From nobody Fri Nov 04 11:05:22 2022
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4N3d830XCMz4hjv3;
	Fri,  4 Nov 2022 11:05:23 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4N3d826rzdz3lSq;
	Fri,  4 Nov 2022 11:05:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1667559923;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=10+cJr1h9ttZ04rIgJUNMr78Awjq/c9aaCSo8hHeVxI=;
	b=LuEbWM8Sv9GWfqw8toAVx7S5VN/2YOg/Cze98GLATn7ZTyM7DnpVof59aRWFrcnSnsx3dy
	myNrRbWzY3Pi33UBQ260tcxrf0p49jkAS3928jgmQ+UU6C4V9AqHujXWsWkaSj0r22wcXz
	CYoehfiRlKU+nP33jw2fCJC2POMI39pKxanBnaikRxfcCMRJWr3iiQDl2RwQTiZ4JKgjvv
	sqlTD5Nn6kiQ7wizRpIGIrlGaTZ3sncu6VsHUInD1mgD0a0xQVov4oPqxugQhlZTql5nKe
	2BU3q0lFJAfcfXmqKE9oah0JYFVU1nq9AaDU81ExfAY0e7KT0BMqKtqNm/+88A==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4N3d825wV4z1DcM;
	Fri,  4 Nov 2022 11:05:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2A4B5MWB028737;
	Fri, 4 Nov 2022 11:05:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2A4B5MOC028736;
	Fri, 4 Nov 2022 11:05:22 GMT
	(envelope-from git)
Date: Fri, 4 Nov 2022 11:05:22 GMT
Message-Id: <202211041105.2A4B5MOC028736@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Mateusz Piotrowski <0mp@FreeBSD.org>
Subject: git: 01e03aed2f7d - main - security/tpm-quote-tools: Add new port
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-all@freebsd.org
X-BeenThere: dev-commits-ports-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: 0mp
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 01e03aed2f7d021e57c72563c9113249b6ed6456
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1667559923;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=10+cJr1h9ttZ04rIgJUNMr78Awjq/c9aaCSo8hHeVxI=;
	b=QaV28tD3ctHnH14HrZ9BUf4R7J8dUfZznroakxtRzdp7jAVojfCgvFxLckwqtlSCaDkIGG
	x1kOy6CeHmM1B1vhmWkkw0MomLcE3DvMBM6H9hxWvTRSJ7smucqimbyCmWnqPjx8zFAtYb
	WA03showtDgz00QlPH6Ix6Qq9wpMw57x6x0xMaUO9o/c0LJmXeyEDm4TVWQJ8G43APeZ1k
	zJWerIwdJT7LJS2FF/ks2dLhvRgC0lM25W+bjI50+tYd41uwPhXlcBY1xcbEjzKoL7n7A/
	XY1dGRPn0lGAvQ5oiXAJ+p/gTOYNUHaz541M7jFbkEFo6W63FOecZ7wl4uTrfQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1667559923; a=rsa-sha256; cv=none;
	b=KCjaiNxmj4FqsO7+lwKBTXvBdsMXYNc8m1SBcAOBTHLF7Cd1EZLQQxGbp8ICmHe8uRn4nX
	mld5tNvZxV52gKsRS36OriFDOKCVv+yEhVENvUlhEQhdheQDbuSmD2mPgf93neftIRNhdh
	sRauijCMCkTjoa7zUU24gS1z3s27vqNqwS9h3Yzek0idzWOEPKvrOAEmeE9t2YjuthbuGl
	or+FFAJJ8Us//4Y6hM3MexubxoeSLNC6iakNuJ0xX1ioHEA7I1sMgeAh+1SGrlCEHsq+k7
	4J7X0eD6mSewQ/cfZsdO+JoNmpVomfrln8mmsQNHs36k4AOb1hlg9CfEkNiHow==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by 0mp:

URL: https://cgit.FreeBSD.org/ports/commit/?id=01e03aed2f7d021e57c72563c9113249b6ed6456

commit 01e03aed2f7d021e57c72563c9113249b6ed6456
Author:     Mateusz Piotrowski <0mp@FreeBSD.org>
AuthorDate: 2022-11-03 13:26:29 +0000
Commit:     Mateusz Piotrowski <0mp@FreeBSD.org>
CommitDate: 2022-11-04 11:05:08 +0000

    security/tpm-quote-tools: Add new port
    
    The TPM Quote Tools is a collection of programs that provide support
    for TPM based attestation using the TPM quote mechanism. The manual
    page for tpm_quote_tools provides a usage overview. The manangement
    tools are only used to take ownership of a TPM.
    
