From 2116ee6b8d5ea228d739cb6aa6b917eeb948faf6 Mon Sep 17 00:00:00 2001 From: Alon Bar-Lev Date: Sun, 30 Dec 2018 21:03:07 +0200 Subject: [PATCH] app-crypt/tpm2-tss: initial add Closes: https://bugs.gentoo.org/show_bug.cgi?id=634298 Thanks: Alex Guzman Thanks: Sebastian Hamann Signed-off-by: Alon Bar-Lev Package-Manager: Portage-2.3.51, Repoman-2.3.11 --- app-crypt/tpm2-tss/Manifest | 1 + .../tpm2-tss/files/tpm2-tss-2.1.0-build.patch | 49 ++++++++++++++++ .../tpm2-tss/files/tpm2-tss-2.1.0-tests.patch | 30 ++++++++++ app-crypt/tpm2-tss/metadata.xml | 15 +++++ app-crypt/tpm2-tss/tpm2-tss-2.1.0.ebuild | 57 +++++++++++++++++++ 5 files changed, 152 insertions(+) create mode 100644 app-crypt/tpm2-tss/Manifest create mode 100644 app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-build.patch create mode 100644 app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-tests.patch create mode 100644 app-crypt/tpm2-tss/metadata.xml create mode 100644 app-crypt/tpm2-tss/tpm2-tss-2.1.0.ebuild diff --git a/app-crypt/tpm2-tss/Manifest b/app-crypt/tpm2-tss/Manifest new file mode 100644 index 0000000000000..50abb292c49ab --- /dev/null +++ b/app-crypt/tpm2-tss/Manifest @@ -0,0 +1 @@ +DIST tpm2-tss-2.1.0.tar.gz 922814 BLAKE2B 06baa6b817b99c0955a5190b0f90f8a0c55987eb06feb827cb950b69992ec1623367db488617722712ce9932ad8310c1b743af038ac77508106fb8f6f4409b1c SHA512 2aea80a4cb2be59a87de6eda74a2907a2832aa76c3c208f610172f4c5bd29133b24b0876286c40855a742d6068b8f843e32f6d995b0e51c2d1e0a752b92fff7c diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-build.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-build.patch new file mode 100644 index 0000000000000..930c173239ed7 --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-build.patch @@ -0,0 +1,49 @@ +Next version removes these using --disable-defaultflags + +--- + +diff --git a/configure.ac b/configure.ac +index c42b487f..f9118642 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -189,19 +189,6 @@ AM_CONDITIONAL([ENABLE_INTEGRATION],[test "x$enable_integration" = "xyes"]) + + gl_LD_VERSION_SCRIPT + +-AX_ADD_COMPILER_FLAG([-std=c99]) +-AX_ADD_COMPILER_FLAG([-Wall]) +-AX_ADD_COMPILER_FLAG([-Wextra]) +-AX_ADD_COMPILER_FLAG([-Wformat-security]) +-AX_ADD_COMPILER_FLAG([-Werror]) +-AX_ADD_COMPILER_FLAG([-fstack-protector-all]) +-AX_ADD_COMPILER_FLAG([-fpic]) +-AX_ADD_COMPILER_FLAG([-fPIC]) +- +-AX_ADD_PREPROC_FLAG([-D_DEFAULT_SOURCE]) +-AX_ADD_PREPROC_FLAG([-D_BSD_SOURCE]) +-AX_ADD_PREPROC_FLAG([-D_POSIX_SOURCE]) +- + AC_ARG_WITH([maxloglevel], + [AS_HELP_STRING([--with-maxloglevel={none,error,warning,info,debug,trace}], + [sets the maximum log level (default is trace)])], +@@ -227,20 +214,9 @@ AC_ARG_ENABLE([debug], + [enable_debug=$enableval], + [enable_debug=no]) + AS_IF([test "x$enable_debug" = "xyes"], AX_ADD_COMPILER_FLAG([-ggdb3 -Og])) +-AS_IF([test "x$enable_debug" = "xno"], [AX_ADD_PREPROC_FLAG([-U_FORTIFY_SOURCE]) +- AX_ADD_PREPROC_FLAG([-D_FORTIFY_SOURCE=2]) +- AX_ADD_COMPILER_FLAG([-g -O2])]) +-AX_ADD_LINK_FLAG([-Wl,--no-undefined]) +-AX_ADD_LINK_FLAG([-Wl,-z,noexecstack]) +-AX_ADD_LINK_FLAG([-Wl,-z,now]) +-AX_ADD_LINK_FLAG([-Wl,-z,relro]) + + AC_SUBST([PATH]) + +-# work around GCC bug #53119 +-# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53119 +-AX_ADD_COMPILER_FLAG([-Wno-missing-braces]) +- + dnl --------- Physical TPM device ----------------------- + + AC_ARG_WITH([ptpm], diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-tests.