Name:           tpm2-openssl
Version:        1.2.0
Release:        1%{?dist}
Summary:        OpenSSL Engine for TPM2 devices using the tpm2-tss software stack

License:        BSD-3-Clause
URL:            https://github.com/tpm2-software/tpm2-openssl
Source0:        https://github.com/tpm2-software/tpm2-openssl/releases/download/%{version}/%{name}-%{version}.tar.gz
# Patch to skip the ec_createak_x509_index test on s390x (tpm2-tools is broken on big endian systems)
Patch0001:      0001-s390x-test.patch

BuildRequires:  autoconf
BuildRequires:  autoconf-archive
BuildRequires:  automake
BuildRequires:  gcc
BuildRequires:  libtool
BuildRequires:  make
BuildRequires:  pkgconfig(libcrypto)
BuildRequires:  pkgconfig(tss2-esys)
BuildRequires:  pkgconfig(tss2-rc)
BuildRequires:  pkgconfig(tss2-tctildr)
#
# Required only for tests
#
BuildRequires:  dbus-daemon
BuildRequires:  openssl
BuildRequires:  swtpm
BuildRequires:  tpm2-abrmd
BuildRequires:  tpm2-tools


%description
tpm2-openssl is a provider implementation for OpenSSL that uses tpm2-tss 
software stack. It uses the Enhanced System API (ESAPI) interface of the
TSS 2.0 for downwards communication. It supports RSA decryption and signatures
as well as ECDSA signatures.


%prep
%autosetup -n %{name}-%{version} -p1


%build
%configure --disable-static
%make_build


%install
%make_install


%check
#
# This seems to be a somewhat convoluted way to run a software
# tpm in order to run the tests, but it seems to work (this is
# based on the upstream projects use of a container to run tests).
#
export DBUS_SESSION_BUS_ADDRESS=`dbus-daemon --session --print-address --fork`
mkdir /tmp/swtpm
swtpm socket --tpm2 --daemon --server type=tcp,port=2321 --ctrl type=tcp,port=2322 --flags not-need-init --tpmstate dir=/tmp/swtpm --seccomp action=none
tpm2-abrmd --session --dbus-name "com.intel.tss2.Tabrmd-2321" --tcti "swtpm:host=127.0.0.1,port=2321" &
# Give tpm2-abrmd time to start up and initialize/register....
sleep 5
export TCTI_ADDRESS="tabrmd:bus_name=com.intel.tss2.Tabrmd-2321,bus_type=session"
export TPM2TOOLS_TCTI="$TCTI_ADDRESS"
export TPM2OPENSSL_TCTI="$TCTI_ADDRESS"
make check


%files
%license LICENSE
%doc README.md
%{_libdir}/ossl-modules/tpm2.so


%changelog
* Sun Nov 05 2023 Gary Buhrmaster <gary.buhrmaster@gmail.com> - 1.2.0-1
- initial version of the package