diff --git a/third_party/libtpms/BUILD.bazel b/third_party/libtpms/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/libtpms/BUILD.bazel
diff --git a/third_party/libtpms/external.bzl b/third_party/libtpms/external.bzl
new file mode 100644
index 0000000..d6052b4
--- /dev/null
+++ b/third_party/libtpms/external.bzl
@@ -0,0 +1,23 @@
+load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+
+def libtpms_external(name, version):
+    sums = {
+        # master at 2024/01/09 (0.10.0 prerelease).
+        "93a827aeccd3ab2178281571b1545dcfffa2991b": "e509e0ba109f77da517b5e58a9f093beb040525e6be51de06d1153c8278c70d1",
+    }
+
+    http_archive(
+        name = name,
+        patch_args = ["-p1"],
+        patches = [
+            "//third_party/libtpms/patches:0001-boringssl-compat-new-SHA-types.patch",
+            "//third_party/libtpms/patches:0002-boringssl-compat-removed-const_DES_cblock.patch",
+            "//third_party/libtpms/patches:0003-boringssl-compat-removed-EC_POINTs_mul.patch",
+            "//third_party/libtpms/patches:0004-boringssl-compat-removed-camellia-support.patch",
+            "//third_party/libtpms/patches:0005-boringssl-compat-remove-constant-time-flags-UNSAFE.patch",
+            "//third_party/libtpms/patches:0006-bazel-support-implement.patch",
+        ],
+        sha256 = sums[version],
+        strip_prefix = "libtpms-" + version,
+        urls = ["https://github.com/stefanberger/libtpms/archive/%s.tar.gz" % version],
+    )
diff --git a/third_party/libtpms/patches/0001-boringssl-compat-new-SHA-types.patch b/third_party/libtpms/patches/0001-boringssl-compat-new-SHA-types.patch
new file mode 100644
index 0000000..b4d25f4
--- /dev/null
+++ b/third_party/libtpms/patches/0001-boringssl-compat-new-SHA-types.patch
@@ -0,0 +1,57 @@
+From 51935c4f084265833951e5439b682913bfbac03a Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 12:58:10 +0200
+Subject: [PATCH 1/6] boringssl compat: new SHA types
+
+See: https://github.com/google/boringssl/commit/51011b4a262046a3d9a2eb5690e54af80377f15a
+---
+ src/tpm2/NVMarshal.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
+index a4a9498..6d42a97 100644
+--- a/src/tpm2/NVMarshal.c
++++ b/src/tpm2/NVMarshal.c
+@@ -58,6 +58,9 @@
+ #define TPM_HAVE_TPM2_DECLARATIONS
+ #include "tpm_library_intern.h"
+ 
++#define SHA_LONG uint32_t
++#define SHA_LONG64 uint64_t
++
+ /*
+  * The TPM2 maintains a pcrAllocated shadow variable; the current active one is
+  * in gp.pcrAllocated and the one to be active after reboot is in NVRAM. So,
+@@ -1943,9 +1946,9 @@ tpmHashStateSHA512_Marshal(SHA512_CTX *data, BYTE **buffer, INT32 *size,
+     written += SHA_LONG64_Marshal(&data->Nl, buffer, size);
+     written += SHA_LONG64_Marshal(&data->Nh, buffer, size);
+ 
+-    array_size = sizeof(data->u.p);
++    array_size = sizeof(data->p);
+     written += UINT16_Marshal(&array_size, buffer, size);
+-    written += Array_Marshal(&data->u.p[0], array_size, buffer, size);
++    written += Array_Marshal(&data->p[0], array_size, buffer, size);
+ 
+     written += UINT32_Marshal(&data->num, buffer, size);
+     written += UINT32_Marshal(&data->md_len, buffer, size);
+@@ -2005,14 +2008,14 @@ tpmHashStateSHA512_Unmarshal(SHA512_CTX *data, BYTE **buffer, INT32 *size,
+         rc = UINT16_Unmarshal(&array_size, buffer, size);
+     }
+     if (rc == TPM_RC_SUCCESS &&
+-        array_size != sizeof(data->u.p)) {
++        array_size != sizeof(data->p)) {
+         TPMLIB_LogTPM2Error("HASH_STATE_SHA512: Bad array size for u.p; "
+                             "expected %zu, got %u\n",
+-                            sizeof(data->u.p), array_size);
++                            sizeof(data->p), array_size);
+         rc = TPM_RC_BAD_PARAMETER;
+     }
+     if (rc == TPM_RC_SUCCESS) {
+-        rc = Array_Unmarshal(&data->u.p[0], array_size, buffer, size);
++        rc = Array_Unmarshal(&data->p[0], array_size, buffer, size);
+     }
+     if (rc == TPM_RC_SUCCESS) {
+         rc = UINT32_Unmarshal(&data->num, buffer, size);
+-- 
+2.42.0
+
diff --git a/third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch b/third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch
new file mode 100644
index 0000000..555ded5
--- /dev/null
+++ b/third_party/libtpms/patches/0002-boringssl-compat-removed-const_DES_cblock.patch
@@ -0,0 +1,54 @@
+From 42c0bd4522b06361bdbbb1fec182bdc363db9982 Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 12:58:37 +0200
+Subject: [PATCH 2/6] boringssl compat: removed const_DES_cblock
+
+This was some kind of hack for GCC 2.8.1 that never made it into
+BoringSSL.
