Message ID | 20210127184227.29258-1-lle-bout@zaclys.net |
---|---|
State | Accepted |
Headers | show |
Series | [bug#46139] gnu: Add tpm2-tss. | expand |
Context | Check | Description |
---|---|---|
cbaines/applying patch | fail | View Laminar job |
cbaines/issue | success | View issue |
Hello, guix-patches--- via <guix-patches@gnu.org> writes: > * gnu/packages/hardware.scm (tpm2-tss): New variable. Thank you. Some comments follow. > + (inputs > + `(("pkg-config" ,pkg-config) > + ("openssl" ,openssl) > + ("json-c" ,json-c) > + ("curl" ,curl))) pkg-config should be a native-input. Don't you need libgcrypt as an input, too? > + (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)") > + (description "This package provides the Trusted Computing Group's (TCG) > +TPM2 Software Stack (TSS). This stack consists of the following layers from > +top to bottom: > + > +@enumerate > +@item Feature API (FAPI) as described in the TCG Feature API (FAPI) > +Specification along with TCG TSS 2.0 JSON Data Types and Policy Language > +Specification This API is designed to be very high-level API, intended to make > +programming with the TPM as simple as possible. The API functions are exposed > +through a single library: libtss2-fapi. > +@item Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced > +System API (ESAPI) Specification This API is a 1-to-1 mapping of the TPM2 > +commands documented in Part 3 of the TPM2 specification. Additionally there > +are asynchronous versions of each command. In addition to SAPI, the ESAPI > +performs tracking of meta data for TPM object and automatic calculation of > +session based authorization and encryption values. Both the synchronous and > +asynchronous API are exposed through a single library: libtss2-esys. > +@item System API (SAPI) as described in the TCG TSS 2.0 System Level API > +(SAPI) Specification This API is a 1-to-1 mapping of the TPM2 commands > +documented in Part 3 of the TPM2 specification. Additionally there are > +asynchronous versions of each command. These asynchronous variants may be > +useful for integration into event-driven programming environments. Both the > +synchronous and asynchronous API are exposed through a single library: > +libtss2-sys. > +@item Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0 > +Marshaling/Unmarshaling API Specification This API provides a set of > +marshaling and unmarshaling functions for all data types define by the TPM > +library specification. The Marshaling/Unmarshaling API is exposed through a > +library called libtss2-mu. > +@item TPM Command Transmission Interface (TCTI) as described in the TCG TSS > +2.0 TPM Command Transmission Interface (TCTI) API Specification. This API > +provides a standard interface to transmit / receive TPM command / response > +buffers. It is expected that any number of libraries implementing the TCTI API > +will be implemented as a way to abstract various platform specific IPC > +mechanisms. Currently this repository provides several TCTI implementations: > +libtss2-tcti-device, libtss2-tcti-tbs (for Windows), libtss2-tcti-swtpm and > +libtss2-tcti-mssim. The former should be used for direct access to the TPM > +through the Linux kernel driver. The latter implements the protocol exposed by > +the Microsoft software TPM2 simulator. > +@item The TCG TSS 2.0 Overview and Common Structures Specification forms the > +basis for all implementations in this project. NOTE: We deviate from this > +specification by increasing the value of TPM2_NUM_PCR_BANKS from 3 to 16 to > +ensure compatibility with TPM2 implementations that have enabled a larger than > +typical number of PCR banks. This larger value for TPM2_NUM_PCR_BANKS is > +expected to be included in a future revision of the specification. > +@end enumerate") This description is waaaaay too long. Could you trim it down a bit? IIRC, the manual suggests description of about 5 lines. Of course, this is not a hard rule. Also you need to add two spaces after sentences. > + (home-page "https://tpm2-software.github.io/") Could you move it above synopsis? Regards,
Hello! Sorry, I made a mistake forgetting to `$ git add` before amending my commit thus not sending some of the changes you just requested which I had already done. Here now with shortened description, home-page above synopsis, pkg-config in native-inputs and required modules imported appropriately. Thank you. Léo Le Bouter (1): gnu: Add tpm2-tss. gnu/packages/hardware.scm | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+)
On Wed, 2021-01-27 at 21:44 +0100, Nicolas Goaziou wrote: > Don't you need libgcrypt as an input, too? Apparently no, see: < https://github.com/tpm2-software/tpm2-tss/blob/master/INSTALL.md#gnulinux >. Everything compiles fine as-is.