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-tests.patch new file mode 100644 index 0000000000000..d537c40e1a90e --- /dev/null +++ b/app-crypt/tpm2-tss/files/tpm2-tss-2.1.0-tests.patch @@ -0,0 +1,30 @@ +From 1ea85a32c0ae20a104badcec807b72ef458d356d Mon Sep 17 00:00:00 2001 +From: Andreas Fuchs +Date: Tue, 25 Sep 2018 09:35:33 +0200 +Subject: [PATCH] ESYS: Fix crypto_ossl return code + +Fix returncode and thus test of interal hmac_finish function. + +Fixes: #1157 + +Signed-off-by: Andreas Fuchs +--- + src/tss2-esys/esys_crypto_ossl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tss2-esys/esys_crypto_ossl.c b/src/tss2-esys/esys_crypto_ossl.c +index 43088f4a..91871de1 100644 +--- a/src/tss2-esys/esys_crypto_ossl.c ++++ b/src/tss2-esys/esys_crypto_ossl.c +@@ -448,7 +448,7 @@ iesys_cryptossl_hmac_finish(IESYS_CRYPTO_CONTEXT_BLOB ** context, + IESYS_CRYPTOSSL_CONTEXT *mycontext = + (IESYS_CRYPTOSSL_CONTEXT *) * context; + if (mycontext->type != IESYS_CRYPTOSSL_TYPE_HMAC) { +- return_error(TSS2_ESYS_RC_BAD_VALUE, "bad context"); ++ return_error(TSS2_ESYS_RC_BAD_REFERENCE, "bad context"); + } + + if (*size < mycontext->hmac.hmac_len) { +-- +2.19.2 + diff --git a/app-crypt/tpm2-tss/metadata.xml b/app-crypt/tpm2-tss/metadata.xml new file mode 100644 index 0000000000000..5176de72bd2fa --- /dev/null +++ b/app-crypt/tpm2-tss/metadata.xml @@ -0,0 +1,15 @@ + + + + + crypto@gentoo.org + Crypto + + + Use dev-libs/gcrypt as crypto engine + Use dev-libs/openssl as crypto engine + + + tpm2-software/tpm2-tss + + diff --git a/app-crypt/tpm2-tss/tpm2-tss-2.1.0.ebuild b/app-crypt/tpm2-tss/tpm2-tss-2.1.0.ebuild new file mode 100644 index 0000000000000..dea061ef89aec --- /dev/null +++ b/app-crypt/tpm2-tss/tpm2-tss-2.1.0.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools linux-info udev + +DESCRIPTION="TCG Trusted Platform Module 2.0 Software Stack" +HOMEPAGE="https://github.com/tpm2-software/tpm2-tss" +SRC_URI="https://github.com/tpm2-software/${PN}/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD-2" +SLOT="0/0" # sublot is libtss2-sys number +KEYWORDS="~amd64" +IUSE="doc +gcrypt libressl openssl static-libs test" + +REQUIRED_USE=" + gcrypt? ( !openssl ) + openssl? ( !gcrypt ) + || ( gcrypt openssl )" + +RDEPEND="gcrypt? ( dev-libs/libgcrypt:0= ) + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= )" +DEPEND="${DEPEND} + test? ( dev-util/cmocka )" +BDEPEND="virtual/pkgconfig + doc? ( app-doc/doxygen )" + +PATCHES=( + "${FILESDIR}/${P}-build.patch" + "${FILESDIR}/${P}-tests.patch" +) + +pkg_setup() { + local CONFIG_CHECK=" \ + ~TCG_TPM + " + linux-info_pkg_setup + kernel_is ge 4 12 0 || ewarn "At least kernel 4.12.0 is required" +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + # next version add --disable-defaultflags + econf \ + $(use_enable doc doxygen-doc) \ + $(use_enable static-libs static) \ + $(use_enable test unit) \ + --with-crypto="$(usex gcrypt gcrypt ossl)" \ + --with-udevrulesdir="$(get_udevdir)/rules.d" \ + --with-udevrulesprefix=60- +}