git: 788dde9529dd - main - security/openssl_tpm_engine: Remove expired port
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 02 Jul 2023 07:34:47 UTC
The branch main has been updated by bofh:
URL: https://cgit.FreeBSD.org/ports/commit/?id=788dde9529dd77fcb5d2433e0ff5522206af2643
commit 788dde9529dd77fcb5d2433e0ff5522206af2643
Author: Muhammad Moinur Rahman <bofh@FreeBSD.org>
AuthorDate: 2023-07-02 07:22:27 +0000
Commit: Muhammad Moinur Rahman <bofh@FreeBSD.org>
CommitDate: 2023-07-02 07:34:32 +0000
security/openssl_tpm_engine: Remove expired port
2023-07-02 security/openssl_tpm_engine: Requires older openssl and upstream unmaintained since 2017
---
MOVED | 1 +
security/Makefile | 1 -
security/openssl_tpm_engine/Makefile | 64 ----
security/openssl_tpm_engine/distinfo | 3 -
.../files/patch-dist-openssl.cnf.sample | 11 -
.../openssl_tpm_engine/files/patch-src-e_tpm.c | 368 ---------------------
.../openssl_tpm_engine/files/patch-src-e_tpm.h | 45 ---
.../openssl_tpm_engine/files/patch-src-e_tpm_err.c | 18 -
security/openssl_tpm_engine/files/pkg-message.in | 17 -
security/openssl_tpm_engine/pkg-descr | 6 -
10 files changed, 1 insertion(+), 533 deletions(-)
diff --git a/MOVED b/MOVED
index b9479552a3b0..7cb4791c98aa 100644
--- a/MOVED
+++ b/MOVED
@@ -7757,3 +7757,4 @@ print/ghostscript8-x11||2023-06-30|Has expired: Obsolete and unsupported upstrea
textproc/py-transifex-client|textproc/go-transifex-client|2023-06-30|Has expired: Upstream switched to go based api client (textproc/go-transifex-client)
devel/google-cloud-cpp117|devel/google-cloud-cpp|2023-07-01|Has expired: Newer version is in the tree
math/py-gmpy|math/py-gmpy2|2023-07-01|Has expired: EOLd, use math/py-gmpy2 instead
+security/openssl_tpm_engine||2023-07-02|Has expired: Requires older openssl and upstream unmaintained since 2017
diff --git a/security/Makefile b/security/Makefile
index 3665e5951e4d..6993f1a1dbc3 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -417,7 +417,6 @@
SUBDIR += openssl-unsafe
SUBDIR += openssl30
SUBDIR += openssl31
- SUBDIR += openssl_tpm_engine
SUBDIR += openvas
SUBDIR += openvpn
SUBDIR += openvpn-admin
diff --git a/security/openssl_tpm_engine/Makefile b/security/openssl_tpm_engine/Makefile
deleted file mode 100644
index 587074e17f56..000000000000
--- a/security/openssl_tpm_engine/Makefile
+++ /dev/null
@@ -1,64 +0,0 @@
-PORTNAME= openssl_tpm_engine
-PORTVERSION= 0.5.0
-DISTVERSIONPREFIX= v
-PORTREVISION= 2
-CATEGORIES= security
-
-MAINTAINER= hrs@FreeBSD.org
-COMMENT= OpenSSL TPM engine
-WWW= https://github.com/mgerstner/openssl_tpm_engine
-
-LICENSE= OpenSSL
-LICENSE_FILE= ${WRKSRC}/LICENSE
-
-DEPRECATED= Requires older openssl and upstream unmaintained since 2017
-EXPIRATION_DATE= 2023-07-02
-BROKEN_SSL= openssl30 openssl31
-BROKEN_SSL_REASON= Requires openssl 1.0.x or 1.1.x
-IGNORE_SSL= libressl libressl-devel
-IGNORE_SSL_REASON= Detected LibreSSL (RAND_METHOD structure unsupported)
-
-LIB_DEPENDS= libtspi.so:security/trousers