Leo, Thanks! > (uri (string-append ... name ...)) Nitpick: there is no point in parameterising NAME here. Unlike VERSION, it's more likely to cause future work than to save any. Just hard-code it. > (inputs ...) Did you forget `(use-modules (gnu packages tls))'? > (synopsis "OSS implementation of the TCG TPM2 Software Stack > (TSS2)") s/OSS i/I/ Likewise, Windows support is irrelevant, so we don't mention it. Don't know enough about the ‘Microsoft software TPM2 simulator’ to know if it is. > IIRC, the manual suggests description of about 5 lines. At minimum, IMO :-) Between 5 and 10, depending on how much there is to say about the package. Reducing each @item to ~1 sentence would strike a good balance. Be sure to keep any keywords that could help people ‘guix search’ for this package. Drop the boring spec minutia. > Trusted Computing Group's (TCG) You can mark these up as @acronym{TCG, Trusted Computing Group}. When finished, don't forget to run ‘guix lint tpm2-tss’. Kind regards, T G-R
diff --git a/gnu/packages/hardware.scm b/gnu/packages/hardware.scm index 3da6759472..778453a395 100644 --- a/gnu/packages/hardware.scm +++ b/gnu/packages/hardware.scm @@ -498,3 +498,71 @@ screens. It displays various patterns and allows you to estimate the quality of your CRT/LCD monitor.") (home-page "https://github.com/TobiX/screentest") (license license:gpl2))) + +(define-public tpm2-tss + (package + (name "tpm2-tss") + (version "3.0.3") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/tpm2-software/" name + "/releases/download/" version "/" name "-" version + ".tar.gz")) + (sha256 + (base32 "05xynpwq851fp8f5fy7ac0blvz8mr5m5cbqj3gslgbwv63kjnfbq")))) + (build-system gnu-build-system) + (inputs + `(("pkg-config" ,pkg-config) + ("openssl" ,openssl) + ("json-c" ,json-c) + ("curl" ,curl))) + (synopsis "OSS implementation of the TCG TPM2 Software Stack (TSS2)") + (description "This package provides the Trusted Computing Group's (TCG) +TPM2 Software Stack (TSS). This stack consists of the following layers from +top to bottom: + +@enumerate +@item Feature API (FAPI) as described in the TCG Feature API (FAPI) +Specification along with TCG TSS 2.0 JSON Data Types and Policy Language +Specification This API is designed to be very high-level API, intended to make +programming with the TPM as simple as possible. The API functions are exposed +through a single library: libtss2-fapi. +@item Enhanced System API (ESAPI) as described in the TCG TSS 2.0 Enhanced +System API (ESAPI) Specification This API is a 1-to-1 mapping of the TPM2 +commands documented in Part 3 of the TPM2 specification. Additionally there +are asynchronous versions of each command. In addition to SAPI, the ESAPI +performs tracking of meta data for TPM object and automatic calculation of +session based authorization and encryption values. Both the synchronous and +asynchronous API are exposed through a single library: libtss2-esys. +@item System API (SAPI) as described in the TCG TSS 2.0 System Level API +(SAPI) Specification This API is a 1-to-1 mapping of the TPM2 commands +documented in Part 3 of the TPM2 specification. Additionally there are +asynchronous versions of each command. These asynchronous variants may be +useful for integration into event-driven programming environments. Both the +synchronous and asynchronous API are exposed through a single library: +libtss2-sys. +@item Marshaling/Unmarshaling (MU) as described in the TCG TSS 2.0 +Marshaling/Unmarshaling API Specification This API provides a set of +marshaling and unmarshaling functions for all data types define by the TPM +library specification. The Marshaling/Unmarshaling API is exposed through a +library called libtss2-mu. +@item TPM Command Transmission Interface (TCTI) as described in the TCG TSS +2.0 TPM Command Transmission Interface (TCTI) API Specification. This API +provides a standard interface to transmit / receive TPM command / response +buffers. It is expected that any number of libraries implementing the TCTI API +will be implemented as a way to abstract various platform specific IPC +mechanisms. Currently this repository provides several TCTI implementations: +libtss2-tcti-device, libtss2-tcti-tbs (for Windows), libtss2-tcti-swtpm and +libtss2-tcti-mssim. The former should be used for direct access to the TPM +through the Linux kernel driver. The latter implements the protocol exposed by +the Microsoft software TPM2 simulator. +@item The TCG TSS 2.0 Overview and Common Structures Specification forms the +basis for all implementations in this project. NOTE: We deviate from this +specification by increasing the value of TPM2_NUM_PCR_BANKS from 3 to 16 to +ensure compatibility with TPM2 implementations that have enabled a larger than +typical number of PCR banks. This larger value for TPM2_NUM_PCR_BANKS is +expected to be included in a future revision of the specification. +@end enumerate") + (home-page "https://tpm2-software.github.io/") + (license license:bsd-2)))