- Update to 1.3.0:
* Added support for RSA-OAEP decryption.
* Added 'xof' and 'algid-absent' parameters to digests.
* Added Parent to textual information printed by 'openssl pkey -text'.
* Fixed multi-threaded operation, preventing the 'Esys called in bad
sequence' errors (thanks to @Danigaralfo, @famez, and @AndreasFuchsTPM).
* Fixed retrieval of OSSL_PKEY_PARAM_MAX_SIZE for RSA keys. The exact value
is returned instead of a fixed TPM2_MAX_RSA_KEY_BYTES.
* Fixed handling of absent emptyAuth value in the TSS2 PRIVATE KEY file.
* Set authorization value of newly generated keys. This allows users of the C
API to direcly use just generated EVP_PKEY.
- Add tpm2-openssl.keyring
- Don't install libtool archives
OBS-URL: https://build.opensuse.org/package/show/security/tpm2-openssl?expand=0&rev=5
This commit is contained in:
William Brown
Git OBS Bridge
commit
82948c4cb7
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
||||
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.osc
|
||||
3
tpm2-openssl-1.2.0.tar.gz
Normal file
3
tpm2-openssl-1.2.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:2ee15da2dceae1466ffba868e75a00b119d752babc1b6a2792286336a3324fb0
|
||||
size 424967
|
||||
14
tpm2-openssl-1.2.0.tar.gz.asc
Normal file
14
tpm2-openssl-1.2.0.tar.gz.asc
Normal file
@ -0,0 +1,14 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQGzBAABCAAdFiEEtyAf6AMbB68R9UI8YynPy2vm/XYFAmUqV6AACgkQYynPy2vm
|
||||
/XaVMwv/Ytg3IjyniOdu4s3ct3E+Mj6ahw5KedqlOh4tSFFkHqRvwsVYDjBOeByM
|
||||
i1F0FsngJWh4gSrUTeUrpsFYwL6NUKV8TDHQoO1bJUfwZSFQCPRBatk8XM3eGVlo
|
||||
x3J1VTn59DHlqhaAtGtCuq18Dk9PfBYSgveuPPQHc3AybRKHu+7BVdmNqt8l17oG
|
||||
k9yXFxspKI0WW/arnR0lBJ2iIblaNSqdUfThPHYnjqjX6nJckW9uwPTozwqNMJUV
|
||||
L1xTaqw5ymh3AiVFbNcHFqyWS5TPV6PCfzXLVFMVlXCdSWt4n1KT/fN8EsAVN9VS
|
||||
Om8kOzhyqdxpXqHwfjycfpj1jr1LLzJzvAd6ZP8bgULLxO61GZuljtP0hkMNpk1J
|
||||
BjwzdW0W+NYWjlulZ6WRFDr/X+ejlJfyNxdJ8o/iPAezv45xmPwC66x62VJCEGkH
|
||||
lMakTYlavwbpbjmSqFi3LDCQ/pYn4IIljaq2y1KzBu2hrIZ2yl1YU28atNLl+lpr
|
||||
SOV/3zvk
|
||||
=GGPd
|
||||
-----END PGP SIGNATURE-----
|
||||
3
tpm2-openssl-1.3.0.tar.gz
Normal file
3
tpm2-openssl-1.3.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:9a9aca55d4265ec501bcf9c56d21d6ca18dba902553f21c888fe725b42ea9964
|
||||
size 432730
|
||||
14
tpm2-openssl-1.3.0.tar.gz.asc
Normal file
14
tpm2-openssl-1.3.0.tar.gz.asc
Normal file
@ -0,0 +1,14 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQGzBAABCAAdFiEEtyAf6AMbB68R9UI8YynPy2vm/XYFAmeVSl0ACgkQYynPy2vm
|
||||
/XY6RgwAmIM24BlYcEm+my2KmbI5W33MSnP7SAotuZSuGUuDePBHEhxuWDmUhZ4D
|
||||
upF18sMqdWXM4nYoPFEv8WSQwwXUx5hE6bYslUE6knC9UV+xDBXMjVrIMmqGegwJ
|
||||
t0Qg/uEAGyxZTR7f4uAw0mk56/rrUEEWArlURElgP5wbaOSj8K3Bu4Lpllq3qCGW
|
||||
s/o3X+vI5SYXL2XwII/+RhNlssPmg2U5Q6cVhX04yOGPq+TW4ndg1w0bA6aXuROv
|
||||
uy/R7cdGhrqWEFGkrsMSNN7to/uSYqlmiAhO46AHD5eJTAs9ocLBepexezAO30nw
|
||||
PRyGoM2qA+8cYX/jKg/Xr7ucHE2fQv1Fr+sC0s7XvWqLSzN+2RLCeQqXc5Iq+ImN
|
||||
acELaLddKDwUEgg+demMPr/LZaVjZDfj+jkPejyzVCIhTTvvFOlINdkbNzW9g20f
|
||||
M6j+yHXWBlTNqELjSUqISglsbAULDv9GZZ1+GKzSNcDDZFv7fLQHkK92/qf+Uw3v
|
||||
uPMrYER/
|
||||
=tAaR
|
||||
-----END PGP SIGNATURE-----
|
||||
55
tpm2-openssl.changes
Normal file
55
tpm2-openssl.changes
Normal file
@ -0,0 +1,55 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 29 18:09:54 UTC 2025 - Lucas Mulling <lucas.mulling@suse.com>
|
||||
|
||||
- Update to 1.3.0:
|
||||
* Added support for RSA-OAEP decryption.
|
||||
* Added 'xof' and 'algid-absent' parameters to digests.
|
||||
* Added Parent to textual information printed by 'openssl pkey -text'.
|
||||
* Fixed multi-threaded operation, preventing the 'Esys called in bad
|
||||
sequence' errors (thanks to @Danigaralfo, @famez, and @AndreasFuchsTPM).
|
||||
* Fixed retrieval of OSSL_PKEY_PARAM_MAX_SIZE for RSA keys. The exact value
|
||||
is returned instead of a fixed TPM2_MAX_RSA_KEY_BYTES.
|
||||
* Fixed handling of absent emptyAuth value in the TSS2 PRIVATE KEY file.
|
||||
* Set authorization value of newly generated keys. This allows users of the C
|
||||
API to direcly use just generated EVP_PKEY.
|
||||
- Add tpm2-openssl.keyring
|
||||
- Don't install libtool archives
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 17 23:58:21 UTC 2023 - William Brown <william.brown@suse.com>
|
||||
|
||||
## Added
|
||||
* Added support for ECDH with a KDF, which is used by ECC-based CMS (S/MIME).
|
||||
* Added retrieval of OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY for EC keys and retrieval
|
||||
of TLS-GROUP provider capabilities to enable mTLS authentication (thanks to @rshearman).
|
||||
* Added mTLS example to documentation (thanks to @hoinmic).
|
||||
* Added missing RAND parameters: 'state' and 'strength' (thanks to @mccarey).
|
||||
* Added ability to run tests in a container (thanks to @afreof).
|
||||
* Added Visual Studio properties to simplify the Windows build (thanks to @philippun1).
|
||||
|
||||
## Changed
|
||||
|
||||
* Symmetric operations are disabled by default. In most situations these are not needed and
|
||||
cause a huge performance penalty. To enable, configure with --enable-op-digest or
|
||||
--enable-op-cipher.
|
||||
|
||||
## Removed
|
||||
|
||||
* Removed unofficial support for tpm2-tss < 3.2.0, which do not support the openssl 3.x.
|
||||
|
||||
## Fixed
|
||||
|
||||
* Fixed key export: the private keys are not exportable, which shall fix some TPM-based sign
|
||||
operations (thanks to @fhars).
|
||||
* Fixed handle related operations on 32b machines (thanks to @dezgeg).
|
||||
* Fixed OSSL_FUNC_KEYMGMT_HAS operations with NULL keys.
|
||||
* Fixed a heap exception on some machines (thanks to @philippun1).
|
||||
* Fixed build warnings when building on the Fedora Linux.
