NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2e07eaa7c0
kumquat-buildroot/package/tpm2-tss/Config.in
Carlos Santos b122623145 package/tpm2-tss: force libopenssl as openssl provider 
Select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL and drop the patch to
compile with libressl.

The discussion with the tpm2-tss developers led to the conclusion that
libressl lacks some required functionalities. Quoting Andreas Fuchs[1]:
"LibreSSL does not support OAEP-mode with labels at all, even though the
internal OAEP-padding-function includes the parameters already. [...]
Further, the internal OAEP-padding-function does not support variable
hash algs, but staticly uses SHA1."

Notice that there will NOT be an option to use libgcrypt. OpenSSL will
soon become the default ESAPI crypto backend to prevent the problem of
forcing applications to link against both libgcrypt and libssl[2].

1. https://github.com/tpm2-software/tpm2-tss/pull/1207#issuecomment-440217659
2. https://github.com/tpm2-software/tpm2-tss/issues/1169

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-24 15:08:39 +01:00

38 lines
1.6 KiB
Plaintext
Raw Blame History

config BR2_PACKAGE_TPM2_TSS
bool "tpm2-tss"
depends on !BR2_STATIC_LIBS # dlfcn.h
select BR2_PACKAGE_LIBURIPARSER
select BR2_PACKAGE_OPENSSL
select BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL
help
OSS implementation of the Trusted Computing Group's (TCG) TPM2
Software Stack (TSS). This stack consists of the following
layers from top to bottom:
* System API (SAPI) as described in the system level API and
TPM command transmission interface specification. This API
is a 1-to-1 mapping of the TPM2 commands documented in Part
3 of the TPM2 specification. Additionally there are
asynchronous versions of each command. These asynchronous
variants may be useful for integration into event-driven
programming environments. Both the synchronous and
asynchronous API are exposed through a single library:
libsapi.
* TPM Command Transmission Interface (TCTI) that is described
in the same specification. This API provides a standard
interface to transmit / receive TPM command / response
buffers. It is expected that any number of libraries
implementing the TCTI API will be implemented as a way to
abstract various platform specific IPC mechanisms. Currently
this repository provides two TCTI implementations:
libtcti-device and libtcti-socket. The prior should be used
for direct access to the TPM through the Linux kernel
driver. The later implements the protocol exposed by the
Microsoft software TPM2 simulator.
https://github.com/tpm2-software/tpm2-tss
comment "tpm2-tss needs a toolchain w/ dynamic library"
depends on BR2_STATIC_LIBS
Reference in New Issue View Git Blame Copy Permalink