SHA256
1
0
forked from pool/tpm2.0-tools
tpm2.0-tools/tpm2.0-tools.spec

101 lines
3.3 KiB
RPMSpec
Raw Normal View History

#
# spec file for package tpm2.0-tools
#
- add fix_warnings.patch: fixes a couple of build errors resulting from LTO linking and -Werror. - update to major version 5.0: - Non Backwards Compatible Changes * Default hash algorithm is now sha256. Prior versions claimed sha1, but were inconsistent in choice. Best practice is to specify the hash algorithm to avoid surprises. * tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom becomes tpm2 getrandom. make install will install symlinks to the old tool names and the tpm2 commandlet will interrogate argv[0] for the command to run. This will provide backwards compatibility if they are installed. If you wish to use the old names not installed system wide, set DESTDIR during install to a separate path and set the proper directory on PATH. * tpm2_eventlog's output changed to be YAML compliant. The output before was intended to be YAML compliant but was never properly checked and tested. * umask set to 0117 for all tools. * tpm2_getekcertificate now outputs the INTC EK certificates in PEM format by default. In order to output the URL safe variant of base64 encoded output of the INTC EK certificate use the added option --raw. - Dependency update * Update tpm2-tss dependency version to 3.0.1 * Update tpm2-abrmd dependency version to 2.3.3 - New tools and features * tpm2_zgen2phase: Add new tool to support command TPM2_CC_ZGen_2Phase. * tpm2_ecdhzgen: Add new tool to support command TPM2_CC_ECDH_ZGen. * tpm2_ecdhkeygen: Add new tool to support command TPM2_CC_ECDH_KeyGen. * tpm2_commit: Add new tool to support command TPM2_CC_Commit. * tpm2_ecephemeral: Add new tool to support command TPM2_CC_EC_Ephemeral. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=63
2021-01-28 11:50:59 +01:00
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: tpm2.0-tools
- add fix_warnings.patch: fixes a couple of build errors resulting from LTO linking and -Werror. - update to major version 5.0: - Non Backwards Compatible Changes * Default hash algorithm is now sha256. Prior versions claimed sha1, but were inconsistent in choice. Best practice is to specify the hash algorithm to avoid surprises. * tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom becomes tpm2 getrandom. make install will install symlinks to the old tool names and the tpm2 commandlet will interrogate argv[0] for the command to run. This will provide backwards compatibility if they are installed. If you wish to use the old names not installed system wide, set DESTDIR during install to a separate path and set the proper directory on PATH. * tpm2_eventlog's output changed to be YAML compliant. The output before was intended to be YAML compliant but was never properly checked and tested. * umask set to 0117 for all tools. * tpm2_getekcertificate now outputs the INTC EK certificates in PEM format by default. In order to output the URL safe variant of base64 encoded output of the INTC EK certificate use the added option --raw. - Dependency update * Update tpm2-tss dependency version to 3.0.1 * Update tpm2-abrmd dependency version to 2.3.3 - New tools and features * tpm2_zgen2phase: Add new tool to support command TPM2_CC_ZGen_2Phase. * tpm2_ecdhzgen: Add new tool to support command TPM2_CC_ECDH_ZGen. * tpm2_ecdhkeygen: Add new tool to support command TPM2_CC_ECDH_KeyGen. * tpm2_commit: Add new tool to support command TPM2_CC_Commit. * tpm2_ecephemeral: Add new tool to support command TPM2_CC_EC_Ephemeral. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=63
2021-01-28 11:50:59 +01:00
Version: 5.0
Release: 0
Summary: Trusted Platform Module (TPM) 2.0 administration tools
License: BSD-3-Clause
Group: Productivity/Security
- update to version 4.3: - changes in version 4.3: - tss2_*: Fix double-free errors in commands asking for password authorization - tss2_*: Fix shorthand command -f that was falsely requiring an argument - tss2_*: Update tss2_encrypt to the new FAPI interface - The argument 'policyPath' is removed which was never read anyway - tss2_*: Remove the additional '\n' that was appended when redirecting to stdout - tss2_*: Update mandatory vs optional treatment of arguments according to latest Fapi spec - tss2_*: tss2_getinfo now retrieves the correct FAPI version from Fapi_GetInfo - tss2_*: Fix the error handling in case of multiple inputs and/or outputs from stdin/stdout - tss2_*: Fix syntax errors and update content of man pages according to latest Fapi spec - tss2_*: Add parameter types to all man page - tss2_*: tss2_setappdata now reads from file or stdin allowing to store also binary data - tss2_*: Memory leaks are fixed in cases when a returned empty non-char output value was passed to file output - tss2_pcrextend: fix extending PCR 0 - tss2_quote: fix unused TSS2_RC in LOG_ERR - changes in 4.2.1: - Fix missing handle maps for ESY3 handle breaks. See #1994. - Bump ESYS minimum dependency version from 2.3.0 to 2.4.0. - Fix for loop declarations build error. - changes in 4.2: - Fix various issues reported by static analysis tools. - Add integration test for ECC based getekcertificate. - Fix for issue #1959 where ARM builds were failing. - Add a check in autotools to add "expect" as a package dependency for fapi tools. - tpm2_createek: Drop the unused -p or --ek-auth option - tpm2_policyor: List of policy files should be specified as an argument - instead of -l option. The -l option is still retained for backwards - compatibility. See issue#1894. - tpm2_eventlog: add a tool for parsing and displaying the event log. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=58
2020-10-22 14:14:07 +02:00
URL: https://github.com/tpm2-software/tpm2-tools/releases
Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/tpm2-tools-%{version}.tar.gz
Patch0: fix_bogus_warning.patch
- add fix_warnings.patch: fixes a couple of build errors resulting from LTO linking and -Werror. - update to major version 5.0: - Non Backwards Compatible Changes * Default hash algorithm is now sha256. Prior versions claimed sha1, but were inconsistent in choice. Best practice is to specify the hash algorithm to avoid surprises. * tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom becomes tpm2 getrandom. make install will install symlinks to the old tool names and the tpm2 commandlet will interrogate argv[0] for the command to run. This will provide backwards compatibility if they are installed. If you wish to use the old names not installed system wide, set DESTDIR during install to a separate path and set the proper directory on PATH. * tpm2_eventlog's output changed to be YAML compliant. The output before was intended to be YAML compliant but was never properly checked and tested. * umask set to 0117 for all tools. * tpm2_getekcertificate now outputs the INTC EK certificates in PEM format by default. In order to output the URL safe variant of base64 encoded output of the INTC EK certificate use the added option --raw. - Dependency update * Update tpm2-tss dependency version to 3.0.1 * Update tpm2-abrmd dependency version to 2.3.3 - New tools and features * tpm2_zgen2phase: Add new tool to support command TPM2_CC_ZGen_2Phase. * tpm2_ecdhzgen: Add new tool to support command TPM2_CC_ECDH_ZGen. * tpm2_ecdhkeygen: Add new tool to support command TPM2_CC_ECDH_KeyGen. * tpm2_commit: Add new tool to support command TPM2_CC_Commit. * tpm2_ecephemeral: Add new tool to support command TPM2_CC_EC_Ephemeral. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=63
2021-01-28 11:50:59 +01:00
Patch1: fix_warnings.patch
Patch2: fix_pie_linking.patch
BuildRequires: autoconf-archive
BuildRequires: automake
BuildRequires: gcc-c++
