# # spec file for package ibmtss # # Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define libversion 2 %define libname libibmtss %define libpkgname %{libname}%{libversion} Name: ibmtss Version: 2.4.1 Release: 1.1 Summary: IBM's TPM 2.0 TSS License: BSD-3-Clause Group: Productivity/Security URL: https://github.com/kgoldman/ibmtss Source: https://github.com/kgoldman/ibmtss/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: 90-tpm-ibmtss.rules Patch1: ibmtss-configure.ac-Do-not-disable-optimization-for-debug-b.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: ibmswtpm2 BuildRequires: libopenssl-devel BuildRequires: libtool %description This is a user space TCG Software Stack (TSS) for TPM 2.0. It implements the functionality equivalent to the TCG TSS working group's planned ESAPI, SAPI, and TCTI APIs. It comes with over 100 "TPM tools" that can be used for scripted apps, rapid prototyping, education, and debugging. %package -n %{libpkgname} Summary: Shared library for IBM's TPM 2.0 TSS Group: System/Libraries Recommends: %{name}-base = %{version} %description -n %{libpkgname} Shared library for IBM's TPM 2.0 TSS tools %package base Summary: IBM's TPM 2.0 TSS shared files Group: Productivity/Security Requires(post): user(tss) BuildArch: noarch %description base Includes IBM's TPM 2.0 TSS certificates and policy files. %package devel Summary: IBM's TPM 2.0 TSS headers Group: Development/Libraries/C and C++ Requires: %{libpkgname} = %{version} Requires: %{name} = %{version} %description devel Includes IBM's TPM 2.0 TSS C header files %prep %autosetup -p1 %build autoreconf -ifv %configure --enable-debug --disable-static cd utils sed -i -e "s|/home/kgold/tss2/utils|$PWD|" certificates/rootcerts.txt %{_libexecdir}/%{name}/tpm_server & tpm_server="$!" export CCFLAGS="%{optflags}" export LNAFLAGS="-Wl,-rpath,%{_libdir}" %{make_build} testfailed=0 TPM_INTERFACE_TYPE=socsim LD_LIBRARY_PATH=.libs ./reg.sh -a || testfailed=$? kill "$tpm_server" || : [ "$testfailed" -eq 0 ] sed -i -e "s|$PWD|%{_datadir}/%{name}|" certificates/rootcerts.txt %install install -m 644 -D -t %{buildroot}%{_prefix}/lib/udev/rules.d/ %{SOURCE1} cd utils %make_install mkdir -p %{buildroot}/%{_datadir}/%{name} cp -a policies certificates %{buildroot}/%{_datadir}/%{name} find %{buildroot} -type f -name "*.la" -delete -print find %{buildroot} -name .cvsignore | xargs rm -v %post base %_bindir/udevadm trigger -s tpm -s tpmrm || : %post -n %{libpkgname} -p /sbin/ldconfig %postun -n %{libpkgname} -p /sbin/ldconfig %files %license LICENSE %doc ibmtss.html ibmtss.docx README %{_bindir}/tss* %{_mandir}/man1/tss*.1%{?ext_man} %files -n %{libpkgname} %{_libdir}/%{libname}*.so.%{version} %{_libdir}/%{libname}*.so.%{libversion} %files base %license LICENSE %{_datadir}/%{name} %{_prefix}/lib/udev/rules.d/* %files devel %license LICENSE %{_includedir}/%{name} %{_libdir}/%{libname}*.so %changelog * Tue Feb 25 2025 Pedro Monreal - Update to 2.4.1: * Issue new test EK CA root certificates with a longer validity period. * Remove patches upstream: - tss-Commit-changelog-and-autotools-version-update.patch - utils-Update-.so-version-to-2.4.patch - ibmtss-2.4.0-fix-FTBFS-2026.patch * Tue Dec 3 2024 Bernhard Wiedemann - Add ibmtss-2.4.0-fix-FTBFS-2026.patch to fix tests after 2026 (boo#1102840) * Mon Oct 21 2024 Michal Suchanek - Update to 2.4.0: * Add support for EK intermediate certificates * Support different IMA log digest algorithms * add regtest * html documentation - Refresh ibmtss-configure.ac-Do-not-disable-optimization-for-debug-b.patch - tss-Commit-changelog-and-autotools-version-update.patch - utils-Update-.so-version-to-2.4.patch * Thu Nov 30 2023 Pedro Monreal - Update to 2.1.1: * Add man page for tpmproxy. - Update to 2.1.0: * Parse new IMA event log template data fields. * Add option to verify IMA template data * Correct minor regression test script typos. - Update to 2.0.0 * Expand TPMU_SENSITIVE_COMPOSITE to handle HW TPMs that return 5 RSA primes. This is an ABI (not API) break. * Add support for TPM2_ECC_Encrypt and TPM2_ECC_Decrypt * Add more EFI event