-RUN_DEPENDS= ${LOCALBASE}/sbin/tcsd:security/trousers
-
-USES= autoreconf gmake libtool localbase ssl pkgconfig
-USE_GITHUB= yes
-USE_LDCONFIG= yes
-
-GH_ACCOUNT= mgerstner
-GNU_CONFIGURE= yes
-CONFIGURE_ARGS= --with-openssl="${OPENSSLBASE}" \
- --with-enginedir="${PREFIX}/lib/openssl/engines"
-SUB_FILES= pkg-message
-PLIST_FILES= bin/create_tpm_key
-INSTALL_TARGET= install-strip
-PORTEXAMPLES= openssl.cnf.sample
-
-OPTIONS_DEFINE= EXAMPLES
-
-post-patch:
- (${CAT} ${OPENSSLINC}/openssl/opensslv.h; \
- ${ECHO_CMD} "#if OPENSSL_VERSION_NUMBER < 0x10100000L"; \
- ${ECHO_CMD} "lib/openssl/engines/libtpm.so"; \
- ${ECHO_CMD} "#else"; \
- ${ECHO_CMD} "lib/openssl/engines/tpm.so"; \
- ${ECHO_CMD} "#endif"; \
- ) | ${CPP} | ${GREP} -v \# > ${WRKDIR}/.tpmso; \
- ${REINPLACE_CMD} "s|%%TPMSO%%|${PREFIX}/$$(cat ${WRKDIR}/.tpmso)|g" \
- ${WRKSRC}/dist/openssl.cnf.sample
-
-.if defined(INSTALL_AS_USER)
-_T=|| ${TRUE}
-.endif
-post-install:
- (${CAT} ${WRKDIR}/.tpmso; \
- ${ECHO_CMD} "@postexec /usr/sbin/service ldconfig restart > /dev/null ${_T}" >> ${TMPPLIST}; \
- ${ECHO_CMD} "@postunexec /usr/sbin/service ldconfig restart > /dev/null ${_T}" >> ${TMPPLIST}; \
- ) >> ${TMPPLIST}
-
-post-install-EXAMPLES-on:
- @${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
- ${INSTALL_DATA} ${WRKSRC}/dist/openssl.cnf.sample \
- ${STAGEDIR}${EXAMPLESDIR}
-
-.include <bsd.port.mk>
diff --git a/security/openssl_tpm_engine/distinfo b/security/openssl_tpm_engine/distinfo
deleted file mode 100644
index 9c4d910bf172..000000000000
--- a/security/openssl_tpm_engine/distinfo
+++ /dev/null
@@ -1,3 +0,0 @@
-TIMESTAMP = 1551568882
-SHA256 (mgerstner-openssl_tpm_engine-v0.5.0_GH0.tar.gz) = 328cc0ce0c1fd816c284efb79234be6157bb995d24a5e8065750f162aa72c060
-SIZE (mgerstner-openssl_tpm_engine-v0.5.0_GH0.tar.gz) = 25305
diff --git a/security/openssl_tpm_engine/files/patch-dist-openssl.cnf.sample b/security/openssl_tpm_engine/files/patch-dist-openssl.cnf.sample
deleted file mode 100644
index d6cdfb1fcb34..000000000000
--- a/security/openssl_tpm_engine/files/patch-dist-openssl.cnf.sample
+++ /dev/null
@@ -1,11 +0,0 @@
---- dist/openssl.cnf.sample.orig 2017-12-18 15:45:34 UTC
-+++ dist/openssl.cnf.sample
-@@ -18,7 +18,7 @@ engines = engine_section
- foo = tpm_section
-
- [tpm_section]
--dynamic_path = /usr/local/ssl/lib/engines/libtpm.so
-+dynamic_path = %%TPMSO%%
- engine_id = tpm
- default_algorithms = ALL
- #default_algorithms = RAND,RSA
diff --git a/security/openssl_tpm_engine/files/patch-src-e_tpm.c b/security/openssl_tpm_engine/files/patch-src-e_tpm.c
deleted file mode 100644
index 69a7dac3dede..000000000000
--- a/security/openssl_tpm_engine/files/patch-src-e_tpm.c
+++ /dev/null
@@ -1,368 +0,0 @@
---- src/e_tpm.c.orig 2017-12-18 15:45:34 UTC
-+++ src/e_tpm.c
-@@ -34,6 +34,7 @@
- #include <tss/tspi.h>
-
- #include <trousers/trousers.h> // XXX DEBUG
-+#include <trousers/tss.h>
-
- #include "e_tpm.h"
- #include "ssl_compat.h"
-@@ -55,10 +56,10 @@ static char *tpm_engine_get_auth(UI_METHOD *, char *,
