From patchwork Fri Feb  2 15:56:13 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Carlos Santos <casantos@datacom.ind.br>
X-Patchwork-Id: 868655
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=busybox.net
	(client-ip=140.211.166.133; helo=hemlock.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3zY1pB6DLVz9sRV
	for <incoming@patchwork.ozlabs.org>;
	Sat,  3 Feb 2018 02:57:22 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id 491A38A007;
	Fri,  2 Feb 2018 15:57:14 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id snbzsiSD0PJP; Fri,  2 Feb 2018 15:57:10 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by hemlock.osuosl.org (Postfix) with ESMTP id 41A258A029;
	Fri,  2 Feb 2018 15:57:10 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	by ash.osuosl.org (Postfix) with ESMTP id 967631CEF86
	for <buildroot@lists.busybox.net>;
	Fri,  2 Feb 2018 15:57:05 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id 929DF30596
	for <buildroot@lists.busybox.net>;
	Fri,  2 Feb 2018 15:57:05 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id K47KGJVRX19v for <buildroot@lists.busybox.net>;
	Fri,  2 Feb 2018 15:57:03 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail.datacom.ind.br (mx.datacom.ind.br [177.66.5.10])
	by silver.osuosl.org (Postfix) with ESMTPS id 75D1030535
	for <buildroot@buildroot.org>; Fri,  2 Feb 2018 15:57:03 +0000 (UTC)
Received: from mail.datacom.ind.br (localhost [127.0.0.1])
	by mail.datacom.ind.br (Postfix) with ESMTPS id B095B16C7410
	for <buildroot@buildroot.org>; Fri,  2 Feb 2018 13:57:00 -0200 (-02)
Received: from localhost (localhost [127.0.0.1])
	by mail.datacom.ind.br (Postfix) with ESMTP id A242C16C7527
	for <buildroot@buildroot.org>; Fri,  2 Feb 2018 13:57:00 -0200 (-02)
Received: from mail.datacom.ind.br ([127.0.0.1])
	by localhost (mail.datacom.ind.br [127.0.0.1]) (amavisd-new,
	port 10026)
	with ESMTP id UGA_IEOKmc3N for <buildroot@buildroot.org>;
	Fri,  2 Feb 2018 13:57:00 -0200 (-02)
Received: from pedeld202344.datacom.net (pedeld202344.datacom.net
	[10.0.120.87])
	by mail.datacom.ind.br (Postfix) with ESMTPSA id 83F4216C7410
	for <buildroot@buildroot.org>; Fri,  2 Feb 2018 13:57:00 -0200 (-02)
From: Carlos Santos <casantos@datacom.ind.br>
To: buildroot@buildroot.org
Date: Fri,  2 Feb 2018 13:56:13 -0200
Message-Id: <20180202155614.26938-4-casantos@datacom.ind.br>
X-Mailer: git-send-email 2.14.3
In-Reply-To: <20180202155614.26938-1-casantos@datacom.ind.br>
References: <20180202155614.26938-1-casantos@datacom.ind.br>
Subject: [Buildroot] [PATCH 3/4] tpm2-tools: new package
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.24
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

TPM (Trusted Platform Module) 2.0 CLI tools based on system API of
TPM2-TSS. These tools can be used to manage keys, perform
encryption/decryption/signing/etc crypto operations, and manage
non-volatile storage through a TPM2.0 HW implementation.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
---
 package/Config.in                                  |  1 +
 .../tpm2-tools/0001-Fix-build-with-LibreSSL.patch  | 64 ++++++++++++++++++++++
 package/tpm2-tools/Config.in                       | 17 ++++++
 package/tpm2-tools/tpm2-tools.hash                 |  3 +
 package/tpm2-tools/tpm2-tools.mk                   | 13 +++++
 5 files changed, 98 insertions(+)
 create mode 100644 package/tpm2-tools/0001-Fix-build-with-LibreSSL.patch
 create mode 100644 package/tpm2-tools/Config.in
 create mode 100644 package/tpm2-tools/tpm2-tools.hash
 create mode 100644 package/tpm2-tools/tpm2-tools.mk

diff --git a/package/Config.in b/package/Config.in
index c078d14688..8be3a7c73b 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1997,6 +1997,7 @@ menu "System tools"
 	source "package/tar/Config.in"
 	source "package/tpm-tools/Config.in"
 	source "package/tpm2-abrmd/Config.in"
+	source "package/tpm2-tools/Config.in"
 	source "package/unscd/Config.in"
 	source "package/util-linux/Config.in"
 	source "package/xen/Config.in"
diff --git a/package/tpm2-tools/0001-Fix-build-with-LibreSSL.patch b/package/tpm2-tools/0001-Fix-build-with-LibreSSL.patch
new file mode 100644
index 0000000000..0fdd2dc4dd
--- /dev/null
+++ b/package/tpm2-tools/0001-Fix-build-with-LibreSSL.patch
@@ -0,0 +1,64 @@
+From 7f8d9359dcf9edbb13bb447f70234397afa4fb05 Mon Sep 17 00:00:00 2001
+From: Carlos Santos <casantos@datacom.ind.br>
+Date: Tue, 30 Jan 2018 11:21:14 -0200
+Subject: [PATCH] Fix build with LibreSSL
+
+OPENSSL_VERSION_NUMBER is used to test the version of OpenSSL but this
+test alone breaks the build with LibreSSL due to implicit declarations
+of functions 'RSA_set0_key' and 'HMAC_CTX_free'.
