commit 878388cbc86e027ae510c79dabe0bf4c02a6af26b12cedc778c839366e64928a Author: Alberto Planas Dominguez Date: Thu Dec 12 13:14:38 2024 +0000 - Enable unit testing - Update to 1.9.1 + Fixed * configure: Change mistaken += to =. use user supplied --prefix even when p11kit is detected. * Remove warning about unable to find FAPI when it's is not-compiled in and not chosen as the beckend. * Fix memory leaks in tpm_create_transient_primary_from_template. * Fix NULL pointer dereference in db.c on uses of CKA_ALLOWED_MECHANISMS. * Fix offset miscalculation in FAPI backend that was corrupting data. * Support CKM_ECDH1_DERIVE via C_DeriveKey. * Fix usages of tpm2-ptool for its wrapped tpm2_ptool in tests. * Fix failing db upgrades on double conversion to int. * Fix db lock file due to missing parenthesis and order of operations. * documentation: Fix use of objects where tokens was meant. + Changed * --enable-fapi to --with-fapi. Note this is not a major version bump as its internal to builders only. However --enable-fapi left in place for backwards compat. + Add maintainer public key: tpm2-pkcs11.keyring OBS-URL: https://build.opensuse.org/package/show/security/tpm2-pkcs11?expand=0&rev=18 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/tpm2-pkcs11-1.9.0.tar.gz b/tpm2-pkcs11-1.9.0.tar.gz new file mode 100644 index 0000000..23e656d --- /dev/null +++ b/tpm2-pkcs11-1.9.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:35bf06c30cfa76fc0eba2c5f503cf7dd0d34a66afb2d292fee896b90362f633b +size 1396590 diff --git a/tpm2-pkcs11-1.9.0.tar.gz.asc b/tpm2-pkcs11-1.9.0.tar.gz.asc new file mode 100644 index 0000000..dec16d9 --- /dev/null +++ b/tpm2-pkcs11-1.9.0.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEW0grjj4Z2nyXjh0BbeLpB44fUMEFAmPZLrwACgkQbeLpB44f +UMG/fxAAq6LcxojU451o7FavO481TX3zq3qyYTmEkrTtRO2rnbKEyOcDP75FOYG7 +8gFFEZYNgucFU9qW9vzqe7d4whokijozNVcUy7+Wz/qr2e2DTEom8jC/1FIrBwQT +Ahn6w+vCjYm8ZBcBO5w97U8ZDOB7FOovFRZBMaDuyWeEVsVxN3xWupAmth4B6L2h +W8CmuQZTDAX2SmbbjnmBSCDkW8/hyuSIcHzsTRUxeRsVe2WVoGKUkl39zDHOJsOi +Fo/uEkZiwVGFQtNo7LxCXooXZfcpfKDK2AL9fto03Rl4DTB7CW5xqEK3ybECa89i +8sed2wMQLMibwzbln2GGfOu/Lr6We3nd98FEitKKXeSuMraDp5m0r+JMLvx43d9J +vGHVLJoEQ3JabUUctxOi5R2ZYYEalBRzuBwpDt1qWhGqwt0VAOKVrW3NMs3vJci5 +bFG2sVxiekTK26S2ozsr0Pivl6mAlZRDGVAoff1iiLWJAr10hmGV7etSsARR87Ag +lSnGBCqwk1d9RzI1VigXIbR0ZdHotry2B4CjIQDm4y71JLJopc4hpjD5tDFz5PZ6 +bLCV4jVrBq5kjgABMcIY/MmMPQ+2oE2x2Manqbj2T18mHQYj7rKhJ94ZRlJxILE4 +C29jS025HtEsYc+FVO2qfCok5p0p6v4n1aBrkzr4S6/RGUwy19s= +=9JcL +-----END PGP SIGNATURE----- diff --git a/tpm2-pkcs11-1.9.1.tar.gz b/tpm2-pkcs11-1.9.1.tar.gz new file mode 100644 index 0000000..bc10e7b --- /dev/null +++ b/tpm2-pkcs11-1.9.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ce24aa5ec2471545576e892b6f64fd873a424371bbf9be4ca3a0e689ea11c9b7 +size 1412372 diff --git a/tpm2-pkcs11-1.9.1.tar.gz.asc b/tpm2-pkcs11-1.9.1.tar.gz.asc new file mode 100644 index 0000000..a752899 --- /dev/null +++ b/tpm2-pkcs11-1.9.1.