    The additional patches[1] in files/ come from AUR and were authored by
    Michael Niewöhner. The patches were incomplete according to grawity[2].
    I've incorporated grawity's feedback into our patches so that the -y
    flag is recognized by a call to getopt().
    
    [1]: https://aur.archlinux.org/cgit/aur.git/plain/0001-Differentiate-between-owner-and-srk-well-known-passs.patch?h=tpm-quote-tools
    [2]: https://aur.archlinux.org/packages/tpm-quote-tools#comment-684239
    
    Sponsored by:   Klara, Inc.
---
 security/Makefile                                 |  1 +
 security/tpm-quote-tools/Makefile                 | 19 +++++++++
 security/tpm-quote-tools/distinfo                 |  5 +++
 security/tpm-quote-tools/files/patch-tpm__mkaik.8 | 24 +++++++++++
 security/tpm-quote-tools/files/patch-tpm__mkaik.c | 51 +++++++++++++++++++++++
 security/tpm-quote-tools/pkg-descr                |  5 +++
 security/tpm-quote-tools/pkg-plist                | 17 ++++++++
 7 files changed, 122 insertions(+)

diff --git a/security/Makefile b/security/Makefile
index 581657e300b3..0ffcd131c72d 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1253,6 +1253,7 @@
     SUBDIR += tor
     SUBDIR += tor-devel
     SUBDIR += totp-cli
+    SUBDIR += tpm-quote-tools
     SUBDIR += tpm-tools
     SUBDIR += tpm2-abrmd
     SUBDIR += tpm2-tools
diff --git a/security/tpm-quote-tools/Makefile b/security/tpm-quote-tools/Makefile
new file mode 100644
index 000000000000..3abb52ca7958
--- /dev/null
+++ b/security/tpm-quote-tools/Makefile
@@ -0,0 +1,19 @@
+PORTNAME=	tpm-quote-tools
+DISTVERSION=	1.0.4
+CATEGORIES=	security
+MASTER_SITES=	SF/tpmquotetools/${PORTVERSION}
+
+MAINTAINER=	0mp@FreeBSD.org
+COMMENT=	Tools for TPM-based remote attestation using the TPM quote operation
+WWW=		https://sourceforge.net/projects/tpmquotetools/
+
+LICENSE=	BSD3CLAUSE
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+LIB_DEPENDS=	libtspi.so:security/trousers
+
+USES=		iconv localbase:ldflags ssl
+
+GNU_CONFIGURE=	YES
+
+.include <bsd.port.mk>
diff --git a/security/tpm-quote-tools/distinfo b/security/tpm-quote-tools/distinfo
new file mode 100644
index 000000000000..d9ff6303af99
--- /dev/null
+++ b/security/tpm-quote-tools/distinfo
@@ -0,0 +1,5 @@
+TIMESTAMP = 1667481591
+SHA256 (tpm-quote-tools-1.0.4.tar.gz) = 10dc4eade02635557a9496b388360844cd18e7864e2eb882f5e45ab2fa405ae2
+SIZE (tpm-quote-tools-1.0.4.tar.gz) = 188806
+SHA256 (0001-Differentiate-between-owner-and-srk-well-known-passs.patch?h=tpm-quote-tools) = 32f814b8d22c409d3543c34e4199f21152a30f3410162ef6c91f6a713641f19d
+SIZE (0001-Differentiate-between-owner-and-srk-well-known-passs.patch?h=tpm-quote-tools) = 2803
diff --git a/security/tpm-quote-tools/files/patch-tpm__mkaik.8 b/security/tpm-quote-tools/files/patch-tpm__mkaik.8
new file mode 100644
index 000000000000..15f0683bd61d
--- /dev/null
+++ b/security/tpm-quote-tools/files/patch-tpm__mkaik.8
@@ -0,0 +1,24 @@
+--- tpm_mkaik.8.orig	2017-01-18 17:10:09 UTC
++++ tpm_mkaik.8
+@@ -3,7 +3,7 @@ tpm_mkaik \- make a TPM Attestation Identity Key
+ tpm_mkaik \- make a TPM Attestation Identity Key
+ .SH SYNOPSIS
+ .B tpm_mkaik
+-.RB [ \-zuhv ]
++.RB [ \-yzuhv ]
+ .RI BLOB-FILE
+ .RI PUBKEY-FILE
+ .br
+@@ -16,8 +16,11 @@ The public key is DER encoded.
+ .RI PUBKEY-FILE.
+ The public key is DER encoded.
+ .TP
+-.RB \-z
++.RB \-y
+ Use the well known secret used as the owner secret.