+
+Test if OpenSSL < 1.1.0 or LIBRESSL_VERSION_NUMBER is defined, instead.
+
+Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
+---
+ lib/conversion.c | 2 +-
+ lib/tpm_kdfa.c   | 6 +++---
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/lib/conversion.c b/lib/conversion.c
+index 1d0a0b7..df02de4 100644
+--- a/lib/conversion.c
++++ b/lib/conversion.c
+@@ -133,7 +133,7 @@ static bool tpm2_convert_pubkey_ssl(TPMT_PUBLIC *public, pubkey_format format, c
+         goto error;
+     }
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL /* OpenSSL 1.1.0 */
++#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.0 */
+     ssl_rsa_key->e = e;
+     ssl_rsa_key->n = n;
+ #else
+diff --git a/lib/tpm_kdfa.c b/lib/tpm_kdfa.c
+index ee3cf8a..e43bdeb 100644
+--- a/lib/tpm_kdfa.c
++++ b/lib/tpm_kdfa.c
+@@ -54,7 +54,7 @@ static const EVP_MD *tpm_algorithm_to_openssl_digest(TPMI_ALG_HASH algorithm) {
+ static HMAC_CTX *hmac_alloc()
+ {
+     HMAC_CTX *ctx;
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL /* OpenSSL 1.1.0 */
++#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER) /* OpenSSL 1.1.0 */
+     ctx = malloc(sizeof(*ctx));
+ #else
+     ctx = HMAC_CTX_new();
+@@ -62,7 +62,7 @@ static HMAC_CTX *hmac_alloc()
+     if (!ctx)
+         return NULL;
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL
++#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER)
+     HMAC_CTX_init(ctx);
+ #endif
+ 
+@@ -71,7 +71,7 @@ static HMAC_CTX *hmac_alloc()
+ 
+ static void hmac_del(HMAC_CTX *ctx)
+ {
+-#if OPENSSL_VERSION_NUMBER < 0x1010000fL
++#if OPENSSL_VERSION_NUMBER < 0x1010000fL || defined(LIBRESSL_VERSION_NUMBER)
+     HMAC_CTX_cleanup(ctx);
+     free(ctx);
+ #else
+-- 
+2.14.3
+
diff --git a/package/tpm2-tools/Config.in b/package/tpm2-tools/Config.in
new file mode 100644
index 0000000000..583fb33076
--- /dev/null
+++ b/package/tpm2-tools/Config.in
@@ -0,0 +1,17 @@
+config BR2_PACKAGE_TPM2_TOOLS
+	bool "tpm2-tools"
+	depends on BR2_i386 || BR2_x86_64
+	select BR2_PACKAGE_DBUS
+	select BR2_PACKAGE_LIBCURL
+	select BR2_PACKAGE_LIBGLIB2
+	select BR2_PACKAGE_OPENSSL
+	select BR2_PACKAGE_TPM2_ABRMD # run-time
+	select BR2_PACKAGE_TPM2_TSS
+	help
+	  TPM (Trusted Platform Module) 2.0 CLI tools based on system
+	  API of TPM2-TSS. These tools can be used to manage keys,
+	  perform encryption/decryption/signing/etc crypto operations,
+	  and manage non-volatile storage through a TPM2.0 HW
+	  implementation.
+
+	  https://github.com/tpm2-software/tpm2-tools
diff --git a/package/tpm2-tools/tpm2-tools.hash b/package/tpm2-tools/tpm2-tools.hash
new file mode 100644
index 0000000000..e33b3e5945
--- /dev/null
+++ b/package/tpm2-tools/tpm2-tools.hash
@@ -0,0 +1,3 @@
+# Locally computed:
+sha256 c990c0656165afef0fad61e1852a9a189a4b93b43d2a684b151a5dc0b3c6249d  tpm2-tools-3.0.3.tar.gz
+sha256 3d6b149c8b042bd5f3db678d587fbe55230d071ca084bd38dcae451679c6dd45  LICENSE
diff --git a/package/tpm2-tools/tpm2-tools.mk b/package/tpm2-tools/tpm2-tools.mk
new file mode 100644
index 0000000000..0697900d2d
--- /dev/null
+++ b/package/tpm2-tools/tpm2-tools.mk
@@ -0,0 +1,13 @@
+################################################################################
+#
+# tpm2-tools
+#
+################################################################################
+
+TPM2_TOOLS_VERSION = 3.0.3
+TPM2_TOOLS_SITE = https://github.com/tpm2-software/tpm2-tools/releases/download/$(TPM2_TOOLS_VERSION)
+TPM2_TOOLS_LICENSE = BSD-2-Clause
+TPM2_TOOLS_LICENSE_FILES = LICENSE
+TPM2_TOOLS_DEPENDENCIES = dbus libcurl libglib2 openssl tpm2-tss host-pkgconf
+
+$(eval $(autotools-package))