- /* rsa functions */
- static int tpm_rsa_init(RSA *rsa);
- static int tpm_rsa_finish(RSA *rsa);
--static int tpm_rsa_pub_dec(int, const unsigned char *, unsigned char *, RSA *, int);
--static int tpm_rsa_pub_enc(int, const unsigned char *, unsigned char *, RSA *, int);
--static int tpm_rsa_priv_dec(int, const unsigned char *, unsigned char *, RSA *, int);
--static int tpm_rsa_priv_enc(int, const unsigned char *, unsigned char *, RSA *, int);
-+static int tpm_rsa_pub_dec(int, unsigned char *, unsigned char *, RSA *, int);
-+static int tpm_rsa_pub_enc(int, unsigned char *, unsigned char *, RSA *, int);
-+static int tpm_rsa_priv_dec(int, unsigned char *, unsigned char *, RSA *, int);
-+static int tpm_rsa_priv_enc(int, unsigned char *, unsigned char *, RSA *, int);
- //static int tpm_rsa_sign(int, const unsigned char *, unsigned int, unsigned char *, unsigned int *, const RSA *);
- static int tpm_rsa_keygen(RSA *, int, BIGNUM *, BN_GENCB *);
- #endif
-@@ -72,6 +73,7 @@ static RAND_SEED_RET_TYPE tpm_rand_seed(const void *,
- #define TPM_CMD_SO_PATH ENGINE_CMD_BASE
- #define TPM_CMD_PIN ENGINE_CMD_BASE+1
- #define TPM_CMD_SECRET_MODE ENGINE_CMD_BASE+2
-+#define TPM_CMD_QUOTE ENGINE_CMD_BASE+3
- static const ENGINE_CMD_DEFN tpm_cmd_defns[] = {
- {TPM_CMD_SO_PATH,
- "SO_PATH",
-@@ -85,6 +87,10 @@ static const ENGINE_CMD_DEFN tpm_cmd_defns[] = {
- "SECRET_MODE",
- "The TSS secret mode for all secrets",
- ENGINE_CMD_FLAG_NUMERIC},
-+ {TPM_CMD_QUOTE,
-+ "QUOTE",
-+ "Perform a TPM_Quote() with the given structure",
-+ ENGINE_CMD_FLAG_NUMERIC},
- {0, NULL, NULL, 0}
- };
-
-@@ -151,6 +157,9 @@ static unsigned int (*p_tspi_Hash_SetHashValue)();
- static unsigned int (*p_tspi_GetPolicyObject)();
- static unsigned int (*p_tspi_Policy_SetSecret)();
- static unsigned int (*p_tspi_Policy_AssignToObject)();
-+static unsigned int (*p_tspi_PcrComposite_SelectPcrIndex)();
-+static unsigned int (*p_tspi_TPM_Quote)();
-+static unsigned int (*p_tspi_NV_ReadValue)();
-
- /* Override the real function calls to use our indirect pointers */
- #define Tspi_Context_Create p_tspi_Context_Create
-@@ -177,6 +186,9 @@ static unsigned int (*p_tspi_Policy_AssignToObject)();
- #define Tspi_Hash_SetHashValue p_tspi_Hash_SetHashValue
- #define Tspi_Policy_SetSecret p_tspi_Policy_SetSecret
- #define Tspi_Policy_AssignToObject p_tspi_Policy_AssignToObject
-+#define Tspi_PcrComposite_SelectPcrIndex p_tspi_PcrComposite_SelectPcrIndex
-+#define Tspi_TPM_Quote p_tspi_TPM_Quote
-+#define Tspi_NV_ReadValue p_tspi_NV_ReadValue
- #endif /* DLOPEN_TSPI */
-
- static int setup_rsa_method()
-@@ -262,6 +274,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data)
- TSS_RESULT result;
- UINT32 authusage;
- BYTE *auth;
-+ BYTE well_known[TPM_SHA1_160_HASH_LEN] = TSS_WELL_KNOWN_SECRET;
-
- if (hSRK != NULL_HKEY) {
- DBGFN("SRK is already loaded.");
-@@ -308,6 +321,7 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data)
- return 0;
- }
-
