Your message dated Tue, 12 Jul 2016 10:16:21 +0200
with message-id <[email protected]>
and subject line libengine-tpm-openssl was removed from Debian in 2011
has caused the Debian Bug report #685115,
regarding libengine-tpm-openssl: X509 functions fail due to changes in OpenSSL
1.0.0
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
685115: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685115
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libengine-tpm-openssl
Version: 0.4.1+20071221-8
Severity: important
Tags: upstream patch
Dear Maintainer,
I am attempting to use the TPM engine to create self-signed x509 certificates.
According to the package-included documentation, this should be possible with:
openssl req -keyform engine -engine tpm -key <keyfilename> -new -x509 -out
<certfilename>
The package as it exists in squeeze fails to load the tpm engine. I noticed
the package is built against OpenSSL 0.9.8. When I compiled from debian-
source, the command above results in an error regarding ASN1 functions.
David Woodhouse, of Intel, has patched this issue two years ago. I found this:
https://github.com/ThomasHabets/openssl-tpm-
engine/commit/415a9d95144ae8fd160ac5948a140aba5a110767
I have applied this line of code, and it resulted in being able to create the
self-signed cert that I expected. Further testing allowed me to use the
s_server of openssl to connect with the key from the tpm.
-- System Information:
Debian Release: wheezy/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.5.2tresor+ (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libengine-tpm-openssl depends on:
ii libc6 2.13-33
ii libssl1.0.0 1.0.1c-4
ii libtspi-dev 0.3.9-3
ii libtspi1 0.3.9-3
libengine-tpm-openssl recommends no packages.
libengine-tpm-openssl suggests no packages.
-- no debconf information
--- libengine-tpm-openssl-0.4.1+20071221.orig/e_tpm.c
+++ libengine-tpm-openssl-0.4.1+20071221/e_tpm.c
@@ -737,6 +737,8 @@
return NULL;
}
+ EVP_PKEY_assign_RSA(pkey, rsa);
+
return pkey;
}
--- End Message ---
--- Begin Message ---
Version: 0.4.1+20071221-8+rm
libengine-tpm-openssl was last released with Debian 6.0 (squeeze) in
February 2011 and removed from Debian sid/unstable later in 2011 (see
http://bugs.debian.org/543929 for details on the removal). Since
support for squeeze and squeeze-LTS has now ended, I'm closing all the
remaining bugs reported against this package.
Andreas
--- End Message ---