|
||||
* In documentation and tests applied a correct order of providers (thanks to @hoinmic).
|
||||
* Modified documentation: the user-space resource manager (abrmd) is almost mandatory for complex
|
||||
scenarios such as SSL or X.509 operations.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 5 05:29:23 UTC 2023 - William Brown <william.brown@suse.com>
|
||||
|
||||
- Initial commit of tpm2-openssl
|
||||
62
tpm2-openssl.keyring
Normal file
62
tpm2-openssl.keyring
Normal file
@ -0,0 +1,62 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: Hockeypuck 2.2
|
||||
Comment: Hostname:
|
||||
|
||||
xsDNBF7ubLoBDADAzSEkXjzTw9gpCt7twE2ppMmQMVfDO3Reci42NLTSlf13xD8O
|
||||
CUK/HK5lpxQ7ypORxppEpu71oUC/7fgDAOziiDwtIUSE9r1xvrp9tqT1gcz9ZzoD
|
||||
+Vfn9mJXeAFHTGQ36ar/C5Ey1xc3Bd1C2qJnyXbzcsiUFT5p9DKMe4V2Mi83MRJR
|
||||
SmGm8jPZEowFhzc0IzRIvwZzEMn1DQKL1KqCBN4bXb/YXRwVt9fy2fmmA3UJH8tw
|
||||
io8UZFyZMFLacTDD8HyluWFdhJU54NoBphkS6cdHadvYY/+VXtBwB0xJBKgVL1Jb
|
||||
6C0/+ENZKRSM8YLhidMGl7gfeStyd+BhgnefSJgk/n8vavQ45cf0AlZwAqmf6RWp
|
||||
SI6kO89GpN+xiIhGeenzqCmn9jO2lwoRgR9o6cCmWBbdP0vgpQD3aC4nkqSEVtvc
|
||||
qWDHiwxcXJwSRq5Eo3oAmSCnIfFVTD5Tqh2cz09Kku9UoSu3TFqCa+RC5ccydi5x
|
||||
Rx/KD27GD4voFF0AEQEAAc0oUGV0ciBHb3R0aGFyZCA8cGV0ci5nb3R0aGFyZEBj
|
||||
ZW50cnVtLmN6PsLBFAQTAQoAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYh
|
||||
BLcgH+gDGwevEfVCPGMpz8tr5v12BQJlKaxABQkJ/aaGAAoJEGMpz8tr5v12TB8L
|
||||
/jcjUVsP7N9lwJ7RdmPLJB3qdruN95spgy8/DKrneYtG5qw6Q7jRuB/tkaS8utcu
|
||||
T2ycjtinTAER3EmW+QIPX3Ym1s+wkse7pZKS7ltlktQ8/hHxel9OXtXzQJJ0JwfO
|
||||
fkv787S0/g0gfIC8BiV54ZY4rHhx4h2G0OzXadZbx8dnpP4lrxDFB8PJqi6vqbX7
|
||||
9e6u9HlZkoGdTUbXexh9V9dXGBJdCrBtH0TlfQodnS8Wo3GWBJjj7W09o9EeWkgx
|
||||
lv9cUOlSyFT3DjtFG6nyO4aqpZn1Ap24h/1JEvjlg6TUXxDelZ3D5eNW3hHg6Rl2
|
||||
DWypkbRYQ9IS5IYGcBwFgWowdTwcNsbNgBOpgQo12K6VB+Gap5PuP1GwH0+7cWfy
|
||||
7NdrMYc7eJCVy274HxZAohlk3pI0ZHEDU/i0Xx0vmZkJgOUalOVzV44/2A4Y67jF
|
||||
VD0T8JQ+4MdnbyT6cH45DKe16mX0VLyGdxppKj3ytoLFMc3Bj5IxXOcjibHaKSxW
|
||||
9cLBFAQTAQoAPgIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBLcgH+gDGwev
|
||||
EfVCPGMpz8tr5v12BQJjLamoBQkGIHBuAAoJEGMpz8tr5v12c1EL/2qz7fgkxne7