-+ if (ui) {
- if ((auth = calloc(1, 128)) == NULL) {
- TSSerr(TPM_F_TPM_LOAD_SRK, ERR_R_MALLOC_FAILURE);
- return 0;
-@@ -333,6 +347,15 @@ int tpm_load_srk(UI_METHOD *ui, void *cb_data)
-
- free(auth);
-
-+ } else {
-+ if ((result = Tspi_Policy_SetSecret(hSRKPolicy, TSS_SECRET_MODE_SHA1, 20, well_known))) {
-+ Tspi_Context_CloseObject(hContext, hSRK);
-+ free(auth);
-+ TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+ }
-+
- return 1;
- }
-
-@@ -390,7 +413,10 @@ static int tpm_engine_init(ENGINE * e)
- !bind_tspi_func(tpm_dso, Context_GetTpmObject) ||
- !bind_tspi_func(tpm_dso, GetAttribUint32) ||
- !bind_tspi_func(tpm_dso, SetAttribData) ||
-- !bind_tspi_func(tpm_dso, Policy_AssignToObject)
-+ !bind_tspi_func(tpm_dso, Policy_AssignToObject) ||
-+ !bind_tspi_func(tpm_dso, PcrComposite_SelectPcrIndex) ||
-+ !bind_tspi_func(tpm_dso, TPM_Quote) ||
-+ !bind_tspi_func(tpm_dso, NV_ReadValue)
- ) {
- TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE);
- goto err;
-@@ -452,6 +478,9 @@ err:
- p_tspi_Policy_AssignToObject = NULL;
- p_tspi_TPM_StirRandom = NULL;
- p_tspi_TPM_GetRandom = NULL;
-+ p_tspi_PcrComposite_SelectPcrIndex = NULL;
-+ p_tspi_TPM_Quote = NULL;
-+ p_tspi_NV_ReadValue = NULL;
- #endif
- return 0;
- }
-@@ -590,6 +619,55 @@ err:
- return 0;
- }
-
-+/*
-+ * Read a keyblob from NVRAM into an OpenSSL memory BIO
-+ * by Christian Holler (c.hol...@sirrix.com), Sirrix AG
-+ */
-+int BIO_from_nvram(unsigned int index, unsigned int length, BIO** bio)
-+{
-+ TSS_RESULT result;
-+ TSS_HNVSTORE hNVStore;
-+ BYTE *dataRead = NULL;
-+
-+ //unsigned int blobLength = 559;
-+
-+ BIO *mem = BIO_new(BIO_s_mem());
-+
-+ /* Create TPM NV object */
-+ result = p_tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,
-+ &hNVStore);
-+
-+ if (result != TSS_SUCCESS) {
-+ TSSerr(TPM_F_TPM_BIO_FROM_NVRAM,
-+ TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+
-+ /* Set the index to be read */
-+ result = p_tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,
-+ (UINT32) index);
-+
-+ if (result != TSS_SUCCESS) {
-+ TSSerr(TPM_F_TPM_BIO_FROM_NVRAM,
-+ TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+
-+ result = p_tspi_NV_ReadValue(hNVStore, 0, &length, &dataRead);
-+ BIO_write(mem, dataRead, length);
-+ p_tspi_Context_FreeMemory(hContext, dataRead);
-+
-+ if (result != TSS_SUCCESS ) {
-+ TSSerr(TPM_F_TPM_BIO_FROM_NVRAM,
-+ TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+
-+ *bio = mem;
-+
-+ return 1;
-+}
-+
- static EVP_PKEY *tpm_engine_load_key(ENGINE *e, const char *key_id,
- UI_METHOD *ui, void *cb_data)
- {
-@@ -604,7 +682,7 @@ static EVP_PKEY *tpm_engine_load_key(ENGINE *e, const
-
- DBG("%s", __FUNCTION__);
-
-- if (!key_id) {
-+ if (!key_id && !cb_data) {
- TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
-@@ -614,17 +692,27 @@ static EVP_PKEY *tpm_engine_load_key(ENGINE *e, const
- return NULL;
- }
-
-+ if (cb_data) {
-+ struct nvram_request *nvreq = cb_data;
-+
-+ if (!BIO_from_nvram(nvreq->index, nvreq->length, &bf)) {