Accepting request 461444 from home:msmeissn:branches:security - Updated to 1.1.0 / 016-11-04 - Added * travis ci support. * Allow for unit tests to be enabled selectively. * tpm2_rc_decode tool: Decode TPM_RC error codes. * Android Make file * tpm2_listpersistent: list all persistent objects * test scripts for tpm2-tools * tpm2_nvreadlock * tpm2_getmanufec: retrieve EC from tpm manufacturer server. * Copy 'common' and 'sample' code from the TPM2.0-TSS repo. - Modified * tpm2_takeownership: update option -c to use lockout password to clear. * tpm2_listpcrs: add options -L and -s, rewrite to increase performance. * tpm2_quote: added -L option to support selection of multiple banks. * tpm2_quote: add -q option to get qualifying data. * configure: Use pkg-config to get info about libcurl and libcrypto. * configure: Use pkg-config to locate SAPI and TCTI headers / libraries. * tpm2_x: Add -X option to enable password input in Hex format. * tpm2_nvdefine: Change -X option to -I. * tpm2-nvwrite: fix for unable to write 1024B+ data. * tpm2_getmanufec: Fix base64 encoding. * tpm2_x: fixed a lot of TPM2B failures caused by wrong initialization. * tpm2_getmanufec: let configure handle libs. * tpm2_getmanufec: Convert from dos to unix format. * build: Check for TSS2 library @ configure time. * build: Detect required TSS2 and TCTI headers. * build: Use libtool to build the common library * build: Install all binaries into sbin. * build: Build common sources into library. OBS-URL: https://build.opensuse.org/request/show/461444 OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=11
2017-03-01 17:18:06 +01:00
BuildRequires: libcurl-devel
BuildRequires: libopenssl-devel
BuildRequires: libtool
BuildRequires: libuuid-devel
%if 0%{?is_opensuse}
# releases prior to 3.0.4 required pandoc for building the man pages. On SLE
# we don't have pandoc and it requires a complete haskell stack so adding it
# is out of the question just for man pages.
#
# since 3.0.4 the man pages are shipped with the distribution tarball and we
# don't need to generate them any more. On openSUSE we can still keep this
# dependency for having fresh builds of the man pages (if that helps
# anything?).
#
# Update: In the 3.1.0 a required patch is still missing and the man pages
# won't be installed. they're shipped, though. so if pandoc isn't installed we
# need to install them explicitly.
BuildRequires: pandoc
%endif
BuildRequires: pkgconfig
Accepting request 461444 from home:msmeissn:branches:security - Updated to 1.1.0 / 016-11-04 - Added * travis ci support. * Allow for unit tests to be enabled selectively. * tpm2_rc_decode tool: Decode TPM_RC error codes. * Android Make file * tpm2_listpersistent: list all persistent objects * test scripts for tpm2-tools * tpm2_nvreadlock * tpm2_getmanufec: retrieve EC from tpm manufacturer server. * Copy 'common' and 'sample' code from the TPM2.0-TSS repo. - Modified * tpm2_takeownership: update option -c to use lockout password to clear. * tpm2_listpcrs: add options -L and -s, rewrite to increase performance. * tpm2_quote: added -L option to support selection of multiple banks. * tpm2_quote: add -q option to get qualifying data. * configure: Use pkg-config to get info about libcurl and libcrypto. * configure: Use pkg-config to locate SAPI and TCTI headers / libraries. * tpm2_x: Add -X option to enable password input in Hex format. * tpm2_nvdefine: Change -X option to -I. * tpm2-nvwrite: fix for unable to write 1024B+ data. * tpm2_getmanufec: Fix base64 encoding. * tpm2_x: fixed a lot of TPM2B failures caused by wrong initialization. * tpm2_getmanufec: let configure handle libs. * tpm2_getmanufec: Convert from dos to unix format. * build: Check for TSS2 library @ configure time. * build: Detect required TSS2 and TCTI headers. * build: Use libtool to build the common library * build: Install all binaries into sbin. * build: Build common sources into library. OBS-URL: https://build.opensuse.org/request/show/461444 OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=11
2017-03-01 17:18:06 +01:00
BuildRequires: tpm2-0-tss-devel
BuildRequires: tpm2.0-abrmd-devel
BuildRequires: unzip
Recommends: tpm2.0-abrmd
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
Trusted Computing is a set of specifications published by the Trusted
Computing Group (TCG). The Trusted Platform Module (TPM) is the
hardware component for Trusted Computing. The tpm2.0-tools package
provides tools for enablement and configuration of the TPM 2.0 and
associated interfaces.
