diabonas
commented
4 years ago OpenSSL 1.1 changed the file name it looks for for when trying to load the engine name from libname.so to just name.so, see https://github.com/openssl/openssl/commit/9ee0ed3de66678a15db126d10b3e4226e835b8f5. For this reason, tpm2-tss-engine creates a symlink from libtpm2tss.so to tpm2tss.so during installation so that the given example code works with OpenSSL 1.0 and OpenSSL 1.1. It seems like a packaging error if the Fedora package does not create this symlink as well.
dnoliver
AndreasFuchsTPM
zavalamathias
Hello!
As today, there is a tpm2-tss-engine package available for Fedora Rawhide (soon to be 32) https://src.fedoraproject.org/rpms/tpm2-tss-engine.
I tested the package, and was able to get the basic workflow working, creating keys with tpms_tools and generating a CSR with openssl (https://gist.github.com/dnoliver/04364e72d8b81368f72ad4e6896f688d#file-enrollment-sh-L121)
The problem I found is that, in the installed package, the engine is installed as
libtpm2tss, instead oftpm2tss, that is provided when you compile the package.The information on how this package was created is here https://bugzilla.redhat.com/show_bug.cgi?id=1773855. The impact is that, the documentation provided by this repo is not accurate.
The SPEC file is here https://src.fedoraproject.org/rpms/tpm2-tss-engine/blob/master/f/tpm2-tss-engine.spec
Functionality is not impacted as far as I know.
Is this an rpm package creation error, or the
make installcommand is doing something special?