-+ TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
-+ TPM_R_NVRAM_FAILED);
-+ return NULL;
-+ }
-+ } else {
- if ((bf = BIO_new_file(key_id, "r")) == NULL) {
- TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
-- TPM_R_FILE_NOT_FOUND);
-+ TPM_R_FILE_NOT_FOUND);
- return NULL;
- }
-+ }
-
- blobstr = PEM_ASN1_read_bio((void *)d2i_ASN1_OCTET_STRING,
- "TSS KEY BLOB", bf, NULL, NULL, NULL);
- if (!blobstr) {
- TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
-- TPM_R_FILE_READ_FAILED);
-+ TPM_R_FILE_READ_FAILED);
- BIO_free(bf);
- return NULL;
- }
-@@ -635,7 +723,7 @@ static EVP_PKEY *tpm_engine_load_key(ENGINE *e, const
- blobstr->length,
- blobstr->data, &hKey))) {
- TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
-- TPM_R_REQUEST_FAILED);
-+ TPM_R_REQUEST_FAILED);
- return NULL;
- }
- ASN1_OCTET_STRING_free(blobstr);
-@@ -645,7 +733,7 @@ static EVP_PKEY *tpm_engine_load_key(ENGINE *e, const
- &authusage))) {
- Tspi_Context_CloseObject(hContext, hKey);
- TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY,
-- TPM_R_REQUEST_FAILED);
-+ TPM_R_REQUEST_FAILED);
- return NULL;
- }
-
-@@ -747,7 +835,7 @@ static int tpm_create_srk_policy(void *secret)
- TSS_POLICY_USAGE,
- &hSRKPolicy))) {
- TSSerr(TPM_F_TPM_CREATE_SRK_POLICY,
-- TPM_R_REQUEST_FAILED);
-+ TPM_R_REQUEST_FAILED);
- return 0;
- }
- }
-@@ -761,6 +849,70 @@ static int tpm_create_srk_policy(void *secret)
- return 1;
- }
-
-+static int tpm_quote(void* p) {
-+ TSS_RESULT result;
-+ TSS_HPCRS hPcrComposite;
-+ TSS_VALIDATION tssVal;
-+
-+ unsigned int i = 0;
-+
-+ struct quote_request *request = p;
-+
-+ struct rsa_app_data *app_data = RSA_get_ex_data(request->rsa, ex_app_data);
-+
-+ /* No app_data, this is not a TPM Key and we cannot use it for quote */
-+ if (!app_data) {
-+ return 0;
-+ }
-+
-+ /* Key is invalid */
-+ if (app_data->hKey == NULL_HKEY) {
-+ TSSerr(TPM_F_TPM_QUOTE, TPM_R_INVALID_KEY);
-+ return 0;
-+ }
-+
-+ /* Set up PcrComposite Structure, this is a set
-+ * of PCRs which will be used for the quote */
-+ result =
-+ p_tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS,
-+ TSS_PCRS_STRUCT_INFO, &hPcrComposite);
-+ if (result != TSS_SUCCESS) {
-+ TSSerr(TPM_F_TPM_QUOTE, TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+
-+ /* Add all PCR values to be used to PcrComposite structure */
-+ for (i = 0; i < request->PCRSelLength; i++) {
-+ if (request->PCRSel[i]) {
-+ result = p_tspi_PcrComposite_SelectPcrIndex(hPcrComposite, i);
-+
-+ if (result != TSS_SUCCESS) {
-+ TSSerr(TPM_F_TPM_QUOTE, TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+ }
-+ }
-+
-+ /* Set the nonce */
-+ tssVal.rgbExternalData = request->nonce;
-+ tssVal.ulExternalDataLength = SHA_DIGEST_LENGTH;
-+
-+ result = p_tspi_TPM_Quote(hTPM, app_data->hKey, hPcrComposite, &tssVal);
-+
-+ if (result != TSS_SUCCESS) {
-+ TSSerr(TPM_F_TPM_QUOTE, TPM_R_REQUEST_FAILED);
-+ return 0;
-+ }
-+
-+ request->rgbData = tssVal.rgbData;