+---
+ src/tpm2/crypto/openssl/TpmToOsslDesSupport.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c b/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c
+index d27aad2..9f972d6 100644
+--- a/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c
++++ b/src/tpm2/crypto/openssl/TpmToOsslDesSupport.c
+@@ -78,14 +78,14 @@ TDES_set_encrypt_key(
+ 		     tpmKeyScheduleTDES          *keySchedule
+ 		     )
+ {
+-    DES_set_key_unchecked((const_DES_cblock *)key, &keySchedule[0]);
+-    DES_set_key_unchecked((const_DES_cblock *)&key[8], &keySchedule[1]);
++    DES_set_key_unchecked((const DES_cblock *)key, &keySchedule[0]);
++    DES_set_key_unchecked((const DES_cblock *)&key[8], &keySchedule[1]);
+     // If is two-key, copy the schedule for K1 into K3, otherwise, compute the
+     // the schedule for K3
+     if(keySizeInBits == 128)
+ 	keySchedule[2] = keySchedule[0];
+     else
+-	DES_set_key_unchecked((const_DES_cblock *)&key[16],
++	DES_set_key_unchecked((const DES_cblock *)&key[16],
+ 			      &keySchedule[2]);
+ }
+ /* B.2.3.1.3.2. TDES_encyrpt() */
+@@ -97,7 +97,7 @@ void TDES_encrypt(
+ 		  tpmKeyScheduleTDES      *ks
+ 		  )
+ {
+-    DES_ecb3_encrypt((const_DES_cblock *)in, (DES_cblock *)out,
++    DES_ecb3_encrypt((const DES_cblock *)in, (DES_cblock *)out,
+ 		     &ks[0], &ks[1], &ks[2],
+ 		     DES_ENCRYPT);
+ }
+@@ -111,7 +111,7 @@ void TDES_decrypt(
+ 		  tpmKeyScheduleTDES   *ks
+ 		  )
+ {
+-    DES_ecb3_encrypt((const_DES_cblock *)in, (DES_cblock *)out,
++    DES_ecb3_encrypt((const DES_cblock *)in, (DES_cblock *)out,
+ 		     &ks[0], &ks[1], &ks[2],
+ 		     DES_DECRYPT);
+ }
+-- 
+2.42.0
+
diff --git a/third_party/libtpms/patches/0003-boringssl-compat-removed-EC_POINTs_mul.patch b/third_party/libtpms/patches/0003-boringssl-compat-removed-EC_POINTs_mul.patch
new file mode 100644
index 0000000..8b5669a
--- /dev/null
+++ b/third_party/libtpms/patches/0003-boringssl-compat-removed-EC_POINTs_mul.patch
@@ -0,0 +1,42 @@
+From 2cd6a191b0940d03d557941eda3395bdafbdb662 Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 12:59:11 +0200
+Subject: [PATCH 3/6] boringssl compat: removed EC_POINTs_mul
+
+This was deprecated in OpenSSL 3.0, we just need to 'fix' the ifdef
+guard to use the undeprecated APIs.
