tpm2-tools: new package

TPM (Trusted Platform Module) 2.0 CLI tools based on system API of TPM2-TSS. These tools can be used to manage keys, perform encryption/decryption/signing/etc crypto operations, and manage non-volatile storage through a TPM2.0 HW implementation. Signed-off-by: Carlos Santos <casantos@datacom.ind.br> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-15 09:56:01 -03:00 · 2018-03-15 09:56:01 -03:00 · 3a10ff5127
commit 3a10ff5127
parent dab335d901
5 changed files with 97 additions and 0 deletions
--- a/package/Config.in
+++ b/package/Config.in
@ -2013,6 +2013,7 @@ menu "System tools"
 	source "package/tar/Config.in"
 	source "package/tpm-tools/Config.in"
 	source "package/tpm2-abrmd/Config.in"
+	source "package/tpm2-tools/Config.in"
 	source "package/unscd/Config.in"
 	source "package/util-linux/Config.in"
 	source "package/xen/Config.in"
--- a/package/tpm2-tools/0001-Fix-build-with-LibreSSL.patch
+++ b/package/tpm2-tools/0001-Fix-build-with-LibreSSL.patch
@ -0,0 +1,64 @@
+From 7f8d9359dcf9edbb13bb447f70234397afa4fb05 Mon Sep 17 00:00:00 2001
+From: Carlos Santos <casantos@datacom.ind.br>
+Date: Tue, 30 Jan 2018 11:21:14 -0200
+Subject: [PATCH] Fix build with LibreSSL
+
+OPENSSL_VERSION_NUMBER is used to test the version of OpenSSL but this
+test alone breaks the build with LibreSSL due to implicit declarations
+of functions 'RSA_set0_key' and 'HMAC_CTX_free'.
+
+Test if OpenSSL < 1.1.0 or LIBRESSL_VERSION_NUMBER is defined, instead.
+
+Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
+---
+ lib/conversion.c | 2 +-
+ lib/tpm_kdfa.c   | 6 +++---
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib/conversion.c b/lib/conversion.c
+index 1d0a0b7..df02de4 100644
+--- a/lib/conversion.c
+++ b/lib/conversion.c
+@@ -133,7 +133,7 @@ static bool tpm2_convert_pubkey_ssl(TPMT_PUBLIC *public, pubkey_format format, c
+         goto error;
+     }
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL /* OpenSSL 1.1.0 */
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.0 */
+     ssl_rsa_key->e = e;
+     ssl_rsa_key->n = n;
+ #else
+diff --git a/lib/tpm_kdfa.c b/lib/tpm_kdfa.c
+index ee3cf8a..e43bdeb 100644
+--- a/lib/tpm_kdfa.c
+++ b/lib/tpm_kdfa.c
+@@ -54,7 +54,7 @@ static const EVP_MD *tpm_algorithm_to_openssl_digest(TPMI_ALG_HASH algorithm) {
+ static HMAC_CTX *hmac_alloc()
+ {
+     HMAC_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL /* OpenSSL 1.1.0 */
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.0 */
+     ctx = malloc(sizeof(*ctx));
+ #else
+     ctx = HMAC_CTX_new();
+@@ -62,7 +62,7 @@ static HMAC_CTX *hmac_alloc()
+     if (!ctx)
+         return NULL;
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER)
+     HMAC_CTX_init(ctx);
+ #endif
+ 
+@@ -71,7 +71,7 @@ static HMAC_CTX *hmac_alloc()
+ 
+ static void hmac_del(HMAC_CTX *ctx)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL
+#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER)
+     HMAC_CTX_cleanup(ctx);
+     free(ctx);
+ #else
+-- 
+2.14.3
+
--- a/package/tpm2-tools/Config.in
+++ b/package/tpm2-tools/Config.in
@ -0,0 +1,16 @@
+config BR2_PACKAGE_TPM2_TOOLS
+	bool "tpm2-tools"
+	select BR2_PACKAGE_DBUS
+	select BR2_PACKAGE_LIBCURL
+	select BR2_PACKAGE_LIBGLIB2
+	select BR2_PACKAGE_OPENSSL
+	select BR2_PACKAGE_TPM2_ABRMD # run-time
+	select BR2_PACKAGE_TPM2_TSS
+	help
+	  TPM (Trusted Platform Module) 2.0 CLI tools based on system
+	  API of TPM2-TSS. These tools can be used to manage keys,
+	  perform encryption/decryption/signing/etc crypto operations,
+	  and manage non-volatile storage through a TPM2.0 HW
+	  implementation.
+
+	  https://github.com/tpm2-software/tpm2-tools
--- a/package/tpm2-tools/tpm2-tools.hash
+++ b/package/tpm2-tools/tpm2-tools.hash
@ -0,0 +1,3 @@
+# Locally computed:
+sha256 c990c0656165afef0fad61e1852a9a189a4b93b43d2a684b151a5dc0b3c6249d  tpm2-tools-3.0.3.tar.gz
+sha256 3d6b149c8b042bd5f3db678d587fbe55230d071ca084bd38dcae451679c6dd45  LICENSE
--- a/package/tpm2-tools/tpm2-tools.mk
+++ b/package/tpm2-tools/tpm2-tools.mk
@ -0,0 +1,13 @@
+################################################################################
+#
+# tpm2-tools
+#
+################################################################################
+
+TPM2_TOOLS_VERSION = 3.0.3
+TPM2_TOOLS_SITE = https://github.com/tpm2-software/tpm2-tools/releases/download/$(TPM2_TOOLS_VERSION)
+TPM2_TOOLS_LICENSE = BSD-2-Clause
+TPM2_TOOLS_LICENSE_FILES = LICENSE
+TPM2_TOOLS_DEPENDENCIES = dbus libcurl libglib2 openssl tpm2-tss host-pkgconf
+
+$(eval $(autotools-package))