++.TP
++.RB \-z
++Use the well known secret used as the SRK secret.
+ .TP
+ .RB \-u
+ Use TSS UNICODE encoding for passwords.
diff --git a/security/tpm-quote-tools/files/patch-tpm__mkaik.c b/security/tpm-quote-tools/files/patch-tpm__mkaik.c
new file mode 100644
index 000000000000..2da26581ec93
--- /dev/null
+++ b/security/tpm-quote-tools/files/patch-tpm__mkaik.c
@@ -0,0 +1,51 @@
+--- tpm_mkaik.c.orig	2017-05-26 13:25:17 UTC
++++ tpm_mkaik.c
+@@ -102,7 +102,8 @@ static int usage(const char *prog)
+   const char text[] =
+     "Usage: %s [options] blob pubkey\n"
+     "Options:\n"
+-    "\t-z   Use well known secret used as owner secret\n"
++    "\t-y   Use well known secret used as owner secret\n"
++    "\t-z   Use well known secret used as SRK secret\n"
+     "\t-u   Use TSS UNICODE encoding for passwords\n"
+     "\t-h   Display command usage info\n"
+     "\t-v   Display command version info\n"
+@@ -115,13 +116,17 @@ int main (int argc, char **argv)
+ 
+ int main (int argc, char **argv)
+ {
+-  int well_known = 0;
++  int well_known_srk = 0;
++  int well_known_owner = 0;
+   int utf16le = 0;
+   int opt;
+-  while ((opt = getopt(argc, argv, "zuhv")) != -1) {
++  while ((opt = getopt(argc, argv, "yzuhv")) != -1) {
+     switch (opt) {
++    case 'y':
++      well_known_owner = 1;
++      break;
+     case 'z':
+-      well_known = 1;
++      well_known_srk = 1;
+       break;
+     case 'u':
+       utf16le = 1;
+@@ -173,7 +178,7 @@ int main (int argc, char **argv)
+   if (rc != TSS_SUCCESS)
+     return tidy(hContext, tss_err(rc, "getting SRK policy"));
+ 
+-  rc = setSecret("Enter SRK password: ", hContext, hSrkPolicy, well_known, utf16le);
++  rc = setSecret("Enter SRK password: ", hContext, hSrkPolicy, well_known_srk, utf16le);
+   if (rc != TSS_SUCCESS)
+     return tidy(hContext, tss_err(rc, "setting SRK secret"));
+ 
+@@ -193,7 +198,7 @@ int main (int argc, char **argv)
+   if (rc != TSS_SUCCESS)
+     return tidy(hContext, tss_err(rc, "assigning TPM policy"));
+ 
+-  rc = setSecret("Enter owner password: ", hContext, hTPMPolicy, well_known, utf16le);
++  rc = setSecret("Enter owner password: ", hContext, hTPMPolicy, well_known_owner, utf16le);
+   if (rc != TSS_SUCCESS)
+     return tidy(hContext, tss_err(rc, "setting TPM policy secret"));
+ 
diff --git a/security/tpm-quote-tools/pkg-descr b/security/tpm-quote-tools/pkg-descr
new file mode 100644
index 000000000000..affeb9e0e71e
--- /dev/null
+++ b/security/tpm-quote-tools/pkg-descr
@@ -0,0 +1,5 @@
+The TPM Quote Tools is a collection of programs that provide support
+for TPM based attestation using the TPM quote mechanism.  The manual
+page for tpm_quote_tools provides a usage overview.
+
+The management tools are only used to take ownership of a TPM.
diff --git a/security/tpm-quote-tools/pkg-plist b/security/tpm-quote-tools/pkg-plist
new file mode 100644
index 000000000000..4243caa18d84
--- /dev/null
+++ b/security/tpm-quote-tools/pkg-plist
@@ -0,0 +1,17 @@
+bin/tpm_getpcrhash
+bin/tpm_getquote
+bin/tpm_loadkey
+bin/tpm_mkaik
+bin/tpm_mkuuid
+bin/tpm_unloadkey
+bin/tpm_updatepcrhash
+bin/tpm_verifyquote
+man/man8/tpm_getpcrhash.8.gz
+man/man8/tpm_getquote.8.gz
+man/man8/tpm_loadkey.8.gz
+man/man8/tpm_mkaik.8.gz
+man/man8/tpm_mkuuid.8.gz
+man/man8/tpm_quote_tools.8.gz
+man/man8/tpm_unloadkey.8.gz
+man/man8/tpm_updatepcrhash.8.gz
+man/man8/tpm_verifyquote.8.gz