+---
+ src/tpm2/crypto/openssl/BnToOsslMath.c | 10 ----------
+ 1 file changed, 10 deletions(-)
+
+diff --git a/src/tpm2/crypto/openssl/BnToOsslMath.c b/src/tpm2/crypto/openssl/BnToOsslMath.c
+index 1b9fb81..7d13ce8 100644
+--- a/src/tpm2/crypto/openssl/BnToOsslMath.c
++++ b/src/tpm2/crypto/openssl/BnToOsslMath.c
+@@ -622,7 +622,6 @@ LIB_EXPORT BOOL BnEccModMult2(bigPoint            R,  // OUT: computed point
+ 	EC_POINT_mul(E->G, pR, bnD, pQ, bnU, E->CTX);
+     else
+ 	{
+-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ 	    EC_POINT *pR1 = EC_POINT_new(E->G);
+ 	    EC_POINT *pR2 = EC_POINT_new(E->G);
+ 	    int OK;
+@@ -635,15 +634,6 @@ LIB_EXPORT BOOL BnEccModMult2(bigPoint            R,  // OUT: computed point
+ 
+ 	    EC_POINT_clear_free(pR1);
+ 	    EC_POINT_clear_free(pR2);
+-#else
+-	    const EC_POINT* points[2];
+-	    const BIGNUM*   scalars[2];
+-	    points[0]  = pS;
+-	    points[1]  = pQ;
+-	    scalars[0] = bnD;
+-	    scalars[1] = bnU;
+-	    EC_POINTs_mul(E->G, pR, NULL, 2, points, scalars, E->CTX);
+-#endif
+ 	}
+     PointFromOssl(R, pR, E);
+     EC_POINT_clear_free(pR); // libtpms changed
+-- 
+2.42.0
+
diff --git a/third_party/libtpms/patches/0004-boringssl-compat-removed-camellia-support.patch b/third_party/libtpms/patches/0004-boringssl-compat-removed-camellia-support.patch
new file mode 100644
index 0000000..231d1d5
--- /dev/null
+++ b/third_party/libtpms/patches/0004-boringssl-compat-removed-camellia-support.patch
@@ -0,0 +1,33 @@
+From 00f0c95d643bc714f3361fa4f10dee3bf9f9384e Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 12:59:30 +0200
+Subject: [PATCH 4/6] boringssl compat: removed camellia support
+
+BoringSSL removed Camellia support out of principle, we don't care for
+it either and the TPM spec doesn't mandate it.
+---
+ src/tpm2/TpmProfile_Common.h | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/tpm2/TpmProfile_Common.h b/src/tpm2/TpmProfile_Common.h
+index a4bf462..78842a6 100644
+--- a/src/tpm2/TpmProfile_Common.h
++++ b/src/tpm2/TpmProfile_Common.h
+@@ -133,11 +133,11 @@
+ 
+ #define     SM4_128                     (NO  * ALG_SM4)
+ 
+-#define ALG_CAMELLIA                ALG_YES
++#define ALG_CAMELLIA                ALG_NO
+ 
+-#define     CAMELLIA_128                (YES * ALG_CAMELLIA)
++#define     CAMELLIA_128                (NO  * ALG_CAMELLIA)
+ #define     CAMELLIA_192                (NO  * ALG_CAMELLIA)
+-#define     CAMELLIA_256                (YES * ALG_CAMELLIA)
++#define     CAMELLIA_256                (NO  * ALG_CAMELLIA)
+ 
+ #define ALG_TDES                        ALG_YES /* libtpms enabled */
+ 
+-- 
+2.42.0
+
diff --git a/third_party/libtpms/patches/0005-boringssl-compat-remove-constant-time-flags-UNSAFE.patch b/third_party/libtpms/patches/0005-boringssl-compat-remove-constant-time-flags-UNSAFE.patch
new file mode 100644
index 0000000..795ee1e
--- /dev/null
+++ b/third_party/libtpms/patches/0005-boringssl-compat-remove-constant-time-flags-UNSAFE.patch
@@ -0,0 +1,176 @@
+From 98df8cd09ec7a5b91f05c665529ed6f579f231d9 Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 13:53:48 +0200
+Subject: [PATCH 5/6] boringssl compat: remove constant time flags (UNSAFE)
+
+OpenSSL has a quirky little API to mark bignums as 'secret' ie.
+'constant time' which is supposed to influence operations performed on
+them to be constant time.
+
+This API was tricky to use and caused security issues, so it was removed
+by BoringSSL.
