summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--app-crypt/tpm2-openssl/Manifest1
-rw-r--r--app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch25
-rw-r--r--app-crypt/tpm2-openssl/metadata.xml11
-rw-r--r--app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild101
4 files changed, 138 insertions, 0 deletions
diff --git a/app-crypt/tpm2-openssl/Manifest b/app-crypt/tpm2-openssl/Manifest
new file mode 100644
index 00000000..06860f33
--- /dev/null
+++ b/app-crypt/tpm2-openssl/Manifest
@@ -0,0 +1 @@
+DIST tpm2-openssl-1.1.1.tar.gz 415093 BLAKE2B 4f05b04ad059b9e5232bde2426102628927c71360cda5c3a1df02f951a8ecd6e1e036a6373ac5d7fc8209415874c52544eca3195e2361a165bc2c91f99ad85b1 SHA512 be4f114b21d15e6baeb7e756a787619d01f20171e86ebc42ea098c98d59ffd2ba648885b345b9d1a9dc3339199eaa6db8335f039587be338c1126e23349b8812
diff --git a/app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch
new file mode 100644
index 00000000..5a555462
--- /dev/null
+++ b/app-crypt/tpm2-openssl/files/tpm2-openssl-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch
@@ -0,0 +1,25 @@
+From 483030d85563e26a62e4baeac3b0fdca0e314199 Mon Sep 17 00:00:00 2001
+From: Petr Gotthard <petr.gotthard@advantech.cz>
+Date: Fri, 23 Dec 2022 10:46:40 +0100
+Subject: [PATCH] tests: include base provider required to load ecparam
+
+---
+ test/ec_genpkey_parameters.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/ec_genpkey_parameters.sh b/test/ec_genpkey_parameters.sh
+index 406b558..a4f68d7 100755
+--- a/test/ec_genpkey_parameters.sh
++++ b/test/ec_genpkey_parameters.sh
+@@ -6,7 +6,7 @@ set -eufx
+ openssl ecparam -name prime256v1 -out testparam.pem
+
+ # generate private key as PEM
+-openssl genpkey -provider tpm2 -paramfile testparam.pem -out testkey.pem
++openssl genpkey -provider tpm2 -provider base -paramfile testparam.pem -out testkey.pem
+
+ # display private key info
+ openssl ec -provider tpm2 -provider base -in testkey.pem -check -text -noout
+--
+2.39.2
+
diff --git a/app-crypt/tpm2-openssl/metadata.xml b/app-crypt/tpm2-openssl/metadata.xml
new file mode 100644
index 00000000..6e544914
--- /dev/null
+++ b/app-crypt/tpm2-openssl/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>salah.coronya@gmail.com</email>
+ <name>Christopher Byrne</name>
+ </maintainer>
+ <upstream>
+ <remote-id type="github">tpm2-software/tpm2-openssl</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild b/app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild
new file mode 100644
index 00000000..1033293f
--- /dev/null
+++ b/app-crypt/tpm2-openssl/tpm2-openssl-1.1.1.ebuild
@@ -0,0 +1,101 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DESCRIPTION="OpenSSL Provider for TPM2 integration"
+
+HOMEPAGE="https://github.com/tpm2-software/tpm2-openssl"
+SRC_URI="https://github.com/tpm2-software/tpm2-openssl/releases/download/${PV}/${P}.tar.gz"
+LICENSE="BSD"
+
+SLOT="0/${PV}"
+KEYWORDS="~amd64"
+IUSE="test"
+
+RDEPEND=">=app-crypt/tpm2-tss-3.2.0:=
+ =dev-libs/openssl-3.0*:0="
+
+DEPEND="${RDEPEND}
+ test? ( app-crypt/swtpm
+ app-crypt/tpm2-abrmd
+ app-crypt/tpm2-tools )"
+
+BDEPEND="sys-devel/autoconf-archive
+ virtual/pkgconfig"
+
+RESTRICT="!test? ( test )"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-1.1.1-tests-include-base-provider-required-to-load-ecparam.patch"
+ )
+
+dbus_run() {
+ (
+ # start isolated dbus session bus
+ dbus_data=$(dbus-launch --sh-syntax) || exit
+ eval "${dbus_data}"
+
+ $@
+ ret=${?}
+
+ kill "${DBUS_SESSION_BUS_PID}"
+ exit "${ret}"
+ ) || die
+}
+
+tpm2_run_with_emulator() {
+ export XDG_CONFIG_HOME="${T}/.config/swtpm"
+ "${BROOT}"/usr/share/swtpm/swtpm-create-user-config-files || die
+
+ mkdir -p "${XDG_CONFIG_HOME}/mytpm1" || die
+ swtpm_setup_args=(
+ --tpm2
+ --tpmstate "${XDG_CONFIG_HOME}/mytpm1"
+ --createek
+ --allow-signing
+ --decryption
+ --create-ek-cert
+ --create-platform-cert
+ --lock-nvram
+ --overwrite
+ --display
+ )
+ swtpm_setup "${swtpm_setup_args[@]}" || die
+
+ swtpm_socket_args=(
+ --tpm2
+ --tpmstate dir="${XDG_CONFIG_HOME}/mytpm1"
+ --flags startup-clear
+ --ctrl type=unixio,path="${XDG_CONFIG_HOME}/mytpm1/swtpm.socket.ctrl"
+ --server type=unixio,path="${XDG_CONFIG_HOME}/mytpm1/swtpm.socket"
+ --pid file="${XDG_CONFIG_HOME}/mytpm1/swtpm.pid"
+ --daemon
+ )
+ swtpm socket "${swtpm_socket_args[@]}" || die
+
+ tpm2_abrmd_args=(
+ --logger=stdout
+ --tcti=swtpm:path="${XDG_CONFIG_HOME}/mytpm1/swtpm.socket"
+ --session
+ --flush-all
+ )
+ tpm2-abrmd "${tpm2_abrmd_args[@]}" &
+
+ export TPM2OPENSSL_TCTI="tabrmd:bus_type=session"
+ export TPM2TOOLS_TCTI="tabrmd:bus_type=session"
+
+ $@ || die
+
+ # When swtpm dies, tmp2-abrmd will exit
+ kill $(< "${XDG_CONFIG_HOME}/mytpm1/swtpm.pid") || die
+}
+
+src_install() {
+ default
+ find "${ED}" -iname \*.la -delete || die
+}
+
+src_test() {
+ dbus_run tpm2_run_with_emulator make check
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-19 23:54:27 +0000