-
-
Notifications
You must be signed in to change notification settings - Fork 13.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tpm2-tss-engine #107298
Comments
If someone needs a starting point: https://git.beyermatthi.as/nixpkgs/log/?h=init-tpm2-tss-engine I started it but I do not have enough time right now. It fails during compilation because it tries to create symbolic links in the openssl installation (probably submit this as bug report to upstream). |
This comment was marked as off-topic.
This comment was marked as off-topic.
I got it to build like this:
Unfortunately I didn't have a TPM2 device when I packaged it (January last year). So could perhaps have saved you some time. I remember it failed the integration tests, but I just re-ran them now on a device that has TPM2 and then the integration tests passed as well. After the build I can execute the binary. Not sure what more I need to verify. |
@terlar I finally got a chance to test your packaging. You have a syntax error in your posting. maintainers = lib.maintainers.terlar ]; should be maintainers = [ lib.maintainers.terlar ]; I noticed this error when testing
This appears to be an issue with loading the shared object needed.
|
This error makes sense to me. Uses openssl library functionality for invoking the engine. Openssl does not know where the tpm2-tss-engine is located. Integration tests pass for me as well with my tpn2 device. I think this could be upstreamed and then the next step is adding an option for openssl 1.1.1 to have this engine installed with it. Openssl 3 will require tpm2-openssl. |
Just fyi, I've created a PR to add tpm2-openssl: #299626 |
OpenSSL cryptographic engine package for TPM 2.0
Uses the tpm2-tss package to provide an interface for OpenSSL to utilize TPM 2.0 for cryptographic purposes.
Metadata
The text was updated successfully, but these errors were encountered: