A PKCS#11 interface for TPM2 hardware
https://github.com/tpm2-software/tpm2-pkcs11
PKCS #11 is a Public-Key Cryptography Standard that defines a standard method to access cryptographic services from tokens/ devices such as hardware security modules (HSM), smart cards, etc. In this project we intend to use a TPM2 device as the cryptographic token.
- Devel package for openSUSE:Factory
-
3
derived packages
- Links to openSUSE:Factory / tpm2-pkcs11
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout security/tpm2-pkcs11 && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
tpm2-pkcs11-1.9.0.tar.gz | 0001396590 1.33 MB | |
tpm2-pkcs11-1.9.0.tar.gz.asc | 0000000833 833 Bytes | |
tpm2-pkcs11.changes | 0000005912 5.77 KB | |
tpm2-pkcs11.keyring | 0000003158 3.08 KB | |
tpm2-pkcs11.spec | 0000003213 3.14 KB |
Revision 13 (latest revision is 17)
- Update to 1.9.0 + Fixed * Fix autoconf invocation on a release tarball not being a git repo for VERSION. VERSION file now generated and packaged as part of the release tarball from the git version information. * Fix TPM2_PKCS11_OWNER_AUTH not being used when a persistent SRK is needed in the C_InitToken path. * During an upgrade of the database to version 4, the config key 'persistent' is added instead of 'transient', causing KeyError when using the upgraded database. * Leave the original db on upgrade failure, a bug caused the original db to be unlinked not the upgraded db. * A bug prevented the use of CreateLoaded if the TPM supports the command. * A bug when creating keys through the PKCS11 interface (not tpm2-ptool), the attributes for CKA_ALLOWED_MECHANISMS were encoded as a hex string and not a sequence of ints within the YAML. Correcting this will trigger a db upgrade to 8 + Added * Env varibale PKCS11_SQL_LOCK to allow setting a lock directory, eg for temprary directory so lock files do not persist across reboots.
Comments 2
Should tpm2-pkcs11 requires libtpm2_pkcs11-0 ? Recently when setting up tpm ssh keys I noticed this was not a default requirement but it seems like it would be useful?
https://build.opensuse.org/request/show/1080278