+
+https://github.com/google/boringssl/commit/0a211dfe91588d2986a8735e1969dd9202a8b025
+
+Ideally we would replace all relevent BN_mod_exp calls with
+constant-time versions, but that's not trivial to do: the constant time
+versions of modular exponentiation and multiplicative inverse operations
+rely on Montgomery modular multiplication which seems to reduce the
+domain of the exponent to |0, N>. Unfortunately libtpms has plenty of
+eg. ModExp operations that work on exponents outside this range. OpenSSL
+seems to not have applied the constant time request to BN_mod_exp if
+that was the case, but BoringSSL refuses to perform constant time
+operations then.
+
+As I'm not a cryptographer and not able to fix this properly (or even
+fully reason about this), I'm just adding a big fat warning to be shown
+whenever potentially unsafe operations are now performed.
+---
+ src/monogon_unsafe.c                   | 28 ++++++++++++++++++++++++++
+ src/tpm2/crypto/openssl/BnToOsslMath.c | 10 +++++----
+ src/tpm2/crypto/openssl/ExpDCache.c    |  5 +++--
+ 3 files changed, 37 insertions(+), 6 deletions(-)
+ create mode 100644 src/monogon_unsafe.c
+
+diff --git a/src/monogon_unsafe.c b/src/monogon_unsafe.c
+new file mode 100644
+index 0000000..abaef79
+--- /dev/null
++++ b/src/monogon_unsafe.c
+@@ -0,0 +1,28 @@
++#include <stdio.h>
++#include <stdlib.h>
++
++// This library was built against BoringSSL without the BN constant time API,
++// thus all cryptographic operations are performed timing-unsafe which might
++// lead to side channel leaks. This is fine for Monogon's usecase (swtpm in
++// tests) but this code must not end up being used to secure any real systems.
++//
++// Note: I am not sure this code was safe from side channels in the first
++// place. See RsaPrivateKeyOp and compare with BoringSSL's
++// rsa_default_private_transform implementation... ~q3k
++
++static int _warned = 0;
++
++void monogon_warn_unsafe_library(void)
++{
++    if (getenv("MONOGON_LIBTPMS_ACKNOWLEDGE_UNSAFE") != NULL) {
++        return;
++    }
++    if (_warned) {
++        return;
++    }
++    _warned = 1;
++    fprintf(stderr, "--------------------------------------------------------------------------------\n");
++    fprintf(stderr, "WARNING: This fork of libtpms/swtpm contains UNSAFE cryptographic operations and\n");
++    fprintf(stderr, "         MUST NOT be used to secure sensitive data.\n");
++    fprintf(stderr, "--------------------------------------------------------------------------------\n");
++}
+diff --git a/src/tpm2/crypto/openssl/BnToOsslMath.c b/src/tpm2/crypto/openssl/BnToOsslMath.c
+index 7d13ce8..54d5916 100644
+--- a/src/tpm2/crypto/openssl/BnToOsslMath.c
++++ b/src/tpm2/crypto/openssl/BnToOsslMath.c
+@@ -83,6 +83,8 @@
+ //#include "Tpm.h"
+ #include "BnOssl.h"
+ 
++extern void monogon_warn_unsafe_library();
++
+ #ifdef MATH_LIB_OSSL
+ #  include "BnToOsslMath_fp.h"
+ 
+@@ -133,6 +135,7 @@ BOOL OsslToTpmBn(bigNum bn, const BIGNUM* osslBn)	// libtpms: added 'const'
+ // function prototype. Instead, use BnNewVariable().