-+ request->ulValidationDataLength = tssVal.ulValidationDataLength;
-+ request->rgbValidationData = tssVal.rgbValidationData;
-+
-+ p_tspi_Context_CloseObject(hContext, hPcrComposite);
-+
-+ return 1;
-+}
-+
- static int tpm_engine_ctrl(ENGINE * e, int cmd, long i, void *p, void (*f) ())
- {
- int initialised = !!hContext;
-@@ -799,6 +951,8 @@ static int tpm_engine_ctrl(ENGINE * e, int cmd, long i
- return 1;
- case TPM_CMD_PIN:
- return tpm_create_srk_policy(p);
-+ case TPM_CMD_QUOTE:
-+ return tpm_quote(p);
- default:
- break;
- }
-@@ -853,7 +1007,7 @@ static int tpm_rsa_finish(RSA *rsa)
- }
-
- static int tpm_rsa_pub_dec(int flen,
-- const unsigned char *from,
-+ unsigned char *from,
- unsigned char *to,
- RSA *rsa,
- int padding)
-@@ -872,7 +1026,7 @@ static int tpm_rsa_pub_dec(int flen,
- }
-
- static int tpm_rsa_priv_dec(int flen,
-- const unsigned char *from,
-+ unsigned char *from,
- unsigned char *to,
- RSA *rsa,
- int padding)
-@@ -949,7 +1103,7 @@ static int tpm_rsa_priv_dec(int flen,
- }
-
- static int tpm_rsa_pub_enc(int flen,
-- const unsigned char *from,
-+ unsigned char *from,
- unsigned char *to,
- RSA *rsa,
- int padding)
-@@ -1056,7 +1210,7 @@ static int tpm_rsa_pub_enc(int flen,
- }
-
- static int tpm_rsa_priv_enc(int flen,
-- const unsigned char *from,
-+ unsigned char *from,
- unsigned char *to,
- RSA *rsa,
- int padding)
-@@ -1101,7 +1255,10 @@ static int tpm_rsa_priv_enc(int flen,
- }
-
- if (app_data->sigScheme == TSS_SS_RSASSAPKCS1V15_SHA1) {
-- if (flen != SHA_DIGEST_LENGTH) {
-+ if (flen == SHA_DIGEST_LENGTH+15) {
-+ from += 15;
-+ flen = SHA_DIGEST_LENGTH;
-+ } else if (flen != SHA_DIGEST_LENGTH) {
- TSSerr(TPM_F_TPM_RSA_PRIV_ENC, TPM_R_INVALID_MSG_SIZE);
- return 0;
- }
diff --git a/security/openssl_tpm_engine/files/patch-src-e_tpm.h b/security/openssl_tpm_engine/files/patch-src-e_tpm.h
deleted file mode 100644
index f4d003e77a49..000000000000
--- a/security/openssl_tpm_engine/files/patch-src-e_tpm.h
+++ /dev/null
@@ -1,45 +0,0 @@
---- src/e_tpm.h.orig 2017-12-18 15:45:34 UTC
-+++ src/e_tpm.h
-@@ -66,6 +66,8 @@ void ERR_TSS_error(int function, int reason, char *fil
- #define TPM_F_TPM_FILL_RSA_OBJECT 116
- #define TPM_F_TPM_ENGINE_GET_AUTH 117
- #define TPM_F_TPM_CREATE_SRK_POLICY 118
-+#define TPM_F_TPM_BIO_FROM_NVRAM 119
-+#define TPM_F_TPM_QUOTE 120
-
- /* Reason codes. */
- #define TPM_R_ALREADY_LOADED 100
-@@ -96,6 +98,7 @@ void ERR_TSS_error(int function, int reason, char *fil
- #define TPM_R_ID_INVALID 125
- #define TPM_R_UI_METHOD_FAILED 126
- #define TPM_R_UNKNOWN_SECRET_MODE 127
-+#define TPM_R_NVRAM_FAILED 128
-
- /* structure pointed to by the RSA object's app_data pointer */
- struct rsa_app_data
-@@ -105,6 +108,25 @@ struct rsa_app_data
- TSS_HENCDATA hEncData;
- UINT32 encScheme;
- UINT32 sigScheme;
-+};
-+
-+/* Added by c.hol...@sirrix.com */
-+struct quote_request
-+{
-+ RSA* rsa;
-+ unsigned int PCRSel[256];
-+ unsigned int PCRSelLength;
-+ const unsigned char* nonce;
-+ unsigned int nonceLen;
