From cb46448a1fc3c8f55529e74d3c7b0809ca036992 Mon Sep 17 00:00:00 2001 From: Aidan Date: Thu, 10 Oct 2024 16:36:52 -0700 Subject: [PATCH 01/13] Added meta recipie / updated README.md and conf --- README.md | 74 +++++++++++++++++++- conf/layer.conf | 8 +++ recipes-examples/wolftpm/wolftpm-examples.bb | 69 ++++++++++++++++++ 3 files changed, 150 insertions(+), 1 deletion(-) create mode 100644 recipes-examples/wolftpm/wolftpm-examples.bb diff --git a/README.md b/README.md index e660af1..490dcd3 100644 --- a/README.md +++ b/README.md @@ -290,7 +290,6 @@ looks as follows: Testing Wolfssl-py and Wolfcrypt-py ----------------------------------- - To test the python wrapper for wolfSSL and wolfcrypt in a yocto build it will require python3, python3-pytest, python3-cffi and wolfSSL are built on the target system. @@ -342,6 +341,79 @@ to add a DNS server to /etc/resolv.conf like such with root perms echo "nameserver 8.8.8.8" >> /etc/resolv.conf ``` +wolfTPM examples +---------------- + +Several wolfTPM example application recipes are included in this layer. These +include: +- attestation +- gpio +- pcr +- tls +- bench +- boot +- keygen +- csr +- endorsement +- firmware +- nvram +- management +- native +- pkcs7 +- seal +- wrap + +The recipes for these applications are located at: + +``` +meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb +``` + +This can be compiled with bitbake: + +``` +$ bitbake wolftpm-examples +``` + +To install these applications into your image, you will need to edit your +"build/conf/local.conf" file and add them to the "IMAGE_INSTALL" +variable. You would need to do something like this for wolfssl, wolftpm, and wolftpm-examples: + +- For Dunfell and newer versions of Yocto +``` +IMAGE_INSTALL:append = " wolfssl wolftpm wolftpm-examples " +``` + +- For versions of Yocto older than Dunfell +``` +IMAGE_INSTALL_append = " wolfssl wolftpm wolftpm-examples " +``` + +When your image builds, these will be installed to the '/usr/bin' system +directory. When inside your executing image, you can run them from the +terminal. + +additional information +---------------------- + +Use to re-source your build environment +``` +source ../poky/oe-init-build-env +``` + +Check for active bitbake processes +``` +ps aux | grep bitbake +``` + +to kill any processes +``` +kill +``` + +Dependencies and More +--------------------- + wolfProvider ------------ To build wolfProvider view the instructions in this [README](recipes-wolfssl/wolfprovider/README.md) diff --git a/conf/layer.conf b/conf/layer.conf index f1df7d7..df8c0e6 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -1,6 +1,9 @@ # We have a conf and classes directory, add to BBPATH BBPATH := "${LAYERDIR}:${BBPATH}" +# Add specific `wolf*` to run bitbake +IMAGE_INSTALL:append = "wolftpm wolfssl wolftpm-examples " + # We have a packages directory, add to BBFILES BBFILES += "${LAYERDIR}/recipes-wolfssl/wolfssl/*.bb \ ${LAYERDIR}/recipes-wolfssl/wolfssl/*.bbappend" @@ -75,6 +78,11 @@ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ '${LAYERDIR}/recipes-examples/wolfengine/wolfenginetest/*.bb ${LAYERDIR}/recipes-examples/wolfengine/wolfenginetest/*.bbappend', \ '', d)}" +BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ + 'wolftpm-examples', \ + '${LAYERDIR}/recipes-examples/wolftpm/*.bb ${LAYERDIR}/recipes-examples/wolftpm/*.bbappend', \ + '', d)}" + # Uncomment if building bind with wolfSSL. #BBFILES += "${LAYERDIR}/recipes-connectivity/bind/*.bbappend" diff --git a/recipes-examples/wolftpm/wolftpm-examples.bb b/recipes-examples/wolftpm/wolftpm-examples.bb new file mode 100644 index 0000000..326f3fe --- /dev/null +++ b/recipes-examples/wolftpm/wolftpm-examples.bb @@ -0,0 +1,69 @@ +SUMMARY = "Examples for wolfTPM" +DESCRIPTION = "This recipe provides examples for wolfTPM" +HOMEPAGE = "https://www.wolfssl.com/products/wolfssl" + +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" +SRC_URI = "git://github.com/wolfSSL/wolfTPM/examples.git;nobranch=1;protocol=https;rev=a5f6c912ac6903872d9666238440a76bc9f92517" + +DEPENDS += "wolfssl wolftpm" + +S = "${WORKDIR}/git/wolfTPM/examples" + +do_compile() { + # Iterate through each directory and compile C files + for dir in attestation \ + gpio \ + pcr \ + tls \ + bench \ + boot \ + keygen \ + csr \ + endorsement \ + firmware \ + nvram \ + management \ + native \ + pkcs7 \ + seal \ + wrap \ + timestamp; do + for src in ${S}/$dir/*.c; do + exe_name=$(basename $src .c) + ${CC} $src -o ${D}/usr/bin/$exe_name ${CFLAGS} ${LDFLAGS} -lwolfssl -lwolfTPM -ldl + done + done +} + +do_install() { + install -d ${D}/usr/bin + for dir in attestation \ + gpio \ + pcr \ + tls \ + bench \ + boot \ + keygen \ + csr \ + endorsement \ + firmware \ + nvram \ + management \ + native \ + pkcs7 \ + seal \ + wrap \ + timestamp; do + for src in ${S}/$dir/*.c; do + exe_name=$(basename $src .c) + install -m 0755 ${D}/usr/bin/$exe_name ${D}/usr/bin/ + done + done + + install -d ${D}/usr/include/wolftpm + install -m 0644 ${S}/tpm_test_keys.h ${D}/usr/include/wolftpm/ + install -m 0644 ${S}/tpm_test.h ${D}/usr/include/wolftpm/ +} + +PACKAGES = "${PN} ${PN}-dev" From 39e261d16474c47ee3f75af6e56510432c309212 Mon Sep 17 00:00:00 2001 From: Aidan Date: Thu, 10 Oct 2024 19:35:22 -0700 Subject: [PATCH 02/13] Modified the paths for tpm --- README.md | 18 ------------------ conf/layer.conf | 2 +- recipes-examples/wolftpm/wolftpm-examples.bb | 4 ++-- 3 files changed, 3 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 490dcd3..18cb2dc 100644 --- a/README.md +++ b/README.md @@ -393,24 +393,6 @@ When your image builds, these will be installed to the '/usr/bin' system directory. When inside your executing image, you can run them from the terminal. -additional information ----------------------- - -Use to re-source your build environment -``` -source ../poky/oe-init-build-env -``` - -Check for active bitbake processes -``` -ps aux | grep bitbake -``` - -to kill any processes -``` -kill -``` - Dependencies and More --------------------- diff --git a/conf/layer.conf b/conf/layer.conf index df8c0e6..ca6a38e 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -2,7 +2,7 @@ BBPATH := "${LAYERDIR}:${BBPATH}" # Add specific `wolf*` to run bitbake -IMAGE_INSTALL:append = "wolftpm wolfssl wolftpm-examples " +IMAGE_INSTALL:append = " wolftpm wolfssl wolftpm-examples " # We have a packages directory, add to BBFILES BBFILES += "${LAYERDIR}/recipes-wolfssl/wolfssl/*.bb \ diff --git a/recipes-examples/wolftpm/wolftpm-examples.bb b/recipes-examples/wolftpm/wolftpm-examples.bb index 326f3fe..38135b1 100644 --- a/recipes-examples/wolftpm/wolftpm-examples.bb +++ b/recipes-examples/wolftpm/wolftpm-examples.bb @@ -4,11 +4,11 @@ HOMEPAGE = "https://www.wolfssl.com/products/wolfssl" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/wolfSSL/wolfTPM/examples.git;nobranch=1;protocol=https;rev=a5f6c912ac6903872d9666238440a76bc9f92517" +SRC_URI = "git://github.com/wolfSSL/wolfTPM.git;nobranch=1;protocol=https;rev=a5f6c912ac6903872d9666238440a76bc9f92517" DEPENDS += "wolfssl wolftpm" -S = "${WORKDIR}/git/wolfTPM/examples" +S = "${WORKDIR}/git" do_compile() { # Iterate through each directory and compile C files From 7fa9060df30742182cf96eab8c144c2a04ef2bcc Mon Sep 17 00:00:00 2001 From: Aidan Date: Tue, 15 Oct 2024 13:26:26 -0700 Subject: [PATCH 03/13] Adds wolftpm_%.bbappnd to move examples --- README.md | 29 ++++---- conf/layer.conf | 8 --- recipes-examples/wolftpm/wolftpm-examples.bb | 69 -------------------- recipes-wolfssl/wolftpm/wolftpm_%.bbappend | 34 ++++++++++ 4 files changed, 51 insertions(+), 89 deletions(-) delete mode 100644 recipes-examples/wolftpm/wolftpm-examples.bb create mode 100644 recipes-wolfssl/wolftpm/wolftpm_%.bbappend diff --git a/README.md b/README.md index 18cb2dc..2e89c90 100644 --- a/README.md +++ b/README.md @@ -341,7 +341,7 @@ to add a DNS server to /etc/resolv.conf like such with root perms echo "nameserver 8.8.8.8" >> /etc/resolv.conf ``` -wolfTPM