git: a8a6f68f9fe2 - main - security/tpm2-openssl: TPM2 provider for OpenSSL3+
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 21 May 2025 07:40:18 UTC
The branch main has been updated by arrowd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=a8a6f68f9fe2b699c1a5e0bfb8dc70bfcb8996f4
commit a8a6f68f9fe2b699c1a5e0bfb8dc70bfcb8996f4
Author: Andrea Cocito <andrea@cocito.eu>
AuthorDate: 2025-05-07 08:31:14 +0000
Commit: Gleb Popov <arrowd@FreeBSD.org>
CommitDate: 2025-05-21 07:40:14 +0000
security/tpm2-openssl: TPM2 provider for OpenSSL3+
Makes the TPM 2.0 accessible via the standard OpenSSL API and
command-line tools, so one can add TPM support to (almost) any
OpenSSL 3.x based application.
PR 286218
Pull Request: https://github.com/freebsd/freebsd-ports/pull/393
Co-authored-by: Gleb Popov <arrowd@FreeBSD.org>
---
security/Makefile | 1 +
security/tpm2-openssl/Makefile | 28 ++++++++++++++++++++++++++++
security/tpm2-openssl/distinfo | 3 +++
security/tpm2-openssl/pkg-descr | 1 +
security/tpm2-openssl/pkg-message | 26 ++++++++++++++++++++++++++
5 files changed, 59 insertions(+)
diff --git a/security/Makefile b/security/Makefile
index b742b84e77e2..34fc30166872 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1369,6 +1369,7 @@
SUBDIR += tpm-quote-tools
SUBDIR += tpm-tools
SUBDIR += tpm2-abrmd
+ SUBDIR += tpm2-openssl
SUBDIR += tpm2-pkcs11
SUBDIR += tpm2-tools
SUBDIR += tpm2-tss
diff --git a/security/tpm2-openssl/Makefile b/security/tpm2-openssl/Makefile
new file mode 100644
index 000000000000..f0a6329dc650
--- /dev/null
+++ b/security/tpm2-openssl/Makefile
@@ -0,0 +1,28 @@
+PORTNAME= tpm2-openssl
+DISTVERSION= 1.3.0
+CATEGORIES= security
+MASTER_SITES= https://github.com/tpm2-software/tpm2-openssl/releases/download/${DISTVERSION}/
+
+MAINTAINER= blackye@gmail.com
+COMMENT= Provider for integration of TPM 2.0 into OpenSSL 3.x
+WWW= https://github.com/tpm2-software/tpm2-openssl
+
+LICENSE= BSD3CLAUSE
+LICENSE_FILE= ${WRKSRC}/LICENSE
+
+IGNORE_FreeBSD_13= Requires OpenSSL 3+
+
+LIB_DEPENDS= libtss2-esys.so:security/tpm2-tss
+RUN_DEPENDS= tpm2-abrmd:security/tpm2-abrmd
+
+USES= gmake libtool pkgconfig ssl
+USE_LDCONFIG= yes
+
+GNU_CONFIGURE= yes
+CONFIGURE_ARGS= --with-modulesdir=${PREFIX}/lib/ossl-modules
+
+INSTALL_TARGET= install-strip
+
+PLIST_FILES= lib/ossl-modules/tpm2.so
+
+.include <bsd.port.mk>
diff --git a/security/tpm2-openssl/distinfo b/security/tpm2-openssl/distinfo
new file mode 100644
index 000000000000..15b45c43c5fc
--- /dev/null
+++ b/security/tpm2-openssl/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1737838478
+SHA256 (tpm2-openssl-1.3.0.tar.gz) = 9a9aca55d4265ec501bcf9c56d21d6ca18dba902553f21c888fe725b42ea9964
+SIZE (tpm2-openssl-1.3.0.tar.gz) = 432730
diff --git a/security/tpm2-openssl/pkg-descr b/security/tpm2-openssl/pkg-descr
new file mode 100644
index 000000000000..ecbf7761b6ab
--- /dev/null
+++ b/security/tpm2-openssl/pkg-descr
@@ -0,0 +1 @@
+Provider for integration of TPM 2.0 to OpenSSL 3.x
diff --git a/security/tpm2-openssl/pkg-message b/security/tpm2-openssl/pkg-message
new file mode 100644
index 000000000000..1f3b424b4e9a
--- /dev/null
+++ b/security/tpm2-openssl/pkg-message
@@ -0,0 +1,26 @@
+[
+{ type: install
+ message: <<EOM
+The tpm2 OpenSSL provider has been installed as ${PREFIX}/lib/ossl-modules/tpm2.so
+
+In order to let openssl find it do one of the following:
+
+1. Set the OPENSSL_MODULES environment variable
+2. Use the -provider-path option
+3. Edit /etc/ssl/openssl.cnf replacing the existing [provider_sect] and
+ [default_provider] sections with these:
+
+[provider_sect]
+default = default_sect
+tpm2 = tpm2_sect
+
+[default_sect]
+activate = 1
+
+[tpm2_sect]
+activate = 1
+module = ${PREFIX}/lib/ossl-modules/tpm2.so
+
+EOM
+}
+]