log handlers and event tracing. * SW TPM test CA now uses SHA-256, not the deprecated SHA-1. * Port tpmproxy for TPM 2.0 to Linux and Windows. * Add many new EK root certificates. * Remove OpenSSL functions deprecated in 3.x. * Fix TSS bug when using encrypt and decrypt in a PWAP session. * Add build flag to suppress SHA-1. - Remove patches fixed upstream: * ibmtss-regtests-Update-openssl-key-generation-for-3.0.0.patch * ibmtss-utils-Update-certifyx509-for-Openssl-3.0.0.patch * ibmtss-utils-Remove-unused-variables-from-certifyx509.patch * ibmtss-tss-Port-HMAC-operations-to-openssl-3.0.patch * ibmtss-utils-Port-to-openssl-3.0.0-replaces-RSA-with-EVP_PK.patch * ibmtss-openssl3-deprecation.patch * Wed Nov 9 2022 Pedro Monreal - Build with OpenSSL 3.0 deprecated functions until fixed upstream in the next version update [bsc#1205042] * ibmtss-openssl3-deprecation.patch - Add upstream patches to fix build with OpenSSL 3.0 * ibmtss-regtests-Update-openssl-key-generation-for-3.0.0.patch * ibmtss-utils-Update-certifyx509-for-Openssl-3.0.0.patch * ibmtss-utils-Remove-unused-variables-from-certifyx509.patch * ibmtss-tss-Port-HMAC-operations-to-openssl-3.0.patch * ibmtss-utils-Port-to-openssl-3.0.0-replaces-RSA-with-EVP_PK.patch * Thu Nov 25 2021 Michal Suchanek - Fix certificate list, run all tests. * Tue Jan 26 2021 Petr Vorel - Update to upstream version 1.6.0 (jsc#SLE-18268). - Drop patches from this release - ibmtss-certifyx509-Fix-uninitialized-variable.patch - ibmtss-fix-dsa-regression.patch * Thu Oct 1 2020 Pedro Monreal Gonzalez - Regression fix: * utils: fix ABI break caused by additional argument to -rsa * https://sourceforge.net/p/ibmtpm20tss/mailman/message/37119441/ - Add ibmtss-fix-dsa-regression.patch * Mon Aug 17 2020 Michal Suchanek - Update to upstream version 1.5.0 (jsc#SLE-13828). - Fix build warning due to -O0 + ibmtss-configure.ac-Do-not-disable-optimization-for-debug-b.patch - Fix uninitialized variable warning + ibmtss-certifyx509-Fix-uninitialized-variable.patch * Fri Mar 27 2020 Dominique Leuenberger - Don't mess with Epoch: in the long run it can't but cause problems. Upstreams that don't understand the meaning of version numbers can't be helped with Epoch. Let's rely on the distro features for dist-upgrade (that has no problem with a 'version downgrade'. * Mon Mar 23 2020 Michal Suchanek - Fix dependencies for epoch, remove useless define. * Fri Jan 31 2020 Michal Suchanek - Update to upstream version 1.3.0 - copy tpm device permission handling udev rule from tpm2-0-tss - depend on user(tss) (boo#1162360). * Sat Aug 24 2019 Jan Engelhardt - Disable static libs (standard openSUSE behavior) * Wed Aug 14 2019 Michal Suchanek - Remove installed .cvsignore file - Don't create already created directory * Fri Aug 9 2019 Michal Suchanek - Don't install duplicate headers * Mon Jul 8 2019 Michal Suchanek - Remove .la files * Thu Jul 4 2019 Michal Suchanek - Update to v1047 (FATE#327307, jsc#SLE-6593, jsc#SLE-9179). - now supports autotools - supports library versioning - installs tools with program prefx - remove binary tool wrapper - remove makefile.patch * Tue May 22 2018 msuchanek@suse.com - Add post/postun ldconfig call * Fri May 18 2018 jengelh@inai.de - Fix RPM groups * Thu May 17 2018 msuchanek@suse.com - Split off library, spec-clean (bsc#1093612) * Thu Jan 18 2018 msuchanek@suse.com - Enable test on BE * Wed Nov 8 2017 msuchanek@suse.com - Update to upstream version 1045 - works with OpenSSL 1.1 (bsc#1066914) * Thu Mar 2 2017 msuchanek@suse.com - fix description of -devel package * Wed Mar 1 2017 meissner@suse.com - update to v755 (FATE#321601) - This is the version prefered by IBM. * Wed Feb 8 2017 jengelh@inai.de - Wrap description and spell out TSS. - Move package description up before any build recipes, this is the more usual layout. - Drop unusable "return" command; %%build already executes with sh -e. * Fri Jan 27 2017 msuchanek@suse.com - Import v713 (FATE#321601) - Move to libdir and add wrapper script. - repack source without makefile-beam which has incompatible license and is not used in build anyway