%prep
%setup -q -n tpm2-tools-%{version}
%patch0 -p1
- add fix_warnings.patch: fixes a couple of build errors resulting from LTO linking and -Werror. - update to major version 5.0: - Non Backwards Compatible Changes * Default hash algorithm is now sha256. Prior versions claimed sha1, but were inconsistent in choice. Best practice is to specify the hash algorithm to avoid surprises. * tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom becomes tpm2 getrandom. make install will install symlinks to the old tool names and the tpm2 commandlet will interrogate argv[0] for the command to run. This will provide backwards compatibility if they are installed. If you wish to use the old names not installed system wide, set DESTDIR during install to a separate path and set the proper directory on PATH. * tpm2_eventlog's output changed to be YAML compliant. The output before was intended to be YAML compliant but was never properly checked and tested. * umask set to 0117 for all tools. * tpm2_getekcertificate now outputs the INTC EK certificates in PEM format by default. In order to output the URL safe variant of base64 encoded output of the INTC EK certificate use the added option --raw. - Dependency update * Update tpm2-tss dependency version to 3.0.1 * Update tpm2-abrmd dependency version to 2.3.3 - New tools and features * tpm2_zgen2phase: Add new tool to support command TPM2_CC_ZGen_2Phase. * tpm2_ecdhzgen: Add new tool to support command TPM2_CC_ECDH_ZGen. * tpm2_ecdhkeygen: Add new tool to support command TPM2_CC_ECDH_KeyGen. * tpm2_commit: Add new tool to support command TPM2_CC_Commit. * tpm2_ecephemeral: Add new tool to support command TPM2_CC_EC_Ephemeral. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=63
2021-01-28 11:50:59 +01:00
%patch1 -p1
%patch2 -p1
%build
# TODO: remove autoreconf once fix_pie_linking patch is no longer needed
# until then we need to repair the version specification which configure.ac
# wants to read from GIT which isn't there.
sed -i 's/m4_esyscmd_s([^)]\+)/%{version}/g' configure.ac
autoreconf -fvi
%configure --disable-static
make %{?_smp_mflags}
%check
make %{?_smp_mflags} check
%install
make DESTDIR=%{buildroot} install %{?_smp_mflags}
find %{buildroot} -type f -name "*.la" -delete -print
%files
%defattr(-,root,root)
%doc README.md doc/CHANGELOG.md
%license doc/LICENSE
- add fix_warnings.patch: fixes a couple of build errors resulting from LTO linking and -Werror. - update to major version 5.0: - Non Backwards Compatible Changes * Default hash algorithm is now sha256. Prior versions claimed sha1, but were inconsistent in choice. Best practice is to specify the hash algorithm to avoid surprises. * tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom becomes tpm2 getrandom. make install will install symlinks to the old tool names and the tpm2 commandlet will interrogate argv[0] for the command to run. This will provide backwards compatibility if they are installed. If you wish to use the old names not installed system wide, set DESTDIR during install to a separate path and set the proper directory on PATH. * tpm2_eventlog's output changed to be YAML compliant. The output before was intended to be YAML compliant but was never properly checked and tested. * umask set to 0117 for all tools. * tpm2_getekcertificate now outputs the INTC EK certificates in PEM format by default. In order to output the URL safe variant of base64 encoded output of the INTC EK certificate use the added option --raw. - Dependency update * Update tpm2-tss dependency version to 3.0.1 * Update tpm2-abrmd dependency version to 2.3.3 - New tools and features * tpm2_zgen2phase: Add new tool to support command TPM2_CC_ZGen_2Phase. * tpm2_ecdhzgen: Add new tool to support command TPM2_CC_ECDH_ZGen. * tpm2_ecdhkeygen: Add new tool to support command TPM2_CC_ECDH_KeyGen. * tpm2_commit: Add new tool to support command TPM2_CC_Commit. * tpm2_ecephemeral: Add new tool to support command TPM2_CC_EC_Ephemeral. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=63
2021-01-28 11:50:59 +01:00
/usr/bin/tpm2*
/usr/bin/tss2*
%{_mandir}/man1/tpm2*
%{_mandir}/man1/tss2*
%dir %{_datadir}/bash-completion
%dir %{_datadir}/bash-completion/completions
%{_datadir}/bash-completion/completions/*
%changelog