search

tpm2-software / tpm2-tss-engine

OpenSSL Engine for TPM2 devices
https://tpm2-software.github.io
BSD 3-Clause "New" or "Revised" License
148 stars 97 forks source link

Symlink from libtpm2tss.so to tpm2tss.so missing for tests #41

Closed diabonas closed 5 years ago

diabonas commented 5 years ago

As OpenSSL has changed its naming convention for engines, the library must be named tpm2tss.so for OpenSSL 1.1, while for OpenSSL 1.0, it was libtpm2tss.so. This is achieved in the makefile by creating a symbolic link from tpm2tss.so to libtpm2tss.so during installation. However, for the integration tests, the libtool .libs directory is used, where no such symlink exists. This causes the integration tests run by make check to fail on my machine, which uses an OpenSSL 1.1.1 binary:

FAIL: test/ecdsa.sh
FAIL: test/ecdsa-emptyauth.sh
PASS: test/rand.sh
FAIL: test/rsadecrypt.sh
FAIL: test/rsasign.sh
PASS: test/failload.sh
PASS: test/failwrite.sh
FAIL: test/rsasign_persistent.sh

Corresponding excerpt from test-suite.log:

+ openssl pkeyutl -keyform engine -engine tpm2tss -inkey /tmp/tmp.FZMHtH7iiB/mykey -sign -in /tmp/tmp.FZMHtH7iiB/mydata -out /tmp/tmp.FZMHtH7iiB/mysig -passin stdin
invalid engine "tpm2tss"
140294865027584:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:117:filename(/home/jonas/tpm2-tss-engine/.libs/tpm2tss.so): /home/jonas/tpm2-tss-engine/.libs/tpm2tss.so: cannot open shared object file: No such file or directory
140294865027584:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:162:
140294865027584:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414:
140294865027584:error:2606A074:engine routines:ENGINE_by_id:no such engine:crypto/engine/eng_list.c:335:id=tpm2tss
140294865027584:error:25066067:DSO support routines:dlfcn_load:could not load the shared library:crypto/dso/dso_dlfcn.c:117:filename(libtpm2tss.so): libtpm2tss.so: cannot open shared object file: No such file or directory
140294865027584:error:25070067:DSO support routines:DSO_load:could not load the shared library:crypto/dso/dso_lib.c:162:
140294865027584:error:260B6084:engine routines:dynamic_load:dso not found:crypto/engine/eng_dyn.c:414:
no engine specified
unable to load Private Key
pkeyutl: Error initializing context
FAIL test/ecdsa.sh (exit status: 1)

test/rand.sh and test/failload.sh are not really successful either, their "PASS" is just an artefact of openssl exiting without error/printing out "unable to load Private Key" despite being unable to load the engine. test/failwrite.sh does not use the openssl binary and is therefore not affected.

Manually adding a symlink from libtpm2tss.so to tpm2tss.so in the .libs directory causes all eight tests to pass for me.

diabonas commented 5 years ago

BTW, the Travis builds using OpenSSL 1.1 seem to circumvent this problem by including the .libs directory in LD_LIBRARY_PATH, which is one possible workaround, see https://github.com/tpm2-software/tpm2-tss-engine/issues/6#issue-355391442. If this is the preferred solution, it should probably be incorporated directly into the tests (like setting OPENSSL_ENGINES). This way, make check works out of the box (provided a tpm_server is running), without manually having to fiddle with environment variables.