meta-security: subtree update:a85fbe980e..c20b35b527
Anton Antonov (1):
Parsec service. Update PACKAGECONFIG definitions and README.md
Armin Kuster (20):
python3-fail2ban: fix build failure and cleanup
meta-parsec/README: remove rust layer req.
opendnssec: blacklist do to ldns being blacklisted
apparmor: Add a python 3.10 compatability patch
tpm2-tools: update to 5.2
openssl-tpm-engine: fix build issue with openssl 3
tpm2-openssl: add new pkg
tpm2-pkcs11: update to 1.7.0
recipes: Update SRC_URI branch and protocols
sssd: Create /var/log/sssd in runtime
bastille: Create /var/log/Bastille in runtime
python3-fail2ban: remove /run
tpm2-pkcs11: update to 1.7.0
libest: does not build with openssl 3.x
clamav: fix useradd warning
python3-fail2ban: update to tip
tpm2-pkcs11: backport openssl 3.x build fixes
packagegroup-security-tpm2: drop ibmswtpm2
meta-integrity: drop strongswan bbappends
meta-tpm: drop strongswan bbappends
Kai Kang (2):
sssd: re-package to fix QA issues
apparmor: fix warning of remove operator combined with +=
Kristian Klausen (2):
swtpm: update to 0.6.1
dm-verity-img.bbclass: Fix wrong override syntax for CONVERSION_DEPENDS
Liwei Song (1):
recipes-security/chipsec: platform security assessment framework
Stefan Mueller-Klieser (1):
tpm2-tss: fix fapi package config
Yi Zhao (2):
openssl-tpm-engine: fix warning for append operator combined with +=
meta-parsec/README.md: fix for append operator combined with +=
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Change-Id: I2156e47cf3f4f45daa2b60a73e3b46be3b6a86c0
diff --git a/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.7.0.bb b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.7.0.bb
new file mode 100644
index 0000000..3a0917a
--- /dev/null
+++ b/meta-security/meta-tpm/recipes-tpm2/tpm2-pkcs11/tpm2-pkcs11_1.7.0.bb
@@ -0,0 +1,56 @@
+SUMMARY = "A PKCS#11 interface for TPM2 hardware"
+DESCRIPTION = "PKCS #11 is a Public-Key Cryptography Standard that defines a standard method to access cryptographic services from tokens/ devices such as hardware security modules (HSM), smart cards, etc. In this project we intend to use a TPM2 device as the cryptographic token."
+SECTION = "security/tpm"
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=0fc19f620a102768d6dbd1e7166e78ab"
+
+DEPENDS = "autoconf-archive pkgconfig dstat sqlite3 openssl libtss2-dev tpm2-tools libyaml p11-kit python3-setuptools-native"
+
+SRC_URI = "git://github.com/tpm2-software/tpm2-pkcs11.git;branch=master;protocol=https \
+ file://bootstrap_fixup.patch \
+ file://0001-remove-local-binary-checkes.patch \
+ file://0001-ssl-compile-against-OSSL-3.0.patch \
+ file://0002-ossl-require-version-1.1.0-or-greater.patch \
+ "
+
+SRCREV = "11fd2532ce10e97834a57dfb25bff6c613a5a851"
+
+S = "${WORKDIR}/git"
+
+inherit autotools-brokensep pkgconfig python3native
+
+do_configure:prepend () {
+ ${S}/bootstrap
+}
+
+do_compile:append() {
+ cd ${S}/tools
+ python3 setup.py build
+}
+
+do_install:append() {
+ install -d ${D}${libdir}/pkcs11
+ install -d ${D}${datadir}/p11-kit
+ rm -f ${D}${libdir}/pkcs11/libtpm2_pkcs11.so
+
+ cd ${S}/tools
+ export PYTHONPATH="${D}${PYTHON_SITEPACKAGES_DIR}"
+ ${PYTHON_PN} setup.py install --root="${D}" --prefix="${prefix}" --install-lib="${PYTHON_SITEPACKAGES_DIR}" --optimize=1 --skip-build
+
+ sed -i -e "s:${PYTHON}:${USRBINPATH}/env ${PYTHON_PN}:g" "${D}${bindir}"/tpm2_ptool
+}
+
+PACKAGES =+ "${PN}-tools"
+
+FILES:${PN}-tools = "\
+ ${bindir}/tpm2_ptool \
+ ${libdir}/${PYTHON_DIR}/* \
+ "
+
+FILES:${PN} += "\
+ ${libdir}/pkcs11/* \
+ ${datadir}/p11-kit/* \
+ "
+
+RDEPNDS_${PN} = "tpm2-tools"
+RDEPENDS:${PN}-tools += "${PYTHON_PN}-setuptools ${PYTHON_PN}-pyyaml ${PYTHON_PN}-cryptography ${PYTHON_PN}-pyasn1-modules"