examples +wolfTPM Examples ---------------- Several wolfTPM example application recipes are included in this layer. These @@ -364,37 +364,42 @@ include: - wrap The recipes for these applications are located at: - ``` -meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb +meta-wolfssl/recipes-wolfssl/wolftpm/wolftpm_%.bbappend ``` -This can be compiled with bitbake: +This can be compiled with bitbake using: ``` -$ bitbake wolftpm-examples +$ bitbake wolftpm ``` -To install these applications into your image, you will need to edit your -"build/conf/local.conf" file and add them to the "IMAGE_INSTALL" -variable. You would need to do something like this for wolfssl, wolftpm, and wolftpm-examples: +To install wolfTPM examples into your image, you will need to edit your +"build/conf/local.conf" file with the neccesary options. There are two +steps needed in order to install wolfTPM's examples into your image. + +1. You need to first add wolfTPM to your "IMAGE_INSTALL" variable like so: - For Dunfell and newer versions of Yocto ``` -IMAGE_INSTALL:append = " wolfssl wolftpm wolftpm-examples " +IMAGE_INSTALL:append = " wolftpm " ``` - For versions of Yocto older than Dunfell ``` -IMAGE_INSTALL_append = " wolfssl wolftpm wolftpm-examples " +IMAGE_INSTALL_append = " wolftpm " ``` When your image builds, these will be installed to the '/usr/bin' system directory. When inside your executing image, you can run them from the terminal. -Dependencies and More ---------------------- +2. You then need to enable the examples in your image by +setting `ENABLE_WOLFTPM_EXAMPLES` to 1 in your local.conf like so: + +``` +ENABLE_WOLFTPM_EXAMPLES = "1" +``` wolfProvider ------------ diff --git a/conf/layer.conf b/conf/layer.conf index ca6a38e..f1df7d7 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -1,9 +1,6 @@ # We have a conf and classes directory, add to BBPATH BBPATH := "${LAYERDIR}:${BBPATH}" -# Add specific `wolf*` to run bitbake -IMAGE_INSTALL:append = " wolftpm wolfssl wolftpm-examples " - # We have a packages directory, add to BBFILES BBFILES += "${LAYERDIR}/recipes-wolfssl/wolfssl/*.bb \ ${LAYERDIR}/recipes-wolfssl/wolfssl/*.bbappend" @@ -78,11 +75,6 @@ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ '${LAYERDIR}/recipes-examples/wolfengine/wolfenginetest/*.bb ${LAYERDIR}/recipes-examples/wolfengine/wolfenginetest/*.bbappend', \ '', d)}" -BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ - 'wolftpm-examples', \ - '${LAYERDIR}/recipes-examples/wolftpm/*.bb ${LAYERDIR}/recipes-examples/wolftpm/*.bbappend', \ - '', d)}" - # Uncomment if building bind with wolfSSL. #BBFILES += "${LAYERDIR}/recipes-connectivity/bind/*.bbappend" diff --git a/recipes-examples/wolftpm/wolftpm-examples.bb b/recipes-examples/wolftpm/wolftpm-examples.bb deleted file mode 100644 index 38135b1..0000000 --- a/recipes-examples/wolftpm/wolftpm-examples.bb +++ /dev/null @@ -1,69 +0,0 @@ -SUMMARY = "Examples for wolfTPM" -DESCRIPTION = "This recipe provides examples for wolfTPM" -HOMEPAGE = "https://www.wolfssl.com/products/wolfssl" - -LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/wolfSSL/wolfTPM.git;nobranch=1;protocol=https;rev=a5f6c912ac6903872d9666238440a76bc9f92517" - -DEPENDS += "wolfssl wolftpm" - -S = "${WORKDIR}/git" - -do_compile() { - # Iterate through each directory and compile C files - for dir in attestation \ - gpio \ - pcr \ - tls \ - bench \ - boot \ - keygen \ - csr \ - endorsement \ - firmware \ - nvram \ - management \ - native \ - pkcs7 \ - seal \ - wrap \ - timestamp; do - for src in ${S}/$dir/*.c; do - exe_name=$(basename $src .c) - ${CC} $src -o ${D}/usr/bin/$exe_name ${CFLAGS} ${LDFLAGS} -lwolfssl -lwolfTPM -ldl - done - done -} - -do_install() { - install -d ${D}/usr/bin - for dir in attestation \ - gpio \ - pcr \ - tls \ - bench \ - boot \ - keygen \ - csr \ - endorsement \ - firmware \ - nvram \ - management \ - native \ - pkcs7 \ - seal \ - wrap \ - timestamp; do - for src in ${S}/$dir/*.c; do - exe_name=$(basename $src .c) - install -m 0755 ${D}/usr/bin/$exe_name ${D}/usr/bin/ - done - done - - install -d ${D}/usr/include/wolftpm - install -m 0644 ${S}/tpm_test_keys.h ${D}/usr/include/wolftpm/ - install -m 0644 ${S}/tpm_test.h ${D}/usr/include/wolftpm/ -} - -PACKAGES = "${PN} ${PN}-dev" diff --git a/recipes-wolfssl/wolftpm/wolftpm_%.bbappend b/recipes-wolfssl/wolftpm/wolftpm_%.bbappend new file mode 100644 index 0000000..3934d52 --- /dev/null +++ b/recipes-wolfssl/wolftpm/wolftpm_%.bbappend @@ -0,0 +1,34 @@ +# For wolfTPM Examples +WOLFTPM_DIR = "${S}/examples" +WOLFTPM_TARGET_DIR = "/home/root/wolftpm/examples" +WOLFTPM_TEST_TARGET_DIR = "${D}${WOLFTPM_TARGET_DIR}" + +python () { + distro_version = d.getVar('DISTRO_VERSION', True) + wolftpm_dir = d.getVar('WOLFTPM_DIR', True) + wolftpm_test_target_dir = d.getVar('WOLFTPM_TEST_TARGET_DIR', True) + + bb.note("Installing Examples Directory for wolfTPM") + installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_test_target_dir) + cpWolftpmExamples = 'cp -r %s/* %s\n' % (wolftpm_dir, wolftpm_test_target_dir) + + d.appendVar('do_install', installDir) + d.appendVar('do_install', cpWolftpmExamples) + + # Append to FILES:${PN} within the Python function + files_var = 'FILES:' + d.getVar('PN', True) + wolftpm_example_files = wolftpm_test_target_dir + '/*' + + pn = d.getVar('PN', True) + if distro_version and (distro_version.startswith('2.') or distro_version.startswith('3.')): + files_var_name = 'FILES_' + pn + else: + files_var_name = 'FILES:' + pn + + current_files = d.getVar(files_var_name, True) or "" + new_files = current_files + ' ' + wolftpm_example_files + d.setVar(files_var_name, new_files) +} + +# Python Specific option +export PYTHONDONTWRITEBYTECODE = "1" From 9568c19088e9b1c37932ae3f4c0875243d29f280 Mon Sep 17 00:00:00 2001 From: Aidan Date: Thu, 17 Oct 2024 13:19:26 -0700 Subject: [PATCH 04/13] .bbappend for wolftpm to move over examples / readme update / option to disable or enable examples --- README.md | 21 ++------- recipes-wolfssl/wolftpm/wolftpm_%.bbappend | 53 ++++++++++++---------- 2 files changed, 33 insertions(+), 41 deletions(-) diff --git a/README.md b/README.md index 2e89c90..c913a54 100644 --- a/README.md +++ b/README.md @@ -344,24 +344,9 @@ echo "nameserver 8.8.8.8" >> /etc/resolv.conf wolfTPM Examples ---------------- -Several wolfTPM example application recipes are included in this layer. These -include: -- attestation -- gpio -- pcr -- tls -- bench -- boot -- keygen -- csr -- endorsement -- firmware -- nvram -- management -- native -- pkcs7 -- seal -- wrap +Several wolfTPM example application recipes are included in this layer. These include: + +TODO The recipes for these applications are located at: ``` diff --git a/recipes-wolfssl/wolftpm/wolftpm_%.bbappend b/recipes-wolfssl/wolftpm/wolftpm_%.bbappend index 3934d52..1d4089c 100644 --- a/recipes-wolfssl/wolftpm/wolftpm_%.bbappend +++ b/recipes-wolfssl/wolftpm/wolftpm_%.bbappend @@ -1,33 +1,40 @@ # For wolfTPM Examples -WOLFTPM_DIR = "${S}/examples" -WOLFTPM_TARGET_DIR = "/home/root/wolftpm/examples" -WOLFTPM_TEST_TARGET_DIR = "${D}${WOLFTPM_TARGET_DIR}" +WOLFTPM_TEST_DIR = "${S}/examples" +WOLFTPM_DIR = "/home/root/wolftpm/examples" +WOLFTPM_TEST_TARGET_DIR = "${D}${WOLFTPM_DIR}" python () { - distro_version = d.getVar('DISTRO_VERSION', True) - wolftpm_dir = d.getVar('WOLFTPM_DIR', True) - wolftpm_test_target_dir = d.getVar('WOLFTPM_TEST_TARGET_DIR', True) + enable_wolftpm_examples = d.getVar('ENABLE_WOLFTPM_EXAMPLES', True) - bb.note("Installing Examples Directory for wolfTPM") - installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_test_target_dir) - cpWolftpmExamples = 'cp -r %s/* %s\n' % (wolftpm_dir, wolftpm_test_target_dir) + if enable_wolftpm_examples == "1": + distro_version = d.getVar('DISTRO_VERSION', True) + wolftpm_test_dir = d.getVar('WOLFTPM_TEST_DIR', True) + wolftpm_test_target_dir = d.getVar('WOLFTPM_TEST_TARGET_DIR', True) - d.appendVar('do_install', installDir) - d.appendVar('do_install', cpWolftpmExamples) + bb.note("Installing Examples Directory for wolfTPM") + installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_test_target_dir) + cpWolftpmExamples = 'cp -r %s/* %s\n' % (wolftpm_test_dir, wolftpm_test_target_dir) - # Append to FILES:${PN} within the Python function - files_var = 'FILES:' + d.getVar('PN', True) - wolftpm_example_files = wolftpm_test_target_dir + '/*' + d.appendVar('do_install', installDir) + d.appendVar('do_install', cpWolftpmExamples) - pn = d.getVar('PN', True) - if distro_version and (distro_version.startswith('2.') or distro_version.startswith('3.')): - files_var_name = 'FILES_' + pn - else: - files_var_name = 'FILES:' + pn - - current_files = d.getVar(files_var_name, True) or "" - new_files = current_files + ' ' + wolftpm_example_files - d.setVar(files_var_name, new_files) + # Remove the unwanted file + d.appendVar('do_install', 'rm -f %s/run_examples.sh\n' % wolftpm_test_target_dir) + + # Append to FILES:${PN} within the Python function + files_var = 'FILES:' + d.getVar('PN', True) + wolftpm_example_files = wolftpm_test_target_dir + '/*' + + pn = d.getVar('PN', True) + wolftpm_dir = d.getVar('WOLFTPM_DIR', True) + if distro_version and (distro_version.startswith('2.') or distro_version.startswith('3.')): + files_var_name = 'FILES_' + pn + else: + files_var_name = 'FILES:' + pn + + current_files = d.getVar(files_var_name, True) or "" + new_files = current_files + ' ' + wolftpm_dir + '/*' + d.setVar(files_var_name, new_files) } # Python Specific option From 8e7604e9287db01f1562dcab3e08db605599343e Mon Sep 17 00:00:00 2001 From: Aidan Date: Thu, 24 Oct 2024 16:37:14 -0700 Subject: [PATCH 05/13] wolftpm examples now in usr/bin added readme for wolftpm examples --- README.md | 45 --------------- conf/layer.conf | 2 +- recipes-examples/wolftpm/README.md | 62 +++++++++++++++++++++ recipes-examples/wolftpm/wolftpm_%.bbappend | 23 ++++++++ recipes-wolfssl/wolftpm/wolftpm_%.bbappend | 41 -------------- 5 files changed, 86 insertions(+), 87 deletions(-) create mode 100644 recipes-examples/wolftpm/README.md create mode 100644 recipes-examples/wolftpm/wolftpm_%.bbappend delete mode 100644 recipes-wolfssl/wolftpm/wolftpm_%.bbappend diff --git a/README.md b/README.md index c913a54..ee35f71 100644 --- a/README.md +++ b/README.md @@ -341,51 +341,6 @@ to add a DNS server to /etc/resolv.conf like such with root perms echo "nameserver 8.8.8.8" >> /etc/resolv.conf ``` -wolfTPM Examples ----------------- - -Several wolfTPM example application recipes are included in this layer. These include: - -TODO - -The recipes for these applications are located at: -``` -meta-wolfssl/recipes-wolfssl/wolftpm/wolftpm_%.bbappend -``` - -This can be compiled with bitbake using: - -``` -$ bitbake wolftpm -``` - -To install wolfTPM examples into your image, you will need to edit your -"build/conf/local.conf" file with the neccesary options. There are two -steps needed in order to install wolfTPM's examples into your image. - -1. You need to first add wolfTPM to your "IMAGE_INSTALL" variable like so: - -- For Dunfell and newer versions of Yocto -``` -IMAGE_INSTALL:append = " wolftpm " -``` - -- For versions of Yocto older than Dunfell -``` -IMAGE_INSTALL_append = " wolftpm " -``` - -When your image builds, these will be installed to the '/usr/bin' system -directory. When inside your executing image, you can run them from the -terminal. - -2. You then need to enable the examples in your image by -setting `ENABLE_WOLFTPM_EXAMPLES` to 1 in your local.conf like so: - -``` -ENABLE_WOLFTPM_EXAMPLES = "1" -``` - wolfProvider ------------ To build wolfProvider view the instructions in this [README](recipes-wolfssl/wolfprovider/README.md) diff --git a/conf/layer.conf b/conf/layer.conf index f1df7d7..a975f01 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -37,7 +37,7 @@ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ 'wolftpm', \ - '${LAYERDIR}/recipes-wolfssl/wolftpm/*.bb ${LAYERDIR}/recipes-wolfssl/wolftpm/*.bbappend', \ + '${LAYERDIR}/recipes-wolfssl/wolftpm/*.bb ${LAYERDIR}/*/wolftpm/*.bbappend', \ '', d)}" BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md new file mode 100644 index 0000000..d58e914 --- /dev/null +++ b/recipes-examples/wolftpm/README.md @@ -0,0 +1,62 @@ +wolfTPM Examples +================ + +Several wolfTPM example applications are included +in this layer, these include: + +- attestation +- endorsement +- keygen +- pcr +- seal +- bench +- firmware +- management +- pkcs7 +- timestamp +- boot +- gpio +- native +- tls +- wrap +- csr +- nvram + +The recipe for these applications is located at: +``` +meta-wolfssl/recipes-examples/wolftpm/wolftpm_%.bbappend +``` + +This can be compiled with bitbake using: + +``` +$ bitbake wolftpm +``` + +To install these applications into your image, +you will need to edit your "build/conf/local.conf" +file and add them to the "IMAGE_INSTALL" variable +like so: + +- For Dunfell and newer versions of Yocto +``` +IMAGE_INSTALL:append = " wolftpm " +``` + +- For versions of Yocto older than Dunfell +``` +IMAGE_INSTALL_append = " wolftpm " +``` + +When your image builds, these will be installed +to the `/usr/bin/examples` system directory. When +inside your executing image, you can run them from +the terminal. + +The examples can be excluded from your build by +deleting the recipe `wolftpm_%bbappend`. + +Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) +for more information on the examples directory. +Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) +for more information on setting up your layer. diff --git a/recipes-examples/wolftpm/wolftpm_%.bbappend b/recipes-examples/wolftpm/wolftpm_%.bbappend new file mode 100644 index 0000000..bb279c3 --- /dev/null +++ b/recipes-examples/wolftpm/wolftpm_%.bbappend @@ -0,0 +1,23 @@ +#wolfTPM Examples +WOLFTPM_EXAMPLES_DIR = "${B}/examples" +WOLFTPM_INSTALL_DIR = "${D}${bindir}" + +# Bash dependency for .sh +RDEPENDS:${PN} += "bash" + +python () { + # Get the environment variables + wolftpm_examples_dir = d.getVar('WOLFTPM_EXAMPLES_DIR', True) + wolftpm_install_dir = d.getVar('WOLFTPM_INSTALL_DIR', True) + + bbnote = 'bbnote "Installing wolfTPM Examples"\n' + installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_install_dir) + cpExamples = 'cp -r "%s/" "%s/"\n' % (wolftpm_examples_dir, wolftpm_install_dir) + + d.appendVar('do_install', bbnote) + d.appendVar('do_install', installDir) + d.appendVar('do_install', cpExamples) +} + +# Ensure consistent locale +export LC_ALL = "C" diff --git a/recipes-wolfssl/wolftpm/wolftpm_%.bbappend b/recipes-wolfssl/wolftpm/wolftpm_%.bbappend deleted file mode 100644 index 1d4089c..0000000 --- a/recipes-wolfssl/wolftpm/wolftpm_%.bbappend +++ /dev/null @@ -1,41 +0,0 @@ -# For wolfTPM Examples -WOLFTPM_TEST_DIR = "${S}/examples" -WOLFTPM_DIR = "/home/root/wolftpm/examples" -WOLFTPM_TEST_TARGET_DIR = "${D}${WOLFTPM_DIR}" - -python () { - enable_wolftpm_examples = d.getVar('ENABLE_WOLFTPM_EXAMPLES', True) - - if enable_wolftpm_examples == "1": - distro_version = d.getVar('DISTRO_VERSION', True) - wolftpm_test_dir = d.getVar('WOLFTPM_TEST_DIR', True) - wolftpm_test_target_dir = d.getVar('WOLFTPM_TEST_TARGET_DIR', True) - - bb.note("Installing Examples Directory for wolfTPM") - installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_test_target_dir) - cpWolftpmExamples = 'cp -r %s/* %s\n' % (wolftpm_test_dir, wolftpm_test_target_dir) - - d.appendVar('do_install', installDir) - d.appendVar('do_install', cpWolftpmExamples) - - # Remove the unwanted file - d.appendVar('do_install', 'rm -f %s/run_examples.sh\n' % wolftpm_test_target_dir) - - # Append to FILES:${PN} within the Python function - files_var = 'FILES:' + d.getVar('PN', True) - wolftpm_example_files = wolftpm_test_target_dir + '/*' - - pn = d.getVar('PN', True) - wolftpm_dir = d.getVar('WOLFTPM_DIR', True) - if distro_version and (distro_version.startswith('2.') or