-+ unsigned char* rgbData;
-+ unsigned int ulValidationDataLength;
-+ unsigned char* rgbValidationData;
-+};
-+
-+struct nvram_request
-+{
-+ unsigned int index;
-+ unsigned int length;
- };
-
- #define TPM_ENGINE_EX_DATA_UNINIT -1
diff --git a/security/openssl_tpm_engine/files/patch-src-e_tpm_err.c b/security/openssl_tpm_engine/files/patch-src-e_tpm_err.c
deleted file mode 100644
index 754885dde0e0..000000000000
--- a/security/openssl_tpm_engine/files/patch-src-e_tpm_err.c
+++ /dev/null
@@ -1,18 +0,0 @@
---- src/e_tpm_err.c.orig 2017-12-18 15:45:34 UTC
-+++ src/e_tpm_err.c
-@@ -234,6 +234,7 @@ static ERR_STRING_DATA TPM_str_functs[] = {
- {ERR_PACK(0, TPM_F_TPM_BIND_FN, 0), "TPM_BIND_FN"},
- {ERR_PACK(0, TPM_F_TPM_FILL_RSA_OBJECT, 0), "TPM_FILL_RSA_OBJECT"},
- {ERR_PACK(0, TPM_F_TPM_ENGINE_GET_AUTH, 0), "TPM_ENGINE_GET_AUTH"},
-+ {ERR_PACK(0, TPM_F_TPM_BIO_FROM_NVRAM, 0), "TPM_BIO_FROM_NVRAM"},
- {0, NULL}
- };
-
-@@ -264,6 +265,7 @@ static ERR_STRING_DATA TPM_str_reasons[] = {
- {TPM_R_FILE_READ_FAILED, "failed reading the key file"},
- {TPM_R_ID_INVALID, "engine id doesn't match"},
- {TPM_R_UI_METHOD_FAILED, "ui function failed"},
-+ {TPM_R_NVRAM_FAILED, "nvram failure"},
- {0, NULL}
- };
-
diff --git a/security/openssl_tpm_engine/files/pkg-message.in b/security/openssl_tpm_engine/files/pkg-message.in
deleted file mode 100644
index 991b707e091f..000000000000
--- a/security/openssl_tpm_engine/files/pkg-message.in
+++ /dev/null
@@ -1,17 +0,0 @@
-[
-{ type: install
- message: <<EOM
-A sample configuration which has to be added into /etc/ssl/openssl.cnf
-to enable "tpm" engine in OpenSSL can be found at
-%%EXAMPLESDIR%%/openssl.cnf.sample.
-Note that tcsd daemon in security/trousers must be running. If not,
-you might get the following error messages:
-
- | Auto configuration failed
- | 65738:error:80066070:tpm engine:TPM_ENGINE_INIT:unit failure:e_tpm.c:484:
- | 65738:error:260B806D:engine routines:ENGINE_TABLE_REGISTER:init failed:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/engine/eng_table.c:161:
- | 65738:error:260BC065:engine routines:INT_ENGINE_CONFIGURE:engine configuration error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/engine/eng_cnf.c:204:section=tpm_section, name=default_algorithms, value=ALL
- | 65738:error:0E07606D:configuration file routines:MODULE_RUN:module initialization error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_mod.c:235:module=engines, value=engine_section, retcode=-1
-EOM
-}
-]
diff --git a/security/openssl_tpm_engine/pkg-descr b/security/openssl_tpm_engine/pkg-descr
deleted file mode 100644
index 911b99d733f7..000000000000
--- a/security/openssl_tpm_engine/pkg-descr
+++ /dev/null
@@ -1,6 +0,0 @@
-This is a forked version of OpenSSL TPM engine from the original
-upstream, TrouSerS project.
-
-This package contains two sets of code, a command-line utility used to
-generate a TSS key blob and write it to disk and an OpenSSL engine which
-interfaces with the TSS API.