + * tpm2-tss-engine-rand.c: use ESYS_AUXCONTEXT + * tpm2tss_tpm2data_readtpm: use ESYS_AUXCONTEXT + * tpm2-tss-engine-common.(c/h): Add ESYS_AUXCONTEXT + * Set TCTI option through an environment variable + * Add new engine control to set the TCTI option + +------------------------------------------------------------------- +Mon Dec 24 02:08:33 UTC 2018 - Jason Sikes + +- Initial import + * version 0.0+git20181128.c9061a7 + * FATE 325619 diff --git a/tpm2-tss-engine.spec b/tpm2-tss-engine.spec new file mode 100644 index 0000000..1eb3026 --- /dev/null +++ b/tpm2-tss-engine.spec @@ -0,0 +1,108 @@ +# +# spec file for package tpm2-tss-engine +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define _bashcompletionsdir %{_datadir}/bash-completion/completions +# The directory where crypto engines are located is owned by the libcrypto package. +# Find out where that is. +%define _ENGINE_DIR %(pkg-config --variable=enginesdir libcrypto) +Name: tpm2-tss-engine +Version: 1.2.0 +Release: 0 +Summary: OpenSSL Engine for TPM2 devices +License: BSD-3-Clause +Group: Productivity/Security +URL: https://github.com/tpm2-software +Source0: %{url}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz +Source1: %{url}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz.asc +BuildRequires: autoconf-archive +BuildRequires: libgcrypt-devel +BuildRequires: libtool +BuildRequires: pkgconfig +BuildRequires: tpm2-0-tss-devel +BuildRequires: pkgconfig(libcrypto) + +%description +The tpm2-tss-engine project implements a cryptographic engine for OpenSSL for +Trusted Platform Module (TPM 2.0) using the tpm2-tss software stack that follows +the Trusted Computing Groups (TCG) TPM Software Stack (TSS 2.0). It uses the +Enhanced System API (ESAPI) interface of the TSS 2.0 for downwards communication. +It supports RSA decryption and signatures as well as ECDSA signatures. + +%package bash-completion +Summary: Bash completion for tpm2-tss-engine +Group: System/Shells +Requires: %{name} = %{version} +Requires: bash-completion +Supplements: packageand(bash-completion:%{name}) +BuildArch: noarch + +%description bash-completion +Optional dependency offering bash completion for the tpm2-tss-engine project. + +%package devel +Summary: Devel files for %{name} +Group: Development/Libraries/C and C++ +Requires: %{name} = %{version} + +%description devel +Development files for tpm2-tss-engine, an OpenSSL engine for TPM2 devices. + +The tpm2-tss-engine project implements a cryptographic engine for OpenSSL for +Trusted Platform Module (TPM 2.0) using the tpm2-tss software stack that follows +the Trusted Computing Groups (TCG) TPM Software Stack (TSS 2.0). It uses the +Enhanced System API (ESAPI) interface of the TSS 2.0 for downwards communication. +It supports RSA decryption and signatures as well as ECDSA signatures. + +%prep +%setup -q + +%build + +autoreconf -fvi +%configure --with-enginesdir=%{_ENGINE_DIR} --disable-static --disable-defaultflags +make V=1 %{?_smp_mflags} + +%install +%make_install bash_completiondir=%{_bashcompletionsdir} +rm %{buildroot}/%{_ENGINE_DIR}/libtpm2tss.la + +%files +%doc CHANGELOG.md CONTRIBUTING.md INSTALL.md README.md +%license LICENSE +%{_bindir}/tpm2tss-genkey +%{_mandir}/man1/tpm2tss-genkey.1%{?ext_man} +%{_mandir}/man3/tpm2tss_ecc_genkey.3%{?ext_man} +%{_mandir}/man3/tpm2tss_ecc_getappdata.3%{?ext_man} +%{_mandir}/man3/tpm2tss_ecc_makekey.3%{?ext_man} +%{_mandir}/man3/tpm2tss_ecc_setappdata.3%{?ext_man} +%{_mandir}/man3/tpm2tss_rsa_genkey.3%{?ext_man} +%{_mandir}/man3/tpm2tss_rsa_makekey.3%{?ext_man} +%{_mandir}/man3/tpm2tss_tpm2data_read.3%{?ext_man} +%{_mandir}/man3/tpm2tss_tpm2data_write.3%{?ext_man} +%{_ENGINE_DIR}/libtpm2tss.so +%{_ENGINE_DIR}/tpm2tss.so + +%files bash-completion +%dir %{_datadir}/bash-completion +%dir %{_datadir}/bash-completion/completions +%{_bashcompletionsdir}/tpm2tss-genkey + +%files devel +%{_includedir}/tpm2-tss-engine.h + +%changelog