distro_version.startswith('3.')): - files_var_name = 'FILES_' + pn - else: - files_var_name = 'FILES:' + pn - - current_files = d.getVar(files_var_name, True) or "" - new_files = current_files + ' ' + wolftpm_dir + '/*' - d.setVar(files_var_name, new_files) -} - -# Python Specific option -export PYTHONDONTWRITEBYTECODE = "1" From 9530fc6738c0a1b63de4aa06ac8d2d77a4571e86 Mon Sep 17 00:00:00 2001 From: Aidan Date: Thu, 24 Oct 2024 19:54:26 -0700 Subject: [PATCH 06/13] Updated the readme with QEMU information --- README.md | 59 ++++++++++++++++++++++++++++++ recipes-examples/wolftpm/README.md | 36 ++++++++++-------- 2 files changed, 79 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index ee35f71..29db171 100644 --- a/README.md +++ b/README.md @@ -341,6 +341,65 @@ to add a DNS server to /etc/resolv.conf like such with root perms echo "nameserver 8.8.8.8" >> /etc/resolv.conf ``` +Running Image on the QEMU +------------------------- + +To run meta-wolfssl image on the QEMU (Quick EMUlator) you can follow these +general steps. For this example we will use the Yocto Project Poky. + +1. Initialize the Build +This can be done by running these commands: + +``` +$ cd poky +$ source oe-init-build-env +``` + +This will initialize the build environment and let you run +bitbake in the build directory. + +2. Run bitbake +Next you can run bitbake to build the OS image that you want. Make sure +you have the correct variables added in the `local.conf` For this example +we will run `core-image-base`. Which can be built by running this comamnd +from the `build` directoy: + +``` +$ bitbake core-image-base +``` + +This will run bitbake and build the image with your added +meta-wolfssl recipes. + +3. Run the Image in QEMU +You can now simulate your image with the QEMU This can be done by running +the qemu that comes in your Yocto Project the default system is usually +`qemux86-64` but you can find what its set to by looking at your `local.conf`. +We can run this command to start the emulator: + +``` +$ runqemu qemux86-64 +``` + +4. Run Your Recipes +Now that you are in the QEMU you can navigate your way to the `usr/bin` +directory which contains the your wolfssl your applications. Lets say we +included these images in our `local.conf` + +``` +IMAGE_INSTALL:append = " wolfssl wolfcrypttest wolfcryptbenchmark " +``` + +In that case we can run wolfcrypttest and wolfcryptbenchmark examples from +the `usr/bin` directory like so: + +``` +$ ./wolfcrypttest +$ ./wolfcryptbenchmark +``` + +This will run the wolfcrypt test and benchmark examples from the QEMU. + wolfProvider ------------ To build wolfProvider view the instructions in this [README](recipes-wolfssl/wolfprovider/README.md) diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md index d58e914..d352ca4 100644 --- a/recipes-examples/wolftpm/README.md +++ b/recipes-examples/wolftpm/README.md @@ -1,8 +1,8 @@ wolfTPM Examples ================ -Several wolfTPM example applications are included -in this layer, these include: +Several wolfTPM example applications are included in this +layer, these include: - attestation - endorsement @@ -33,10 +33,9 @@ This can be compiled with bitbake using: $ bitbake wolftpm ``` -To install these applications into your image, -you will need to edit your "build/conf/local.conf" -file and add them to the "IMAGE_INSTALL" variable -like so: +To install these applications into your image, you will +need to edit your "build/conf/local.conf" file and add +them to the "IMAGE_INSTALL" variable like so: - For Dunfell and newer versions of Yocto ``` @@ -48,15 +47,20 @@ IMAGE_INSTALL:append = " wolftpm " IMAGE_INSTALL_append = " wolftpm " ``` -When your image builds, these will be installed -to the `/usr/bin/examples` system directory. When -inside your executing image, you can run them from -the terminal. +When your image builds, these will be installed to the +`/usr/bin/examples` system directory. When inside your +executing image, you can run them from the terminal. +For example, we can run the wrap test like so from the +examples directory: -The examples can be excluded from your build by -deleting the recipe `wolftpm_%bbappend`. +``` +$ cd wrap +$ ./wrap_test +``` -Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) -for more information on the examples directory. -Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) -for more information on setting up your layer. +The examples can be excluded from your build by deleting +the recipe `wolftpm_%bbappend`. + +Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) for more information on the examples directory. + +Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) for more information on setting up your layer. From 0e7cb36e8a637dfc1ccc7c6ce7acd84133312da3 Mon Sep 17 00:00:00 2001 From: Aidan Date: Mon, 28 Oct 2024 14:04:13 -0700 Subject: [PATCH 07/13] Added to have image isntall argument --- conf/layer.conf | 7 ++- recipes-examples/wolftpm/README.md | 25 +++++------ recipes-examples/wolftpm/wolftpm-examples.bb | 45 ++++++++++++++++++++ 3 files changed, 64 insertions(+), 13 deletions(-) create mode 100644 recipes-examples/wolftpm/wolftpm-examples.bb diff --git a/conf/layer.conf b/conf/layer.conf index a975f01..064bbe3 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -37,7 +37,12 @@ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ 'wolftpm', \ - '${LAYERDIR}/recipes-wolfssl/wolftpm/*.bb ${LAYERDIR}/*/wolftpm/*.bbappend', \ + '${LAYERDIR}/recipes-wolfssl/wolftpm/*.bb ${LAYERDIR}/recipes-wolfssl/wolftpm/*.bbappend', \ + '', d)}" + +BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ + 'wolftpm-examples', \ + '${LAYERDIR}/recipes-examples/wolftpm/*.bb ${LAYERDIR}/recipes-examples/wolftpm/*.bbappend', \ '', d)}" BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md index d352ca4..6cf4d07 100644 --- a/recipes-examples/wolftpm/README.md +++ b/recipes-examples/wolftpm/README.md @@ -24,43 +24,44 @@ layer, these include: The recipe for these applications is located at: ``` -meta-wolfssl/recipes-examples/wolftpm/wolftpm_%.bbappend +meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb ``` -This can be compiled with bitbake using: +You'll need to compile wolTPM and the examples directory. +This can be done with these commands in the build directory: ``` $ bitbake wolftpm +$ bitbake wolftpm-examples ``` To install these applications into your image, you will need to edit your "build/conf/local.conf" file and add -them to the "IMAGE_INSTALL" variable like so: +`wolftpm` and `wolftpm-examples` to your "IMAGE_INSTALL" +variable like so: - For Dunfell and newer versions of Yocto ``` -IMAGE_INSTALL:append = " wolftpm " +IMAGE_INSTALL:append = " wolftpm wolftpm-examples" ``` - For versions of Yocto older than Dunfell ``` -IMAGE_INSTALL_append = " wolftpm " +IMAGE_INSTALL_append = " wolftpm wolftpm-examples" ``` When your image builds, these will be installed to the `/usr/bin/examples` system directory. When inside your executing image, you can run them from the terminal. -For example, we can run the wrap test like so from the -examples directory: + +For example, we can run the benchmark from the examples +directory like so: ``` -$ cd wrap -$ ./wrap_test +$ cd bench +$ ./bench ``` -The examples can be excluded from your build by deleting -the recipe `wolftpm_%bbappend`. - Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) for more information on the examples directory. Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) for more information on setting up your layer. diff --git a/recipes-examples/wolftpm/wolftpm-examples.bb b/recipes-examples/wolftpm/wolftpm-examples.bb new file mode 100644 index 0000000..5810f61 --- /dev/null +++ b/recipes-examples/wolftpm/wolftpm-examples.bb @@ -0,0 +1,45 @@ +SUMMARY = "wolfTPM Examples Directory" +DESCRIPTION = "wolfTPM examples directory used to demonstrate \ + features of a TPM 2.0 module" +HOMEPAGE = "https://www.wolfssl.com/products/wolftpm" +BUGTRACKER = "https://github.com/wolfssl/wolftpm/issues" +SECTION = "libs" + +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" +S = "${WORKDIR}/git" +DEPENDS += "wolfssl" + +SRC_URI = "git://github.com/wolfssl/wolfTPM.git;nobranch=1;protocol=https;rev=1fa15951eb91a8fe89b3326077b9be6fb105edeb" + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +WOLFTPM_EXAMPLES_DIR = "${datadir}/wolftpm-examples" +WOLFTPM_EXAMPLES_INSTALL_DIR = "${D}${WOLFTPM_EXAMPLES_DIR}" +WOLFTPM_EXAMPLES_README = "README.txt" +WOLFTPM_EXAMPLES_README_DIR = "${WOLFTPM_EXAMPLES_INSTALL_DIR}/${WOLFTPM_EXAMPLES_README}" + +python () { + distro_version = d.getVar('DISTRO_VERSION', True) + wofltpm_examples_dir = d.getVar('WOLFTPM_EXAMPLES_DIR', True) + wolftpm_examples_install_dir = d.getVar('WOLFTPM_EXAMPLES_INSTALL_DIR', True) + wolftpm_examples_readme_dir = d.getVar('WOLFTPM_EXAMPLES_README_DIR', True) + + bb.note("Installing dummy file for wolfTPM examples") + installDir = 'install -m 0755 -d "%s"\n' % wolftpm_examples_install_dir + makeDummy = 'echo "This is a dummy package" > "%s"\n' % wolftpm_examples_readme_dir + + d.appendVar('do_install', installDir) + d.appendVar('do_install', makeDummy) + + pn = d.getVar('PN', True) + if distro_version and (distro_version.startswith('2.') or distro_version.startswith('3.')): + files_var_name = 'FILES_' + pn + else: + files_var_name = 'FILES:' + pn + + current_files = d.getVar(files_var_name, True) or "" + new_files = current_files + ' ' + wofltpm_examples_dir + '/*' + d.setVar(files_var_name, new_files) +} From b11b47c43a17ffab3f3a9726e10d17337e081a9c Mon Sep 17 00:00:00 2001 From: Aidan Garske Date: Fri, 28 Feb 2025 10:57:02 -0800 Subject: [PATCH 08/13] test example is now wolftpm-wrap-test made the paths correct and temp stored in .libs for libtools --- README.md | 93 ++++++++++++++----- conf/layer.conf | 2 +- recipes-examples/wolftpm/README.md | 67 ------------- ...lftpm-examples.bb => wolftpm-wrap-test.bb} | 5 +- recipes-examples/wolftpm/wolftpm_%.bbappend | 25 +++-- 5 files changed, 84 insertions(+), 108 deletions(-) delete mode 100644 recipes-examples/wolftpm/README.md rename recipes-examples/wolftpm/{wolftpm-examples.bb => wolftpm-wrap-test.bb} (92%) diff --git a/README.md b/README.md index 29db171..d967ea3 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ These recipes have been tested using these versions of yocto: - Dunfell (v3.1) - Zeus (v3.0) - Thud (v2.6) -- Sumo (v2.5) +- Sumo (v2.5) The wolfSSL library recipe is also included in the openembedded meta-networking layer, located [here](https://github.com/openembedded/meta-openembedded/tree/master/meta-networking/recipes-connectivity/wolfssl). @@ -52,7 +52,8 @@ git clone https://github.com/wolfSSL/meta-wolfssl.git After installing your build's Yocto/OpenEmbedded components: -1. Insert the 'meta-wolfssl' layer location into your build's bblayers.conf +1. Insert the 'meta-wolfssl' layer in `build/conf/bblayers.conf` location + into your build's bblayers.conf file, in the BBLAYERS section: ``` @@ -65,20 +66,20 @@ After installing your build's Yocto/OpenEmbedded components: 2. Once the 'meta-wolfssl' layer has been added to your BBLAYERS collection, you have two options - - 1. If you want to directly add wolfSSL recipes to your image recipe + + 1. If you want to directly add wolfSSL recipes to your image recipe proceed to step 3. - 2. If you want to run `bitbake wolf*` on a particular recipe then it needs + 2. If you want to run `bitbake wolf*` on a particular recipe then it needs to be added to the IMAGE_INSTALL. - This can be done by adding the following line to `local.conf` located in - `path/to/poky/build/conf`. + This can be done by adding the following line to `local.conf` located in + `path/to/poky/build/conf`. - For Dunfell and newer versions of Yocto: ``` IMAGE_INSTALL:append = " wolfssl wolfssh wolfmqtt wolftpm " ``` - + - For versions of Yocto older than Dunfell: ``` @@ -95,14 +96,14 @@ After installing your build's Yocto/OpenEmbedded components: 3. Edit your build's local.conf file to install the recipes you would like - to include (ie: wolfssl, wolfssh, wolfmqtt, wolftpm) - + to include (ie: wolfssl, wolfssh, wolfmqtt, wolftpm) + - For Dunfell and newer versions of Yocto ``` IMAGE_INSTALL:append = " wolfssl wolfssh wolfmqtt wolftpm wolfclu " ``` - + - For versions of Yocto older than Dunfell ``` IMAGE_INSTALL_append = " wolfssl wolfssh wolfmqtt wolftpm wolfclu " @@ -112,8 +113,8 @@ After installing your build's Yocto/OpenEmbedded components: specific combination of recipes. If you did step 2.2 make sure you comment out recipes that you don't desire - because leaving them uncommented may add unneed --enable-* options in your - build, which could increase the size of the build and turn on uneeded + because leaving them uncommented may add unneed --enable-* options in your + build, which could increase the size of the build and turn on uneeded features. Once your image has been built, the default location for the wolfSSL library @@ -198,8 +199,8 @@ This layer offers wolfSSL support for the following open source projects: - [curl](https://layers.openembedded.org/layerindex/recipe/5765/) - [OpenSSH](https://layers.openembedded.org/layerindex/recipe/5083/) -Example Application Recipes ---------------------------- +wolfSSL Example Application Recipes +----------------------------------- Several wolfSSL example application recipes are included in this layer. These include: @@ -241,6 +242,46 @@ When your image builds, these will be installed to the '/usr/bin' system directory. When inside your executing image, you can run them from the terminal. +wolfTPM Example Application Recipes +----------------------------------- + +wolfTPM example `wrap_test` is included in this layer. + +The recipes for this applications are located at: +``` +meta-wolfssl/recipes-examples/wolftpm/wolftpm-wrap-test.bb +``` + +You'll need to compile wolTPM and the example wrap_test. This can be done +with these commands in the build directory: + +``` +$ bitbake wolftpm +$ bitbake wolftpm-wrap-test +``` + +To install this applications into your image, you will need to edit your +`build/conf/local.conf` file and add `wolftpm` and `wolftpm-wrap-test` to +your "IMAGE_INSTALL" variable like so: + +- For Dunfell and newer versions of Yocto +``` +IMAGE_INSTALL:append = " wolftpm wolftpm-wrap-test" +``` + +- For versions of Yocto older than Dunfell +``` +IMAGE_INSTALL_append = " wolftpm wolftpm-wrap-test" +``` + +When your image builds, this will be installed to the `/usr/bin` system +directory. When inside your executing image, you can run them from the +terminal like so: + +``` +./wolftpm-wrap-test +``` + Excluding Recipe from Build --------------------------- @@ -253,10 +294,10 @@ Wolfssl-py and Wolfcrypt-py Installation Requirements To use the python wrapper for wolfSSL and wolfcrypt in a yocto build it will require python3, python3-cffi and wolfSSL are built on the target system. -If you are using older version of yocto (2.x) or (3.x), you will need to download +If you are using older version of yocto (2.x) or (3.x), you will need to download and add the meta-oe and meta-python recipes from openembedded's [meta-openembedded](https://github.com/openembedded/meta-openembedded) to the image. -It will be necassary then to make sure at minimum that the IMAGE_INSTALL:append +It will be necassary then to make sure at minimum that the IMAGE_INSTALL:append looks as follows: - For Dunfell and newer versions of Yocto @@ -293,7 +334,7 @@ Testing Wolfssl-py and Wolfcrypt-py To test the python wrapper for wolfSSL and wolfcrypt in a yocto build it will require python3, python3-pytest, python3-cffi and wolfSSL are built on the target system. -It will be necassary then to make sure at minimum that the IMAGE_INSTALL:append +It will be necassary then to make sure at minimum that the IMAGE_INSTALL:append looks as follows: @@ -334,7 +375,7 @@ $ pytest This should then result in a pass or fail for the desired suit. -If you are testing this with the core-image-minimal yocto build, make sure +If you are testing this with the core-image-minimal yocto build, make sure to add a DNS server to /etc/resolv.conf like such with root perms ``` @@ -346,6 +387,8 @@ Running Image on the QEMU To run meta-wolfssl image on the QEMU (Quick EMUlator) you can follow these general steps. For this example we will use the Yocto Project Poky. +Refer to: +[Yocto Project](https://docs.yoctoproject.org/brief-yoctoprojectqs/index.html) for a detailed guide. 