+ BIGNUM* BigInitialized(BIGNUM* toInit, bigConst initializer)
+ {
++    monogon_warn_unsafe_library();
+ #if 1		// libtpms: added begin
+     BIGNUM *_toInit;
+     unsigned char buffer[LARGEST_NUMBER + 1];
+@@ -147,7 +150,6 @@ BIGNUM* BigInitialized(BIGNUM* toInit, bigConst initializer)
+ #if 1		// libtpms: added begin
+     BnToBytes(initializer, buffer, &buffer_len);	/* TPM to bin */
+     _toInit = BN_bin2bn(buffer, buffer_len, NULL);	/* bin to ossl */
+-    BN_set_flags(_toInit, BN_FLG_CONSTTIME);
+     BN_copy(toInit, _toInit);
+     BN_clear_free(_toInit);
+ #else		// libtpms: added end
+@@ -355,13 +357,13 @@ LIB_EXPORT BOOL BnGcd(bigNum   gcd,      // OUT: the common divisor
+ 		      bigConst number2   // IN:
+ 		      )
+ {
++    monogon_warn_unsafe_library();
+     OSSL_ENTER();
+     BIGNUM* bnGcd = BN_NEW();
+     BOOL    OK    = TRUE;
+     BIG_INITIALIZED(bn1, number1);
+     BIG_INITIALIZED(bn2, number2);
+     //
+-    BN_set_flags(bn1, BN_FLG_CONSTTIME); // number1 is secret prime number
+     GOTO_ERROR_UNLESS(BN_gcd(bnGcd, bn1, bn2, CTX));
+     GOTO_ERROR_UNLESS(OsslToTpmBn(gcd, bnGcd));
+     goto Exit;
+@@ -387,6 +389,7 @@ LIB_EXPORT BOOL BnModExp(bigNum   result,    // OUT: the result
+ 			 bigConst modulus    // IN:
+ 			 )
+ {
++    monogon_warn_unsafe_library();
+     OSSL_ENTER();
+     BIGNUM* bnResult = BN_NEW();
+     BOOL    OK       = TRUE;
+@@ -394,7 +397,6 @@ LIB_EXPORT BOOL BnModExp(bigNum   result,    // OUT: the result
+     BIG_INITIALIZED(bnE, exponent);
+     BIG_INITIALIZED(bnM, modulus);
+     //
+-    BN_set_flags(bnE, BN_FLG_CONSTTIME); // exponent may be private
+     GOTO_ERROR_UNLESS(BN_mod_exp(bnResult, bnN, bnE, bnM, CTX));
+     GOTO_ERROR_UNLESS(OsslToTpmBn(result, bnResult));
+     goto Exit;
+@@ -416,13 +418,13 @@ LIB_EXPORT BOOL BnModExp(bigNum   result,    // OUT: the result
+ //      FALSE(0)        failure in operation
+ LIB_EXPORT BOOL BnModInverse(bigNum result, bigConst number, bigConst modulus)
+ {
++    monogon_warn_unsafe_library();
+     OSSL_ENTER();
+     BIGNUM* bnResult = BN_NEW();
+     BOOL    OK       = TRUE;
+     BIG_INITIALIZED(bnN, number);
+     BIG_INITIALIZED(bnM, modulus);
+     //
+-    BN_set_flags(bnN, BN_FLG_CONSTTIME); // number may be private
+     GOTO_ERROR_UNLESS(BN_mod_inverse(bnResult, bnN, bnM, CTX) != NULL);
+     GOTO_ERROR_UNLESS(OsslToTpmBn(result, bnResult));
+     goto Exit;
+diff --git a/src/tpm2/crypto/openssl/ExpDCache.c b/src/tpm2/crypto/openssl/ExpDCache.c
+index 5aeaf14..133e9ed 100644
+--- a/src/tpm2/crypto/openssl/ExpDCache.c
++++ b/src/tpm2/crypto/openssl/ExpDCache.c
+@@ -61,6 +61,8 @@
+ #include "Tpm.h"
+ #include "ExpDCache_fp.h"
+ 
++extern void monogon_warn_unsafe_library(void);
++
+ /* Implement a cache for the private exponent D so it doesn't need to be
+  * recalculated every time from P, Q, E and N (modulus). The cache has a
+  * number of entries that cache D and use P, Q, and E for lookup.