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- + +iHUEABMIAB0WIQTZGoLbMQ6OB1GcKYqYd8JqPNNkCQUCZvIOdwAKCRCYd8JqPNNk +CbEAAP0bYjn9tqF7VtnaqWC8uFcc1wlslvuX7kUb64+s3NW/ngD/Z6L89UC05nXd +Rm4RQ52b1Z3+RaN3Dfryecm1d4ijrm4= +=xmEs +-----END PGP SIGNATURE----- diff --git a/tpm2-pkcs11.changes b/tpm2-pkcs11.changes new file mode 100644 index 0000000..26f9903 --- /dev/null +++ b/tpm2-pkcs11.changes @@ -0,0 +1,167 @@ +------------------------------------------------------------------- +Thu Dec 12 12:37:19 UTC 2024 - Lucas Mulling + +- Enable unit testing + +------------------------------------------------------------------- +Wed Dec 11 16:38:18 UTC 2024 - Lucas Mulling + +- Update to 1.9.1 + + Fixed + * configure: + Change mistaken += to =. + use user supplied --prefix even when p11kit is detected. + * Remove warning about unable to find FAPI when it's is not-compiled in and not chosen as the beckend. + * Fix memory leaks in tpm_create_transient_primary_from_template. + * Fix NULL pointer dereference in db.c on uses of CKA_ALLOWED_MECHANISMS. + * Fix offset miscalculation in FAPI backend that was corrupting data. + * Support CKM_ECDH1_DERIVE via C_DeriveKey. + * Fix usages of tpm2-ptool for its wrapped tpm2_ptool in tests. + * Fix failing db upgrades on double conversion to int. + * Fix db lock file due to missing parenthesis and order of operations. + * documentation: + Fix use of objects where tokens was meant. + + Changed + * --enable-fapi to --with-fapi. Note this is not a major version bump as its internal to builders only. However --enable-fapi left in place for backwards compat. + + Add maintainer public key: + tpm2-pkcs11.keyring + +------------------------------------------------------------------- +Thu May 18 15:29:46 UTC 2023 - Alberto Planas Dominguez + +- Merge subpackages lib and devel into the main one + +------------------------------------------------------------------- +Thu Feb 16 15:21:43 UTC 2023 - Alberto Planas Dominguez + +- Update to 1.9.0 + + Fixed + * Fix autoconf invocation on a release tarball not being a git + repo for VERSION. VERSION file now generated and packaged as + part of the release tarball from the git version information. + * Fix TPM2_PKCS11_OWNER_AUTH not being used when a persistent SRK + is needed in the C_InitToken path. + * During an upgrade of the database to version 4, the config key + 'persistent' is added instead of 'transient', causing KeyError + when using the upgraded database. + * Leave the original db on upgrade failure, a bug caused the + original db to be unlinked not the upgraded db. + * A bug prevented the use of CreateLoaded if the TPM supports the + command. + * A bug when creating keys through the PKCS11 interface (not + tpm2-ptool), the attributes for CKA_ALLOWED_MECHANISMS