1. Initialize the Build This can be done by running these commands: @@ -360,20 +403,20 @@ bitbake in the build directory. 2. Run bitbake Next you can run bitbake to build the OS image that you want. Make sure -you have the correct variables added in the `local.conf` For this example -we will run `core-image-base`. Which can be built by running this comamnd +you have the correct variables added in the `local.conf` For this example +we will run `core-image-base`. Which can be built by running this comamnd from the `build` directoy: ``` $ bitbake core-image-base ``` -This will run bitbake and build the image with your added +This will run bitbake and build the image with your added meta-wolfssl recipes. 3. Run the Image in QEMU You can now simulate your image with the QEMU This can be done by running -the qemu that comes in your Yocto Project the default system is usually +the qemu that comes in your Yocto Project the default system is usually `qemux86-64` but you can find what its set to by looking at your `local.conf`. We can run this command to start the emulator: @@ -383,7 +426,7 @@ $ runqemu qemux86-64 4. Run Your Recipes Now that you are in the QEMU you can navigate your way to the `usr/bin` -directory which contains the your wolfssl your applications. Lets say we +directory which contains the your wolfssl your applications. Lets say we included these images in our `local.conf` ``` @@ -398,7 +441,7 @@ $ ./wolfcrypttest $ ./wolfcryptbenchmark ``` -This will run the wolfcrypt test and benchmark examples from the QEMU. +This will run the wolfcrypt test and benchmark examples from the QEMU. wolfProvider ------------ diff --git a/conf/layer.conf b/conf/layer.conf index 064bbe3..587bed3 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -41,7 +41,7 @@ BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ '', d)}" BBFILES += "${@bb.utils.contains('IMAGE_INSTALL', \ - 'wolftpm-examples', \ + 'wolftpm-wrap-test', \ '${LAYERDIR}/recipes-examples/wolftpm/*.bb ${LAYERDIR}/recipes-examples/wolftpm/*.bbappend', \ '', d)}" diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md deleted file mode 100644 index 6cf4d07..0000000 --- a/recipes-examples/wolftpm/README.md +++ /dev/null @@ -1,67 +0,0 @@ -wolfTPM Examples -================ - -Several wolfTPM example applications are included in this -layer, these include: - -- attestation -- endorsement -- keygen -- pcr -- seal -- bench -- firmware -- management -- pkcs7 -- timestamp -- boot -- gpio -- native -- tls -- wrap -- csr -- nvram - -The recipe for these applications is located at: -``` -meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb -``` - -You'll need to compile wolTPM and the examples directory. -This can be done with these commands in the build directory: - -``` -$ bitbake wolftpm -$ bitbake wolftpm-examples -``` - -To install these applications into your image, you will -need to edit your "build/conf/local.conf" file and add -`wolftpm` and `wolftpm-examples` to your "IMAGE_INSTALL" -variable like so: - -- For Dunfell and newer versions of Yocto -``` -IMAGE_INSTALL:append = " wolftpm wolftpm-examples" -``` - -- For versions of Yocto older than Dunfell -``` -IMAGE_INSTALL_append = " wolftpm wolftpm-examples" -``` - -When your image builds, these will be installed to the -`/usr/bin/examples` system directory. When inside your -executing image, you can run them from the terminal. - -For example, we can run the benchmark from the examples -directory like so: - -``` -$ cd bench -$ ./bench -``` - -Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) for more information on the examples directory. - -Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) for more information on setting up your layer. diff --git a/recipes-examples/wolftpm/wolftpm-examples.bb b/recipes-examples/wolftpm/wolftpm-wrap-test.bb similarity index 92% rename from recipes-examples/wolftpm/wolftpm-examples.bb rename to recipes-examples/wolftpm/wolftpm-wrap-test.bb index 5810f61..60584a1 100644 --- a/recipes-examples/wolftpm/wolftpm-examples.bb +++ b/recipes-examples/wolftpm/wolftpm-wrap-test.bb @@ -1,3 +1,4 @@ +#wolftpm-wrap-test.bb SUMMARY = "wolfTPM Examples Directory" DESCRIPTION = "wolfTPM examples directory used to demonstrate \ features of a TPM 2.0 module" @@ -15,7 +16,7 @@ SRC_URI = "git://github.com/wolfssl/wolfTPM.git;nobranch=1;protocol=https;rev=1f do_configure[noexec] = "1" do_compile[noexec] = "1" -WOLFTPM_EXAMPLES_DIR = "${datadir}/wolftpm-examples" +WOLFTPM_EXAMPLES_DIR = "${datadir}/wolftpm-test" WOLFTPM_EXAMPLES_INSTALL_DIR = "${D}${WOLFTPM_EXAMPLES_DIR}" WOLFTPM_EXAMPLES_README = "README.txt" WOLFTPM_EXAMPLES_README_DIR = "${WOLFTPM_EXAMPLES_INSTALL_DIR}/${WOLFTPM_EXAMPLES_README}" @@ -26,7 +27,7 @@ python () { wolftpm_examples_install_dir = d.getVar('WOLFTPM_EXAMPLES_INSTALL_DIR', True) wolftpm_examples_readme_dir = d.getVar('WOLFTPM_EXAMPLES_README_DIR', True) - bb.note("Installing dummy file for wolfTPM examples") + bb.note("Installing dummy file for wolfTPM test example") installDir = 'install -m 0755 -d "%s"\n' % wolftpm_examples_install_dir makeDummy = 'echo "This is a dummy package" > "%s"\n' % wolftpm_examples_readme_dir diff --git a/recipes-examples/wolftpm/wolftpm_%.bbappend b/recipes-examples/wolftpm/wolftpm_%.bbappend index bb279c3..556a1ae 100644 --- a/recipes-examples/wolftpm/wolftpm_%.bbappend +++ b/recipes-examples/wolftpm/wolftpm_%.bbappend @@ -1,23 +1,22 @@ -#wolfTPM Examples -WOLFTPM_EXAMPLES_DIR = "${B}/examples" +#wolftpm_%.bbappend +WOLFTPM_TEST_DIR = "${B}/examples/wrap/.libs" +WOLFTPM_TEST = "wrap_test" +WOLFTPM_TEST_YOCTO = "wolftpm-wrap-test" WOLFTPM_INSTALL_DIR = "${D}${bindir}" -# Bash dependency for .sh -RDEPENDS:${PN} += "bash" - python () { - # Get the environment variables - wolftpm_examples_dir = d.getVar('WOLFTPM_EXAMPLES_DIR', True) + # Get the environment variables WOLFTPM_TEST_DIR, WOLFTPM_TEST, + # WOLFTPM_TEST_YOCTO, and WOLFTPM_INSTALL_DIR + wolftpm_test_dir = d.getVar('WOLFTPM_TEST_DIR', True) + wolftpm_test = d.getVar('WOLFTPM_TEST', True) + wolftpm_test_yocto = d.getVar('WOLFTPM_TEST_YOCTO', True) wolftpm_install_dir = d.getVar('WOLFTPM_INSTALL_DIR', True) - bbnote = 'bbnote "Installing wolfTPM Examples"\n' + bbnote = 'bbnote "Installing wolfTPM wrap_test"\n' installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_install_dir) - cpExamples = 'cp -r "%s/" "%s/"\n' % (wolftpm_examples_dir, wolftpm_install_dir) + cpWrapTest = 'cp "%s/%s" "%s/%s"\n' % (wolftpm_test_dir, wolftpm_test, wolftpm_install_dir, wolftpm_test_yocto) d.appendVar('do_install', bbnote) d.appendVar('do_install', installDir) - d.appendVar('do_install', cpExamples) + d.appendVar('do_install', cpWrapTest) } - -# Ensure consistent locale -export LC_ALL = "C" From 8e728bf5b7bda44b4d63e4987d47b8eb43c8464a Mon Sep 17 00:00:00 2001 From: Aidan Garske Date: Thu, 6 Mar 2025 12:31:38 -0800 Subject: [PATCH 09/13] Added latest commit for wolftpm 3.8.0 to pull from --- recipes-examples/wolftpm/wolftpm-wrap-test.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-examples/wolftpm/wolftpm-wrap-test.bb b/recipes-examples/wolftpm/wolftpm-wrap-test.bb index 60584a1..0b58dc3 100644 --- a/recipes-examples/wolftpm/wolftpm-wrap-test.bb +++ b/recipes-examples/wolftpm/wolftpm-wrap-test.