+@@ -169,6 +171,7 @@ BIGNUM *ExpDCacheFind(const BIGNUM *P, const BIGNUM *N, const BIGNUM *E, BIGNUM
+     unsigned myage;
+     BIGNUM *D;
+ 
++    monogon_warn_unsafe_library();
+     for (i = 0; i < ARRAY_SIZE(ExpDCache); i++) {
+         if (BN_cmp(ExpDCache[i].P, P) == 0 && BN_cmp(ExpDCache[i].N, N) == 0 &&
+             BN_cmp(ExpDCache[i].E, E) == 0) {
+@@ -190,8 +193,6 @@ BIGNUM *ExpDCacheFind(const BIGNUM *P, const BIGNUM *N, const BIGNUM *E, BIGNUM
+                 *Q = NULL;
+                 return NULL;
+             }
+-            BN_set_flags(*Q, BN_FLG_CONSTTIME);
+-            BN_set_flags(D, BN_FLG_CONSTTIME);
+             return D;
+         }
+     }
+-- 
+2.42.0
+
diff --git a/third_party/libtpms/patches/0006-bazel-support-implement.patch b/third_party/libtpms/patches/0006-bazel-support-implement.patch
new file mode 100644
index 0000000..8152a55
--- /dev/null
+++ b/third_party/libtpms/patches/0006-bazel-support-implement.patch
@@ -0,0 +1,106 @@
+From fa72e847a7fb503daa25b5007edb28483a0f6e42 Mon Sep 17 00:00:00 2001
+From: Serge Bazanski <serge@monogon.tech>
+Date: Tue, 4 Jun 2024 14:31:54 +0200
+Subject: [PATCH 6/6] bazel support: implement
+
+---
+ BUILD.bazel              | 45 ++++++++++++++++++++++++++++++++++++++++
+ WORKSPACE                |  0
+ include/libtpms/config.h |  3 +++
+ src/tpm_library.c        |  1 +
+ src/tpm_tpm2_interface.c |  1 +
+ 5 files changed, 50 insertions(+)
+ create mode 100644 BUILD.bazel
+ create mode 100644 WORKSPACE
+ create mode 100644 include/libtpms/config.h
+
+diff --git a/BUILD.bazel b/BUILD.bazel
+new file mode 100644
+index 0000000..591942d
+--- /dev/null
++++ b/BUILD.bazel
+@@ -0,0 +1,45 @@
++cc_library(
++    name = "libtpms_tpm2",
++    includes = [
++        "include",
++    ],
++    copts = [
++        "-Iexternal/libtpms/include/libtpms",
++        "-Iexternal/libtpms/src",
++        "-Iexternal/libtpms/src/tpm2",
++        "-Iexternal/libtpms/src/tpm2/crypto",
++        "-Iexternal/libtpms/src/tpm2/crypto/openssl",
++    ],
++    defines = [
++        "TPM_LIBTPMS_CALLBACKS",
++        "TPM_NV_DISK",
++    ],
++    deps = [
++        "@boringssl//:ssl",
++    ],
++    textual_hdrs = [
++        "src/tpm2/EccConstantData.inl",
++    ],
++    srcs = glob([
++        "include/config.h",
++        "include/libtpms/*.h",
++
++        "src/*.h",
++        "src/*.c",
++
++        "src/tpm2/*.h",
++        "src/tpm2/*.c",
++
++        "src/tpm2/crypto/*.h",
++        "src/tpm2/crypto/openssl/*.h",
++        "src/tpm2/crypto/openssl/*.c",
++
++        "src/monogon_unsafe.c",
++    ], [
++        # No TPM1.2 support.
++        "src/tpm_tpm12*",
++    ]),
++    visibility = [
++        "//visibility:public",
++    ],
++)
+diff --git a/WORKSPACE b/WORKSPACE
+new file mode 100644
+index 0000000..e69de29
+diff --git a/include/libtpms/config.h b/include/libtpms/config.h
+new file mode 100644
+index 0000000..bb4316e
+--- /dev/null
++++ b/include/libtpms/config.h
+@@ -0,0 +1,3 @@
++#pragma once
++
++#define WITH_TPM2 1
+diff --git a/src/tpm_library.c b/src/tpm_library.c
+index 20153b7..a3c5694 100644
+--- a/src/tpm_library.c
++++ b/src/tpm_library.c
+@@ -63,6 +63,7 @@
+ #include "tpm_debug.h"
+ #include "tpm_error.h"
+ #include "tpm_library.h"
++#include "tpm_library_conf.h"
+ #include "tpm_library_intern.h"
+ #include "tpm_nvfilename.h"
+ #include "tpm_tis.h"
+diff --git a/src/tpm_tpm2_interface.c b/src/tpm_tpm2_interface.c
+index 4570d78..7e51b5e 100644
+--- a/src/tpm_tpm2_interface.c
++++ b/src/tpm_tpm2_interface.c
+@@ -65,6 +65,7 @@
+ #include "tpm_nvfile.h" // TPM_NVRAM_Loaddata()
+ #include "tpm_error.h"
+ #include "tpm_library_intern.h"
++#include "tpm_library_conf.h"
+ #include "tpm_nvfilename.h"
+ 
+ extern BOOL      g_inFailureMode;
+-- 
+2.42.0
+
diff --git a/third_party/libtpms/patches/BUILD.bazel b/third_party/libtpms/patches/BUILD.bazel
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/third_party/libtpms/patches/BUILD.bazel