Commit c116b30a authored by David Woodhouse's avatar David Woodhouse

First cut at IBM TSS support, mostly copied from James's tpm2 engine.

Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
parent 6e15eb57
......@@ -492,7 +492,7 @@ case "$ssl_library" in
AC_SUBST(TPM2_LIBS, ['$(TASN1_LIBS) $(TSS2_ESYS_LIBS)'])
tss2lib=tss2-esys],
[:])
if test "$tss2lib" = "xxNOTIMPLEMENTEDYETxx"; then
if test "$tss2lib" = ""; then
AC_CHECK_LIB([tss], [TSS_Create], [tss2inc=tss2
tss2lib=tss],
AC_CHECK_LIB([ibmtss], [TSS_Create], [tss2inc=ibmtss
......
......@@ -510,7 +510,7 @@ int install_tpm2_key(struct openconnect_info *vpninfo, gnutls_privkey_t *pkey, g
&vpninfo->tpm2->pub);
if (r) {
vpn_progress(vpninfo, PRG_ERR,
_("Failed to import TPM2 private key data: 0x%x\n"),
_("Failed to import TPM2 public key data: 0x%x\n"),
r);
goto err_out;
}
......
This diff is collapsed.
......@@ -32,7 +32,7 @@ And <em>optionally</em> also:
<li><b><tt><a href="https://github.com/OpenSC/libp11/wiki">libp11</a></tt></b> <i>(also needed for PKCS#11 support if using OpenSSL)</i></li>
<li><b><tt><a href="http://code.google.com/p/libproxy/">libproxy</a></tt></b></li>
<li><b><tt><a href="http://trousers.sourceforge.net/">trousers</a></tt></b> <i>(for TPMv1 support if using GnuTLS)</i></li>
<li><b><tt><a href="https://github.com/tpm2-software/tpm2-tss">tss2-esys</a></tt></b> and <b><tt><a href="https://www.gnu.org/software/libtasn1/">libtasn1</a></tt></b> <i>(for TPMv2 support if using GnuTLS)</i></li>
<li><b><tt><a href="https://www.gnu.org/software/libtasn1/">libtasn1</a></tt></b> and <em>either</em> <b><tt><a href="https://github.com/tpm2-software/tpm2-tss">tss2-esys</a></tt></b> or <b><tt><a href="http://sourceforge.net/projects/ibmtpm20tss/">IBM's TPM 2.0 TSS</a></tt></b>. <i>(for TPMv2 support if using GnuTLS)</i></li>
<li><b><tt><a href="http://stoken.sourceforge.net/">libstoken</a></tt></b> <i>(for SecurID software token support)</i></li>
<li><b><tt><a href="http://www.nongnu.org/oath-toolkit/">libpskc</a></tt></b> <i>(for RFC6030 PSKC file storage of HOTP/TOTP keys)</i></li>
<li><b><tt><a href="https://pcsclite.alioth.debian.org/pcsclite.html">libpcsclite</a></tt></b> <i>(for Yubikey hardware HOTP/HOTP support)</i></li>
......
......@@ -47,7 +47,7 @@ The <a href="https://github.com/tpm2-software/tpm2-tss-engine">tpm2-tss-engine</
Both of these OpenSSL engines can be used by OpenConnect if they are installed.</p>
<p>The GnuTLS build of OpenConnect supports the former variant, when built with the <tt>libtasn1</tt> and <tt>tss2-esys</tt> libraries.</p>
<p>The GnuTLS build of OpenConnect supports the former variant, when built with <tt>libtasn1</tt> and either <tt>tss2-esys</tt> or IBM TSS 2.0 libraries.</p>
<INCLUDE file="inc/footer.tmpl" />
</PAGE>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment