From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id A6D48158089 for ; Thu, 14 Sep 2023 21:00:44 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CA3972BC013; Thu, 14 Sep 2023 21:00:43 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B24962BC013 for ; Thu, 14 Sep 2023 21:00:43 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id BB4B8335CE9 for ; Thu, 14 Sep 2023 21:00:42 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 1A63A1148 for ; Thu, 14 Sep 2023 21:00:41 +0000 (UTC) From: "David Seifert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "David Seifert" Message-ID: <1694725235.c87fddc6fa9bc08438b8302dc32ed2270241ed05.soap@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: app-crypt/tpm2-openssl/, app-crypt/tpm2-openssl/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: app-crypt/tpm2-openssl/Manifest app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch app-crypt/tpm2-openssl/metadata.xml app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild X-VCS-Directories: app-crypt/tpm2-openssl/files/ app-crypt/tpm2-openssl/ X-VCS-Committer: soap X-VCS-Committer-Name: David Seifert X-VCS-Revision: c87fddc6fa9bc08438b8302dc32ed2270241ed05 X-VCS-Branch: master Date: Thu, 14 Sep 2023 21:00:41 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: e5d64bc5-fda0-4d6f-b00a-a9764cf8d102 X-Archives-Hash: a1a47532cd15bd89cc452c8511276d75 commit: c87fddc6fa9bc08438b8302dc32ed2270241ed05 Author: Christopher Byrne gmail com> AuthorDate: Thu Sep 14 21:00:35 2023 +0000 Commit: David Seifert gentoo org> CommitDate: Thu Sep 14 21:00:35 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c87fddc6 app-crypt/tpm2-openssl: new package, add 1.1.1 Closes: https://github.com/gentoo/gentoo/pull/32714 Signed-off-by: Christopher Byrne gmail.com> Signed-off-by: David Seifert gentoo.org> app-crypt/tpm2-openssl/Manifest | 1 + ...de-base-provider-required-to-load-ecparam.patch | 25 ++++++ app-crypt/tpm2-openssl/metadata.xml | 15 ++++ app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild | 97 ++++++++++++++++++++++ 4 files changed, 138 insertions(+) diff --git a/app-crypt/tpm2-openssl/Manifest b/app-crypt/tpm2-openssl/Manifest new file mode 100644 index 000000000000..06860f330281 --- /dev/null +++ b/app-crypt/tpm2-openssl/Manifest @@ -0,0 +1 @@ +DIST tpm2-openssl-1.1.1.tar.gz 415093 BLAKE2B 4f05b04ad059b9e5232bde2426102628927c71360cda5c3a1df02f951a8ecd6e1e036a6373ac5d7fc8209415874c52544eca3195e2361a165bc2c91f99ad85b1 SHA512 be4f114b21d15e6baeb7e756a787619d01f20171e86ebc42ea098c98d59ffd2ba648885b345b9d1a9dc3339199eaa6db8335f039587be338c1126e23349b8812 diff --git a/app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch new file mode 100644 index 000000000000..5a5554628600 --- /dev/null +++ b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch @@ -0,0 +1,25 @@ +From 483030d85563e26a62e4baeac3b0fdca0e314199 Mon Sep 17 00:00:00 2001 +From: Petr Gotthard +Date: Fri, 23 Dec 2022 10:46:40 +0100 +Subject: [PATCH] tests: include base provider required to load ecparam + +--- + test/ec_genpkey_parameters.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/ec_genpkey_parameters.sh b/test/ec_genpkey_parameters.sh +index 406b558..a4f68d7 100755 +--- a/test/ec_genpkey_parameters.sh ++++ b/test/ec_genpkey_parameters.sh +@@ -6,7 +6,7 @@ set -eufx + openssl ecparam -name prime256v1 -out testparam.pem + + # generate private key as PEM +-openssl genpkey -provider tpm2 -paramfile testparam.pem -out testkey.pem ++openssl genpkey -provider tpm2 -provider base -paramfile testparam.pem -out testkey.pem + + # display private key info + openssl ec -provider tpm2 -provider base -in testkey.pem -check -text -noout +-- +2.39.2 + diff --git a/app-crypt/tpm2-openssl/metadata.xml b/app-crypt/tpm2-openssl/metadata.xml new file mode 100644 index 000000000000..f02af2f290cf --- /dev/null +++ b/app-crypt/tpm2-openssl/metadata.xml @@ -0,0 +1,15 @@ + + + + + salah.coronya@gmail.com + Christopher Byrne + + + proxy-maint@gentoo.org + Proxy Maintainers + + + tpm2-software/tpm2-openssl + + diff --git a/app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild b/app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild new file mode 100644 index 000000000000..54fda1a513cb --- /dev/null +++ b/app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild @@ -0,0 +1,97 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="OpenSSL Provider for TPM2 integration" +HOMEPAGE="https://github.com/tpm2-software/tpm2-openssl" +SRC_URI="https://github.com/tpm2-software/tpm2-openssl/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0/${PV}" +KEYWORDS="~amd64" +IUSE="test" +RESTRICT="!test? ( test )" + +RDEPEND=" + >=app-crypt/tpm2-tss-3.2.0:= + >=dev-libs/openssl-3:=" +DEPEND="${RDEPEND} + test? ( + app-crypt/swtpm[gnutls] + app-crypt/tpm2-abrmd + app-crypt/tpm2-tools + )" +BDEPEND="virtual/pkgconfig" + +PATCHES=( "${FILESDIR}"/${P}-tests-include-base-provider-required-to-load-ecparam.patch ) + +src_test() { + dbus_run() { + ( + # start isolated dbus session bus + local dbus_data=$(dbus-launch --sh-syntax) || exit + eval "${dbus_data}" + + $@ + ret=${?} + + kill "${DBUS_SESSION_BUS_PID}" + exit "${ret}" + ) || die + } + + tpm2_run_with_emulator() { + local -x XDG_CONFIG_HOME="${T}"/.config/swtpm + "${BROOT}"/usr/share/swtpm/swtpm-create-user-config-files || die + + mkdir -p "${XDG_CONFIG_HOME}"/mytpm1 || die + local swtpm_setup_args=( + --tpm2 + --tpmstate "${XDG_CONFIG_HOME}"/mytpm1 + --createek + --allow-signing + --decryption + --create-ek-cert + --create-platform-cert + --lock-nvram + --overwrite + --display + ) + swtpm_setup "${swtpm_setup_args[@]}" || die + + local swtpm_socket_args=( + --tpm2 + --tpmstate dir="${XDG_CONFIG_HOME}"/mytpm1 + --flags startup-clear + --ctrl type=unixio,path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket.ctrl + --server type=unixio,path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket + --pid file="${XDG_CONFIG_HOME}"/mytpm1/swtpm.pid + --daemon + ) + swtpm socket "${swtpm_socket_args[@]}" || die + + local tpm2_abrmd_args=( + --logger=stdout + --tcti=swtpm:path="${XDG_CONFIG_HOME}"/mytpm1/swtpm.socket + --session + --flush-all + ) + tpm2-abrmd "${tpm2_abrmd_args[@]}" & + + local -x TPM2OPENSSL_TCTI="tabrmd:bus_type=session" + local -x TPM2TOOLS_TCTI="tabrmd:bus_type=session" + + $@ || die + + # When swtpm dies, tmp2-abrmd will exit + kill $(< "${XDG_CONFIG_HOME}"/mytpm1/swtpm.pid) || die + } + + dbus_run tpm2_run_with_emulator make check +} + +src_install() { + default + find "${ED}" -iname '*.la' -delete || die +}