|
||||
aif0z0JRrM18SyTsxxdPk/EhvejQzz0cag0mRx2IX+OgzKrPjLR+3Jgfk3cedJUX
|
||||
dAcR5YrvrLB1hoTaZ/xJTXL1IowkvTHNhSA01+vdn7YrxsKRqec+Wz2LufGFTiC4
|
||||
RCWdpRYDUBfNk+cUDJIGiPAVqYPK+e81XBtOJRrhOjbt1rkKed8DmF+rUvRG/2fl
|
||||
+I09x+fo2CB0AjUNgSVwFKwZ0TiY3o2cwatGZz8z2LWEIhhWPPoq1XTuMkzYlVO0
|
||||
oEBYTYXJq2c8gWNSnvfSW3k65Rd5c2C9NfbiREY4xz+BLEYhVYToJ1jOyPrOnpBs
|
||||
Q7BKEYEKioYE/fwrwXB3GZuQUu2SQtECWqYJMglGjO4AwNcImKQYiaqIoiZb6ayP
|
||||
zUqPTF++rVh8zx1U7DEa5TSJr3vLapGWNpCFINE6XVQw93c+XG0iBi0lk2pmDyLZ
|
||||
5YlNy+Kp1PuaEDbveSeFnmDD1JvA/Zr1Ugu/8SAQBVoNbDV6T8EwNM7AzQRe7my6
|
||||
AQwApvVaHIuxFTCxnbDPVY8s+UftniL1Bkp4QhstEGcbFQ6NJW06DCDARYbX8bZu
|
||||
g0tFNweD6Hrh/2GqpTc+u2wPRipt2WsKPivrJIEAXvxTtGaLXp/FGWVrXq+5eyFx
|
||||
YY/ldhparbs7HeppLCphZ5Q6dtwcu1o768LcNCK/tm6sUIPxBbZ1Qaczgrhka+8t
|
||||
KS9PDesJ6QGF3Khz3fLk6b2MjiUL9eAhMi7451aD8fTFh3LpBC0u3exw9qxObgap
|
||||
RFDbwie4lUZfInCP5ErdMBik4p41R0sNM8XSqXkYdAdeEx0ixSI0DlfJKEmHvwpx
|
||||
Ah3s/5ugaU+JAsaPdJZJlfJ18Or10SSUvqZV9URhvPJd5db/JstO/iIN7ofpV1mG
|
||||
KETNu+GLCpOX5+IF0f+esAFCO8s1LaUB4espPhpkouGCE1qa+Vgvy7jLCHCCJrBs
|
||||
nZ+LrLKfnizsqu+xqYAySZARI30IIVDJ2S6j5Nfnh9/IGz0tCy3dZhQK/05WjP5h
|
||||
b+p5ABEBAAHCwPwEGAEKACYCGwwWIQS3IB/oAxsHrxH1QjxjKc/La+b9dgUCZSmt
|
||||
qgUJCf2n8AAKCRBjKc/La+b9drW8DACE+Aoc6A3ckw3616CAHCkgvPWXEm1mxFJA
|
||||
RaMxD1529k9N2eBvJqVHkB0dDYrMvczKKzGQRLPr/7AWSx1cSxQiYqnMUFkz9Hjp
|
||||
s3RNARoaU7ENHCmSWR/DQpijYPxNeQC5TTXNTojEVNkzKGJYK1bi4lvAaW2eIoVl
|
||||
jfZny+92wiCUKtwLq4+4BgnTuuYkOsGTUQ5nEqxnlrLU7BhLUg4cYfy7345ykEdw
|
||||
8f2ddazVXQjuhuYazJk/buuTX/fXrw0O6mmJEp44ZcFWtlTPOsGnVlcxy3qtBfuD
|
||||
RJVT4vq5jIbTCkGyM6sS6EdVg8iy3R5+wLwkYaLLZOUH4iUtExMoU0H4euKZ/d9f
|
||||
+Ae51w6hV25ZnuNMlWz4/4+GltDvVZHtE+2MyXlzvNynh/+7wjMPP49TBnxy+IpF
|
||||
rh3Q1BnN6UKyaQW0bFClXt4Z0B+tIrItSy+kAMz04jGVkTLEuhE5TPgQMLwhOFqw
|
||||
8BXDx/AhoQhF6TslsbjUyJU3cxkVpevCwPwEGAEKACYCGwwWIQS3IB/oAxsHrxH1
|
||||
QjxjKc/La+b9dgUCYy2p0wUJBiBwmQAKCRBjKc/La+b9dsp2DACMszdYmVTOyhWE
|
||||
YYBMdp3LrAp15UkHOjIuxouNiuOxnB29RKupy4uc7PH12alUEx+6GM7VDo88Dmgo
|
||||
k0JS+rpNViE7ZIDNV7fK/2GqS4XVxjPBN3M3RbzzmIAKSfMonuV6/A23VDV7iRZd
|
||||