were + encoded as a hex string and not a sequence of ints within the + YAML. Correcting this will trigger a db upgrade to 8 + + Added + * Env varibale PKCS11_SQL_LOCK to allow setting a lock directory, + eg for temprary directory so lock files do not persist across + reboots. + +------------------------------------------------------------------- +Fri Jul 8 12:23:01 UTC 2022 - Alberto Planas Dominguez + +- Update to 1.8.0 + + Fixed + * Fix GetRandom Memory Leak + * Fix some spelling mistakes + * Fix unit test test_parser + * Fix importing of RSA private key through pkcs11 interface should + fail. + * Fix ECDSA signature length calculation. + * Fix memory leak of tokens. + * Fix suspicious sizeof usage in _str_padded_copy + * Fix encoding errors when importing a certificate into the pkcs11 + store. + * Fix try/finally scope issues in tpm2_ptool. + * Fix, an OOB access in db upgrade path. + * Fix ECDSA length calculation that was causing issues with Mutual + TLS in Firefox and Chrome. + + Changed + * remove unused macro set_safe_rc + + Added + * Add support for OpenSSL 3. Note that calls through engine are no + longer supported on OpenSSL3. + * Add tpm2_ptool export commandlet for exporting token keys into + PEM and TPM blob format. +- Add new dependencies to PyYAML, cryptography, pyasn1 and tpm2-pytss + +------------------------------------------------------------------- +Sat Feb 26 14:12:48 UTC 2022 - Callum Farmer + +- Use hardlinks in %fdupes for python files + +------------------------------------------------------------------- +Wed Oct 20 10:48:58 UTC 2021 - Callum Farmer + +- Add keyring & use source verification + +------------------------------------------------------------------- +Wed Oct 20 09:58:09 UTC 2021 - Alberto Planas Dominguez + +- Update to 1.7.0 + + DB Schema Change from 5 to 7. + * Backup your DB before upgrading + + Fixed compilation issues with GCC11. + + Fixed errors on releases due to newer compilers from failing by + only adding -Werror for non-release builds. + + Fixed error message when the DB is too new in tpm2_ptool. + + Added support for tpm2_ptool import with ssh-keygen format + keys. Note: Requires cryptography >= 3.0. + + Changed default long level from error to warning. + + Added better error message for FAPI backend errors along with + docs/FAPI.md document. + + Changed tpm2_ptool make --algorithm optional. + + Fixed error message of wrong attribute name on expected attribute + check to be false. + + Added support for ECDSA 256, 384 and 512. + + Fixed a bug in the Python code DB upgrade path from 4 to 5 where + it didn't add AES mode CTR to CKA_ALLOWED_MECHANISMS. + + Added tpm2_ptool support for ECC key size 192. + + Added support passwordless login for tokens, ie not setting + CKF_LOGIN_REQUIRED. + + Fixed Running integration tests when Java version has the -ea, + like on