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" S = "${WORKDIR}/git" DEPENDS += "wolfssl" -SRC_URI = "git://github.com/wolfssl/wolfTPM.git;nobranch=1;protocol=https;rev=1fa15951eb91a8fe89b3326077b9be6fb105edeb" +SRC_URI = "git://github.com/wolfssl/wolfTPM.git;nobranch=1;protocol=https;rev=bcf2647ebcf76e76a75cefc46f7187d213eb1fcd" do_configure[noexec] = "1" do_compile[noexec] = "1" From 792e53c4a11bf052610fc7fd671f166c1109ec5f Mon Sep 17 00:00:00 2001 From: Aidan Garske Date: Thu, 27 Mar 2025 15:55:54 -0700 Subject: [PATCH 10/13] Added steps to use tpm simulator with qemu and yocto linux --- README.md | 40 ------- recipes-examples/wolftpm/README.md | 120 ++++++++++++++++++++ recipes-examples/wolftpm/wolftpm_%.bbappend | 10 +- 3 files changed, 128 insertions(+), 42 deletions(-) create mode 100644 recipes-examples/wolftpm/README.md diff --git a/README.md b/README.md index d967ea3..0f333cb 100644 --- a/README.md +++ b/README.md @@ -242,46 +242,6 @@ When your image builds, these will be installed to the '/usr/bin' system directory. When inside your executing image, you can run them from the terminal. -wolfTPM Example Application Recipes ------------------------------------ - -wolfTPM example `wrap_test` is included in this layer. - -The recipes for this applications are located at: -``` -meta-wolfssl/recipes-examples/wolftpm/wolftpm-wrap-test.bb -``` - -You'll need to compile wolTPM and the example wrap_test. This can be done -with these commands in the build directory: - -``` -$ bitbake wolftpm -$ bitbake wolftpm-wrap-test -``` - -To install this applications into your image, you will need to edit your -`build/conf/local.conf` file and add `wolftpm` and `wolftpm-wrap-test` to -your "IMAGE_INSTALL" variable like so: - -- For Dunfell and newer versions of Yocto -``` -IMAGE_INSTALL:append = " wolftpm wolftpm-wrap-test" -``` - -- For versions of Yocto older than Dunfell -``` -IMAGE_INSTALL_append = " wolftpm wolftpm-wrap-test" -``` - -When your image builds, this will be installed to the `/usr/bin` system -directory. When inside your executing image, you can run them from the -terminal like so: - -``` -./wolftpm-wrap-test -``` - Excluding Recipe from Build --------------------------- diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md new file mode 100644 index 0000000..7a4552c --- /dev/null +++ b/recipes-examples/wolftpm/README.md @@ -0,0 +1,120 @@ +wolfTPM Examples and Testing +============================ + +wolfTPM wrap_test example is included in this layer, which demonstrates +the TPM wrapper API functionality. + +The recipes for these applications are located at: +``` +meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb +meta-wolfssl/recipes-examples/wolftpm/wolftpm-wrap-test.bb +``` + +You'll need to compile wolfTPM and the examples. This can be done with +these commands in the build directory: +``` +bitbake wolftpm +bitbake wolftpm-examples +``` + +To install these applications into your image, you will need to edit your +"build/conf/local.conf" file and add the following: + +```bash +# Install necessary packages +IMAGE_INSTALL:append = " \ + tpm2-tools \ + tpm2-tss \ + libtss2 \ + libtss2-mu \ + libtss2-tcti-device \ + libtss2-tcti-mssim \ + wolfssl \ + wolftpm \ + wolftpm-wrap-test \ +" + +IMAGE_LINK_NAME = "core-image-minimal-qemux86-64" +# Enable security features +DISTRO_FEATURES:append = " security" +# Enable TPM support +DISTRO_FEATURES:append = " tpm tpm2" +# If you want all security modules, you can also add +DISTRO_FEATURES:append = " pam apparmor smack" +# Enable kernel TPM support +KERNEL_FEATURES:append = " features/tpm/tpm.scc" +# Machine features +MACHINE_FEATURES:append = " tpm tpm2" +``` + +To add wolfTPM configurations you can add configurations to the +EXTRA_OECONF variable. For example you can enable debug logging like +this: +``` +EXTRA_OECONF += "--enable-debug" +``` + +Testing with QEMU and TPM Simulator +----------------------------------- + +1. Compile your target image +``` +bitbake core-image-minimal +``` + +2. Clean up any existing TPM state: +``` +sudo killall swtpm 2>/dev/null +sudo rm -rf /tmp/mytpm1 +``` + +3. Create directory and set permissions: +``` +sudo mkdir -p /tmp/mytpm1 +sudo chown -R $(whoami):$(whoami) /tmp/mytpm1 +chmod 755 /tmp/mytpm1 +``` + +4. Start the TPM simulator (in terminal 1): +``` +sudo swtpm socket --tpmstate dir=/tmp/mytpm1 \ + --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \ + --log level=20 \ + --tpm2 +``` + +5. Initialize the TPM (in terminal 2): +``` +sudo swtpm_setup --tpmstate /tmp/mytpm1 \ + --createek \ + --create-ek-cert \ + --create-platform-cert \ + --lock-nvram \ + --tpm2 +``` + +6. Fix permissions for QEMU access: +``` +sudo chown -R $(whoami):$(whoami) /tmp/mytpm1 +sudo chmod -R 755 /tmp/mytpm1 +sudo chmod 777 /tmp/mytpm1/swtpm-sock +``` + +7. Start QEMU (in terminal 3): +``` +cd ~/poky/build +runqemu qemux86-64 nographic core-image-minimal \ + qemuparams="-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \ + -tpmdev emulator,id=tpm0,chardev=chrtpm \ + -device tpm-tis,tpmdev=tpm0" +``` + +8. Run the wolfTPM wrap test +``` +cd /usr/bin +./wolftpm-wrap-test +``` + +Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) for more information on the examples directory. + +Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) for more information on setting up your layer. diff --git a/recipes-examples/wolftpm/wolftpm_%.bbappend b/recipes-examples/wolftpm/wolftpm_%.bbappend index 556a1ae..e988433 100644 --- a/recipes-examples/wolftpm/wolftpm_%.bbappend +++ b/recipes-examples/wolftpm/wolftpm_%.bbappend @@ -4,9 +4,14 @@ WOLFTPM_TEST = "wrap_test" WOLFTPM_TEST_YOCTO = "wolftpm-wrap-test" WOLFTPM_INSTALL_DIR = "${D}${bindir}" +# Configurations +EXTRA_OECONF += "--enable-devtpm" + python () { + # Current Configurations + bb.note("Current EXTRA_OECONF: %s" % d.getVar('EXTRA_OECONF')) # Get the environment variables WOLFTPM_TEST_DIR, WOLFTPM_TEST, - # WOLFTPM_TEST_YOCTO, and WOLFTPM_INSTALL_DIR + # WOLFTPM_TEST_YOCTO, and WOLFTPM_INSTALL_DIR wolftpm_test_dir = d.getVar('WOLFTPM_TEST_DIR', True) wolftpm_test = d.getVar('WOLFTPM_TEST', True) wolftpm_test_yocto = d.getVar('WOLFTPM_TEST_YOCTO', True) @@ -14,7 +19,8 @@ python () { bbnote = 'bbnote "Installing wolfTPM wrap_test"\n' installDir = 'install -m 0755 -d "%s"\n' % (wolftpm_install_dir) - cpWrapTest = 'cp "%s/%s" "%s/%s"\n' % (wolftpm_test_dir, wolftpm_test, wolftpm_install_dir, wolftpm_test_yocto) + cpWrapTest = 'cp "%s/%s" "%s/%s"\n' % (wolftpm_test_dir, wolftpm_test, + wolftpm_install_dir, wolftpm_test_yocto) d.appendVar('do_install', bbnote) d.appendVar('do_install', installDir) From 0d5ca1e16065cc00991c5029c96ea458182d8ca7 Mon Sep 17 00:00:00 2001 From: Aidan Garske Date: Fri, 28 Mar 2025 09:39:11 -0700 Subject: [PATCH 11/13] Added more detailed steps and fixed wolftpm needing to be enabled in wolfssl --- recipes-examples/wolftpm/README.md | 98 ++++++++++++++++++--- recipes-examples/wolftpm/wolfssl_%.bbappend | 4 + recipes-examples/wolftpm/wolftpm_%.bbappend | 4 +- 3 files changed, 91 insertions(+), 15 deletions(-) create mode 100644 recipes-examples/wolftpm/wolfssl_%.bbappend diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md index 7a4552c..d45e574 100644 --- a/recipes-examples/wolftpm/README.md +++ b/recipes-examples/wolftpm/README.md @@ -8,20 +8,58 @@ The recipes for these applications are located at: ``` meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb meta-wolfssl/recipes-examples/wolftpm/wolftpm-wrap-test.bb +meta-wolfssl/recipes-examples/wolftpm/wolfssl_%.bbappend ``` -You'll need to compile wolfTPM and the examples. This can be done with -these commands in the build directory: +You'll need to compile wolfTPM, wolfTPM wrap test example, and wolfSSL with +wolfTPM support. This can be done with these commands in the build directory: ``` +bitbake wolfssl bitbake wolftpm -bitbake wolftpm-examples +bitbake wolftpm-wrap-test ``` -To install these applications into your image, you will need to edit your -"build/conf/local.conf" file and add the following: +Adding Layers +------------- + +Besides adding meta-wolfssl to your bblayers.conf file, you will need to +add the following layers to your bblayers.conf file and clone +them into the poky directory. (Note: You need to have the same Yocto version +for all layers.) ```bash -# Install necessary packages +git clone https://github.com/openembedded/meta-openembedded.git -b +git clone https://github.com/ni/meta-security.git -b +``` + +Add the following layers to your bblayers.conf file: +```bash +BBLAYERS ?