gb3JiPpzOTAv+jlLuiy/Ne8/+ew4+3oN3+FhH+TctEB8v4bZWl0YSsARJ2plqcYO
|
||||
SMZMJLb06Q0be2CwprmGPTwxQmCc6ZpqOd3ZX2igIcFO4NisVvFwFh+m4nS1/GlL
|
||||
r59wUIv81lFvz8hwDGktzXIL/AG2JqhfbtWJyM40lGe5Og/0jkuZ/6fva6hYjPeS
|
||||
pLTNbsPWSn2pNexzcnoI2Hc1y1/9+LdAyq6lljJLzYyHRTHuT8O9bZCOoJJrn9md
|
||||
RSo2PcEOP4x66gBg1b+Yux+H5undbYZ8gAqNbs3vVwC4h/j+H54dxDAKBb8+e3Bj
|
||||
Diwx7ZlAkerP/zrLxmz4Eo12qTnY5cAJW/9JowpD4z1IBBQU1DA=
|
||||
=GyEC
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
63
tpm2-openssl.spec
Normal file
63
tpm2-openssl.spec
Normal file
@ -0,0 +1,63 @@
|
||||
#
|
||||
# spec file for package tpm2-openssl
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
%define _MODULES_DIR %(pkg-config --variable=modulesdir libcrypto)
|
||||
|
||||
Name: tpm2-openssl
|
||||
Version: 1.3.0
|
||||
Release: 0
|
||||
Summary: OpenSSL 3 Engine for TPM2 devices
|
||||
License: BSD-3-Clause
|
||||
Group: Productivity/Security
|
||||
URL: https://github.com/tpm2-software
|
||||
Source0: %{url}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz
|
||||
Source1: %{url}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.gz.asc
|
||||
Source2: tpm2-openssl.keyring
|
||||
BuildRequires: autoconf-archive
|
||||
BuildRequires: libgcrypt-devel
|
||||
BuildRequires: libtool
|
||||
BuildRequires: pkgconfig
|
||||
BuildRequires: pkgconfig(libcrypto) >= 3
|
||||
BuildRequires: pkgconfig(tss2-esys) >= 3.2.0
|
||||
BuildRequires: pkgconfig(tss2-rc) >= 3.2.0
|
||||
BuildRequires: pkgconfig(tss2-tctildr)
|
||||
Conflicts: openssl_tpm2_engine
|
||||
|
||||
%description
|
||||
Makes the TPM 2.0 accessible via the standard OpenSSL API and command-line tools, so
|
||||
one can add TPM support to (almost) any OpenSSL 3.x based application.
|
||||
|
||||
%prep
|
||||
%autosetup
|
||||
|
||||
%build
|
||||
autoreconf -fvi
|
||||
%configure
|
||||
%make_build
|
||||
|
||||
%install
|
||||
%make_install
|
||||
# Remove libtool archives
|
||||
find %{buildroot} -type f -name "*.la" -delete -print
|
||||
|
||||
%files
|
||||
%doc README.md
|
||||
%license LICENSE
|
||||
%{_MODULES_DIR}/tpm2.so
|
||||
|
||||
%changelog
|
||||
Loading…
x
Reference in New Issue
Block a user