Debian 11 and OpenJDK 17. + + Added support for HMAC keys using tpm2_ptool and the C_Sign and + C_Verify interfaces. The following interfaces in ptool have + support: + * addkey: previous working versions of tpm2-tools will support + this. + * link: previous working versions of tpm2-tools will support this. + * import: requires tpm2-tools 5.2+ for support. + + Fixed leaking of temp file descriptors in tpm2_ptool. + + Fixed wrong free in tpm code, should use Esys_Free. + + Fixed a space formatting issue in tpm2_ptool verify. + + Fixed leaked file descriptor in tpm2_ptool. + + Fixed a few suspicious sizeof usages in str_padded_copy + + Fixed a memory leak of the token list on a failure condition in + initialization. + +------------------------------------------------------------------- +Sun Aug 22 11:04:39 UTC 2021 - Jan Engelhardt + +- Use definite tense in %description. + +------------------------------------------------------------------- +Sat Aug 21 13:32:30 UTC 2021 - Callum Farmer + +- Build and install python tools + +------------------------------------------------------------------- +Fri Aug 20 17:59:05 UTC 2021 - Callum Farmer + +- Clean spec file +- Use better source URL +- Split library +- Don't package .la files +- Create store directory +- Move devel library to devel subpackage + +------------------------------------------------------------------- +Wed Sep 9 10:05:02 UTC 2020 - Alexander Evseev - 1.4.0 + +- New upstream version - 1.4.0 + +------------------------------------------------------------------- +Mon Aug 3 14:19:30 UTC 2020 - Alexander Evseev - 1.3.1 + +- First build. Version - 1.3.1 diff --git a/tpm2-pkcs11.keyring b/tpm2-pkcs11.keyring new file mode 100644 index 0000000..e3404f1 --- /dev/null +++ b/tpm2-pkcs11.keyring @@ -0,0 +1,68 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: Hostname: +Version: Hockeypuck ~unreleased + +xsFNBFik3GUBEADYDYbSXH3UTr9oCNCI3UxC1hiLH7cM+QIbMtWiwfAbT3G8wrTa +NPj00qNvI4wQ/Xm3h0hB7kri7vP0FqIjIwsTdM6ZpFdVHHKW1m4P8fkOcxqmLN0g +V36MN5fgoGWf2K94aS7ItoweRMcuHnwWawe6aAtbKSYVqhWhoB/3grgd0xhE61AS +o8fJ7uRYNEAYVeOKlC2j+qKfoJbCa6yqZejFwOOzB6qxNRA7JYvckEf8yJ4+Y16m +qPyZ1ErHzpql3+b5ha+g+9g8WzxAbSfGYZTwaQxyePNjXuq2tdEXf9XnESvoaoN4 +pQhiu/0BJEkXPxl1zso65g4Mn22xEELhUnwPDo5YdLlWEZ8xhELLvdJc3Z0nTR5A +4/YaZvvzf7pOD1cwpB6IrRf8n9rOe1aDxh/A//zX9PpIOV25p5kqlE88Ya5VXrnA +Ayfs19RZmK3+FuaI0ij79CRokG9BrI6TXT0pRTDIRu7GvAo2q13MELRvFddyRT2G +mNjsHYcqEbraYTh3LHEiwfWp4ZgDtk8jj3iRabHQUHk9V8vSFzj+wp1E8HzO8Vp3 +BxMDIOG1VPdLi81DP+LbZI1h30ZG63ulqkKIhwx5/h2v4VCYPatVtGqVf37tLstj +Wrs0DkBykuZrecp+AJ5ZJ+UVvR8ajO2ncAoOugNwoj9Wuvz0fVTiJIhuNQARAQAB +zTxXaWxsaWFtIFJvYmVydHMgKEJpbGwgUm9iZXJ0cykgPHdpbGxpYW0uYy5yb2Jl +cnRzQGludGVsLmNvbT7CwXgEEwECACIFAlik3GUCGwMGCwkIBwMCBhUIAgkKCwQW +AgMBAh4BAheAAAoJEG3i6QeOH1DBibEQAL4EwEzegkc8NyHiW0mntwDoCv3tkUlG +fprp/g7GWfrP+L+pN5yexg3Zm/CgVN/tTNCEr5XtP+sdds8xBF6ReJ8QPO7EiMiM +asPXh8zlODrySXCGHmpa7IzuUC2wgD3Wq7WjniMvnBmqBdL0+8nqA6NFxOOklvK1 +ub7bqLrHKfUfciFOfYAi+C0Bh8kdZtMjfY9sqlJA3sVK2UxVXq9D+oHbL1o454N6 +VzV0rDtsK47GSSCXT75kulPdfOCopTgxPgNsK4VnXgMOL5JMURPJa3rBzmBRFed1 +ynrqwFdmYdMepsUgt/JS2I/23QChqp6AdVDjtGLKS71hox+vdE4S0DoRnMHwHkkt +B6bqQci3RlUP+wcHHRCUXUubxMSlYJqhBdEOclo6N0X0LseLcdAMGda8ZnqbHlyg +hPLmJrM3C5zTLjDb2YJXCy6RVNwqAnU3o33SZCnHqo/zUjEtR03Ztk1DzSeCjo5w +zLac1VFq5S3QdgZUwmPhyeoigqOvHu6Z1s2eL8Aw7Hn8i6MWLz5sOXAtyC9NPwK/ +qbp1a+GQXzNW4rvKl7ZEFKrBKyj8AiRoVLSRKcqZtFT56ltXQjrwKjsWDTEOzjnm +XCSM96xfay6asQH5fw+haC3RIErwyNV0uUDIVC0xDTZ6NgJEBkp8liwNeHE7eHoN +8qWSZZO2syf7zsFNBFik3GUBEAC7V2o1kBsLFSKwmgsCuGfW0oBIQiaCcakT6D2X +rKBjmzBvh/UIdXQwl9+vPKtWX3T/7g6UBvezV3uc2ZqrigGmFemoQI3sW7wFk0L9 +/QTUWCMfZtyrWgqyetmPYS+i2PnsEPinsgsEHWf3iu/ew1A7npZwINwMdOSOVw2u +JqYyW2tZCErWKVe31ziYUpXA+HaRm9zoVr0F0sE2GYGWbMVYtqxN9TSYcIAHxB71 +Y31dcY77ln/1JAH4Yzqc063w/lNYogEbbQY7WNgcKdPP+aovpV7kS3TKwsdb9/xT +pj67nnlvjLTMRoW3Ez0PcIDFhuube9uOQupYG4rC4grLeVLwL/ekVmn6TxRN1hG7 +6zYXWiwWi16uAO++eBNt127FwCOVZsPO0ye3/XpOpCdpUadguxF2gGt6xY0gtetj +Vdv6S4kCdSx8NMrO2epS/1pgklxN9R/xl7Wu+JPUuVX4Jy0ycmw7TCWxdK2fuFy6 +6aLCXWWEjRSp06oeVJoVV2py+rYaoau7JG7Zgx1A3gYTm6MLFysfROaQgmfRozIH +0boYh3IA1WWzk4I6ew129ynC5zGXg/+UCnKKwn8Tsh9neq9noRDAonWI7jOCipwF +l51py82093M87zjz9o/qxnB8p00jByQ+MunUykaZrkQKHAsiyIF6cUIeQiy/AL7n +wwSPQQARAQABwsFfBBgBAgAJBQJYpNxlAhsMAAoJEG3i6QeOH1DBtO8P/1D98sl3 +oz/0oSSz0u9nzgOh93UkLbXpjSR4U+g7Wl2ppxQyGSFeWwRwT5BT74EVP2IcrraX +V9c7l+s8PYqnUdX2XAqGMv06523cCrNUU93kUUNjAo3FxGSn7i2kHIvMkDbUoeVk +jyWKfIvyy2sKcVB9GQxfMrbnTR5/Z6fCyGHNqMFb9e9TUWclLzMIhvtkvLuKmf52 +TKKxKQt/wero5zb0fynOttIjuhmOP9CFTiYjdj7qSmQapW8VFdYjyzL+OOFk9gCL +S3mIk1LdkfWah7trmMUTXdmiEibvARAQ3Yjr+Hz9yU1gzEJSPUUugNguqgS5kN+T +3TdwUHAP9whVD2IvN/Mfn29bmFFVfzu3ftJIa1zJmOdZy7KWb6MWVhw3SJ65luPB +qxKWRqFDOSpqzBm6bYQ/Oka49Jl7/dCImSm+7bCC7LDK9hXa3AIlDtWvG4iiL18T +wUOrgXPysB/D/NQaRxT/vSPUOB4WrQzIKIf4vJdyuPdtOtIWm97KUw8r/jDqd4I3 +B62qknrrR+FPcz8ACM9fXkpbBEcjFV8EkoOae106Vxjo/lu5LVBbwiKviMMwoK5o +YE7FfCwLBbLTYMeetHo8jGBRonTEOKMtPlp/fCMOp9w7CgMDuvfEwuTsA1ux4uAb +tZZIbipcKcZmsU7Su4+oeyh61giG++M5rL2D +=NFsd +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mFIEZXIPkBMIKoZIzj0DAQcCAwRpzD1EvCQ2Z40cNGJOJJM4sPu6McIdhiMyRi4Y ++xd4bDgELQmowqB1joQiP+lx2JKFN394ogbWCu3U5CkqIhAztEBCaWxsIFJvYmVy +dHMgKEJpbGxzIFBlcnNvbmFsIERldiBLZXkpIDxiaWxsLmMucm9iZXJ0c0BnbWFp +bC5jb20+iJMEExMIADsWIQTZGoLbMQ6OB1GcKYqYd8JqPNNkCQUCZXIPkAIbAwUL +CQgHAgIiAgYVCgkICwIEFgIDAQIeBwIXgAAKCRCYd8JqPNNkCZ/+AP9MBDVNvT56 +CRY12hijKTbzCqK+ksnw0/67gdclyO3cAgEAh0ACFENuAGjD13wnrNfI0xnJo9Sd +Fi1REGjLSaYY0C64VgRlcg+QEggqhkjOPQMBBwIDBApflMMr9qwBxTZGPnhP+a7U +BtDzMJiTSqW7+VzHM5rgUZBnNaIdPqyM4uvIGARVeLPX6bEvIsZBS2b+QExsfBED +AQgHiHgEGBMIACAWIQTZGoLbMQ6OB1GcKYqYd8JqPNNkCQUCZXIPkAIbDAAKCRCY +d8JqPNNkCV+7AP9ANJCmwi0KVLA/QeAukoAT7doFw6g9lEG2gM+nN1a1wAEA+LRg +7drDoAWRQQHI6uYKwFOtYMxrcrFe2UF5v/Soiis= +=4SNI +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tpm2-pkcs11.spec b/tpm2-pkcs11.spec new file mode 100644 index 0000000..f3afba5 --- /dev/null +++ b/tpm2-pkcs11.spec @@ -0,0 +1,109 @@ +# +# spec file for package tpm2-pkcs11 +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define so_ver 0 +%define pythons python3 +Name: tpm2-pkcs11 +Version: 1.9.1 +Release: 0 +Summary: A PKCS#11 interface for TPM2 hardware +License: BSD-2-Clause +Group: Productivity/Security +URL: https://github.com/tpm2-software/tpm2-pkcs11 +Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz +Source1: %{url}/releases/download/%{version}/%{name}-%{version}.tar.gz.asc +Source2: %{name}.keyring +BuildRequires: autoconf +BuildRequires: autoconf-archive >= 2017.03.21 +BuildRequires: automake +BuildRequires: fdupes +BuildRequires: libtool +BuildRequires: pkgconfig +BuildRequires: python-rpm-generators +BuildRequires: python3-PyYAML +BuildRequires: python3-base +BuildRequires: python3-cryptography +BuildRequires: python3-pyasn1-modules +BuildRequires: python3-setuptools +BuildRequires: python3-tpm2-pytss +BuildRequires: tpm2.0-tools +BuildRequires: pkgconfig(libcrypto) >= 1.0.2g +BuildRequires: pkgconfig(p11-kit-1) +BuildRequires: pkgconfig(sqlite3) +BuildRequires: pkgconfig(tss2-esys) >= 2.0 +BuildRequires: pkgconfig(tss2-mu) +BuildRequires: pkgconfig(tss2-rc) +BuildRequires: pkgconfig(tss2-tctildr) +BuildRequires: pkgconfig(yaml-0.1) +# Required for testing +BuildRequires: pkgconfig(cmocka) +BuildRequires: dbus-1-daemon +# Merge both subpackages +Provides: libtpm2_pkcs11-0 = %{version} +Obsoletes: libtpm2_pkcs11-0 < %{version} +Provides: tpm2-pkcs11-devel = %{version} +Obsoletes: tpm2-pkcs11-devel < %{version} +%{?python_enable_dependency_generator} + +%description +tpm2-pkcs11 is a plugin shared library implementing the PKCS #11 +Cryptographic Token Interface (Cryptoki) C API atop of TPM2 devices. + +%dnl "make install" copies no .h files, a strong indicator that this project is +%dnl an (SLPP-exempt) plugin rather than a "normal" shared library. + +%prep +%autosetup + +%build +autoreconf -fiv +%configure --disable-static --enable-unit +%make_build +cd tools +%python_build + +%install +%make_install +find %{buildroot} -type f -name "*.la" -delete -print +mkdir -p %{buildroot}%{_sysconfdir}/tpm2_pkcs11 +cd tools +%python_install +%fdupes %{buildroot} + +%check +%make_build check + +%post -p /sbin/ldconfig +%postun -p /sbin/ldconfig + +%files +%license LICENSE +%doc docs/* +%dir %{_datadir}/p11-kit/modules +%dir %{_datadir}/p11-kit +%dir %{_libdir}/pkcs11 +%{_datadir}/p11-kit/modules/tpm2_pkcs11.module +%{_sysconfdir}/tpm2_pkcs11 +%{_bindir}/tpm2_ptool +%{python_sitelib}/tpm2_pkcs11 +%{python_sitelib}/*.egg-info +%{_libdir}/pkcs11/libtpm2_pkcs11.so.%{so_ver}* +%{_libdir}/pkcs11/libtpm2_pkcs11.so +%{_libdir}/pkgconfig/tpm2-pkcs11.pc + +%changelog