= " \ + /path/to/yocto/poky/meta-wolfssl \ + /path/to/yocto/poky/meta-security \ + /path/to/yocto/poky/meta-security/meta-tpm \ + /path/to/yocto/poky/meta-openembedded/meta-oe \ + /path/to/yocto/poky/meta-openembedded/meta-python \` + " +``` + +System Requirements +------------------- + +For Ubuntu/Debian systems, install the following packages: +```bash +sudo apt-get install python3-git python3-jinja2 python3-setuptools \ + swtpm swtpm-tools tpm2-tools git socat build-essential +``` + +Image Install Configuration +--------------------------- + +To install these applications into your image, you will need to edit your +`build/conf/local.conf` file and add the following: + +```bash +# Add TPM packages IMAGE_INSTALL:append = " \ tpm2-tools \ tpm2-tss \ @@ -34,24 +72,27 @@ IMAGE_INSTALL:append = " \ wolftpm-wrap-test \ " +# Set the image link name IMAGE_LINK_NAME = "core-image-minimal-qemux86-64" # Enable security features DISTRO_FEATURES:append = " security" # Enable TPM support DISTRO_FEATURES:append = " tpm tpm2" -# If you want all security modules, you can also add -DISTRO_FEATURES:append = " pam apparmor smack" # Enable kernel TPM support KERNEL_FEATURES:append = " features/tpm/tpm.scc" # Machine features MACHINE_FEATURES:append = " tpm tpm2" ``` +WolfTPM Configuration +--------------------- + To add wolfTPM configurations you can add configurations to the -EXTRA_OECONF variable. For example you can enable debug logging like -this: +EXTRA_OECONF variable. We need to have --enable-devtpm for the TPM +simulator to work. You can enable debug logging and other configurations +like this: ``` -EXTRA_OECONF += "--enable-debug" +EXTRA_OECONF += "--enable-devtpm --enable-debug" ``` Testing with QEMU and TPM Simulator @@ -100,7 +141,7 @@ sudo chmod -R 755 /tmp/mytpm1 sudo chmod 777 /tmp/mytpm1/swtpm-sock ``` -7. Start QEMU (in terminal 3): +7. Start and run the QEMU (in terminal 3): ``` cd ~/poky/build runqemu qemux86-64 nographic core-image-minimal \ @@ -115,6 +156,39 @@ cd /usr/bin ./wolftpm-wrap-test ``` +You should see the following output: +``` +root@qemux86-64:/usr/bin# ./wolftpm-wrap-test +TPM2 Demo for Wrapper API's +Mfg IBM (0), Vendor SW TPM, Fw 8217.4131 (0x163636), FIPS 140-2 0, CC-EAL4 0 +Found 2 persistent handles +Created new RSA Primary Storage Key at 0x81000200 +Creating a loaded new TPM 2.0 key Test Passed +RSA Sign/Verify using RSA PKCSv1.5 (SSA) padding +RSA Sign/Verify using RSA PSS padding +RSA Encrypt/Decrypt Test Passed +RSA Encrypt/Decrypt OAEP Test Passed +RSA Encrypt/Decrypt RSAES Test Passed +RSA Key 0x80000001 Exported to wolf RsaKey +wolf RsaKey loaded into TPM: Handle 0x80000000 +RSA Private Key Loaded into TPM: Handle 0x80000001 +Created new ECC Primary Storage Key at 0x81000201 +ECC Sign/Verify Passed +ECC DH Test Passed +ECC Verify Test Passed +ECC Key 0x80000001 Exported to wolf ecc_key +wolf ecc_key loaded into TPM: Handle 0x80000000 +ECC Private Key Loaded into TPM: Handle 0x80000001 +NV Test (with auth) on index 0x1800201 with 1024 bytes passed +NV Test on index 0x1800200 with 1024 bytes passed +Hash SHA256 test success +HMAC SHA256 test success +Encrypt/Decrypt (known key) test success +Encrypt/Decrypt test success +PCR Test pass +root@qemux86-64:/usr/bin# +``` + Refer to the [wolfTPM Examples README](https://github.com/wolfSSL/wolfTPM/blob/master/examples/README.md) for more information on the examples directory. Refer to the [meta-wolfssl README](https://github.com/wolfSSL/meta-wolfssl/blob/master/README.md) for more information on setting up your layer. diff --git a/recipes-examples/wolftpm/wolfssl_%.bbappend b/recipes-examples/wolftpm/wolfssl_%.bbappend new file mode 100644 index 0000000..7562ce5 --- /dev/null +++ b/recipes-examples/wolftpm/wolfssl_%.bbappend @@ -0,0 +1,4 @@ +# wolfssl_%.bbappend + +# Enables wolfTPM support in wolfSSL +EXTRA_OECONF += "--enable-wolftpm" diff --git a/recipes-examples/wolftpm/wolftpm_%.bbappend b/recipes-examples/wolftpm/wolftpm_%.bbappend index e988433..114596e 100644 --- a/recipes-examples/wolftpm/wolftpm_%.bbappend +++ b/recipes-examples/wolftpm/wolftpm_%.bbappend @@ -4,12 +4,10 @@ WOLFTPM_TEST = "wrap_test" WOLFTPM_TEST_YOCTO = "wolftpm-wrap-test" WOLFTPM_INSTALL_DIR = "${D}${bindir}" -# Configurations +# Configurations (--enable-devtpm is required for the TPM simulator to work) EXTRA_OECONF += "--enable-devtpm" python () { - # Current Configurations - bb.note("Current EXTRA_OECONF: %s" % d.getVar('EXTRA_OECONF')) # Get the environment variables WOLFTPM_TEST_DIR, WOLFTPM_TEST, # WOLFTPM_TEST_YOCTO, and WOLFTPM_INSTALL_DIR wolftpm_test_dir = d.getVar('WOLFTPM_TEST_DIR', True) From 1140d466efb0ec991c00b9ce9ac2467adc199289 Mon Sep 17 00:00:00 2001 From: Aidan Garske Date: Tue, 1 Apr 2025 09:53:46 -0700 Subject: [PATCH 12/13] Addressed pr feedback and formating --- recipes-examples/wolftpm/README.md | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md index d45e574..dd9a675 100644 --- a/recipes-examples/wolftpm/README.md +++ b/recipes-examples/wolftpm/README.md @@ -29,7 +29,7 @@ for all layers.) ```bash git clone https://github.com/openembedded/meta-openembedded.git -b -git clone https://github.com/ni/meta-security.git -b +git clone https://git.yoctoproject.org/meta-security -b ``` Add the following layers to your bblayers.conf file: @@ -39,7 +39,9 @@ BBLAYERS ?= " \ /path/to/yocto/poky/meta-security \ /path/to/yocto/poky/meta-security/meta-tpm \ /path/to/yocto/poky/meta-openembedded/meta-oe \ - /path/to/yocto/poky/meta-openembedded/meta-python \` + /path/to/yocto/poky/meta-openembedded/meta-python \ + /path/to/yocto/poky/meta-openembedded/meta-networking \ + /path/to/yocto/poky/meta-openembedded/meta-perl \ " ``` @@ -98,6 +100,11 @@ EXTRA_OECONF += "--enable-devtpm --enable-debug" Testing with QEMU and TPM Simulator ----------------------------------- +### Setting up Software TPM on Host Computer + +Follow these steps to setup the Software TPM on your host computer. This +will allow you to run the wolfTPM wrap test inside the QEMU. + 1. Compile your target image ``` bitbake core-image-minimal @@ -150,7 +157,11 @@ runqemu qemux86-64 nographic core-image-minimal \ -device tpm-tis,tpmdev=tpm0" ``` -8. Run the wolfTPM wrap test +### Running wolfTPM wrap test on QEMU using Software TPM + +Now that the TPM is setup, we can run the wolfTPM wrap test inside the QEMU. + +1. Run the wolfTPM wrap test ``` cd /usr/bin ./wolftpm-wrap-test From 41ce4f0b26e76c34da05a03675150a1eefdd6fb9 Mon Sep 17 00:00:00 2001 From: Aidan Garske Date: Tue, 1 Apr 2025 11:06:32 -0700 Subject: [PATCH 13/13] Fixed paths for apps in readme --- recipes-examples/wolftpm/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes-examples/wolftpm/README.md b/recipes-examples/wolftpm/README.md index dd9a675..abd3c4e 100644 --- a/recipes-examples/wolftpm/README.md +++ b/recipes-examples/wolftpm/README.md @@ -6,7 +6,7 @@ the TPM wrapper API functionality. The recipes for these applications are located at: ``` -meta-wolfssl/recipes-examples/wolftpm/wolftpm-examples.bb +meta-wolfssl/recipes-examples/wolftpm/wolftpm_%.bbappend meta-wolfssl/recipes-examples/wolftpm/wolftpm-wrap-test.bb meta-wolfssl/recipes-examples/wolftpm/wolfssl_%.bbappend ``` @@ -51,7 +51,7 @@ System Requirements For Ubuntu/Debian systems, install the following packages: ```bash sudo apt-get install python3-git python3-jinja2 python3-setuptools \ - swtpm swtpm-tools tpm2-tools git socat build-essential + swtpm swtpm-tools tpm2-tools git socat build-essential ``` Image Install Configuration