From 9d9b6a8eb297e7e90a680730bfc5068deb19a138 Mon Sep 17 00:00:00 2001
From: Anton Gerasimov <anton@advancedtelematic.com>
Date: Wed, 27 Sep 2017 10:14:32 +0200
Subject: Support pkcs#11 in aktualizr and add softhsm token for testing

---
 recipes-sota/aktualizr/aktualizr-hsm-test-prov.bb | 34 +++++++++++++++++++++++
 recipes-sota/aktualizr/aktualizr_common.inc       |  2 +-
 recipes-sota/aktualizr/aktualizr_git.bb           |  2 +-
 recipes-sota/aktualizr/files/sota_hsm_test.toml   | 17 ++++++++++++
 4 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 recipes-sota/aktualizr/aktualizr-hsm-test-prov.bb
 create mode 100644 recipes-sota/aktualizr/files/sota_hsm_test.toml

(limited to 'recipes-sota/aktualizr')

diff --git a/recipes-sota/aktualizr/aktualizr-hsm-test-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-test-prov.bb
new file mode 100644
index 0000000..c77a5bc
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr-hsm-test-prov.bb
@@ -0,0 +1,34 @@
+SUMMARY = "Aktualizr systemd service and configuration with HSM support"
+DESCRIPTION = "Systemd service and configurations for Aktualizr, the SOTA Client application written in C++"
+HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
+SECTION = "base"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3"
+
+DEPENDS = "aktualizr-native"
+RDEPENDS_${PN} = "aktualizr"
+
+SRC_URI = " \
+  file://LICENSE \
+  file://aktualizr-autoprovision.service \
+  file://sota_hsm_test.toml \
+  "
+PV = "1.0"
+PR = "6"
+
+SYSTEMD_SERVICE_${PN} = "aktualizr.service"
+
+inherit systemd
+
+do_install() {
+    install -d ${D}/${systemd_unitdir}/system
+    install -m 0644 ${WORKDIR}/aktualizr-autoprovision.service ${D}/${systemd_unitdir}/system/aktualizr.service
+    install -d ${D}/usr/lib/sota
+    aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \
+        -i ${WORKDIR}/sota_hsm_test.toml -o ${D}/usr/lib/sota/sota.toml -p ${D}
+}
+
+FILES_${PN} = " \
+                ${systemd_unitdir}/system/aktualizr.service \
+                /usr/lib/sota/sota.toml \
+                "
diff --git a/recipes-sota/aktualizr/aktualizr_common.inc b/recipes-sota/aktualizr/aktualizr_common.inc
index b3f99cc..3f58157 100644
--- a/recipes-sota/aktualizr/aktualizr_common.inc
+++ b/recipes-sota/aktualizr/aktualizr_common.inc
@@ -11,7 +11,7 @@ PR = "7"
 SRC_URI = " \
   git://github.com/advancedtelematic/aktualizr;branch=${BRANCH} \
   "
-SRCREV = "ed2c9684d3b7e605b41a3e7dda0afded1d4a084c"
+SRCREV = "c38a1fd990cf238de2912db4d7023ddd91e2131f"
 BRANCH ?= "master"
 
 S = "${WORKDIR}/git"
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb
index 4f6a175..f994852 100644
--- a/recipes-sota/aktualizr/aktualizr_git.bb
+++ b/recipes-sota/aktualizr/aktualizr_git.bb
@@ -9,7 +9,7 @@ RDEPENDS_${PN}_append = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm-test'
 
 inherit systemd
 
-EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF -DCMAKE_BUILD_TYPE=Release -DBUILD_OSTREE=ON -DAKTUALIZR_VERSION=${PV}"
+EXTRA_OECMAKE = "-DWARNING_AS_ERROR=OFF -DCMAKE_BUILD_TYPE=Release -DBUILD_OSTREE=ON ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', '-DBUILD_P11=ON', '', d)} -DAKTUALIZR_VERSION=${PV}"
 
 do_install_append () {
     rm ${D}${bindir}/aktualizr_cert_provider
diff --git a/recipes-sota/aktualizr/files/sota_hsm_test.toml b/recipes-sota/aktualizr/files/sota_hsm_test.toml
new file mode 100644
index 0000000..1317914
--- /dev/null
+++ b/recipes-sota/aktualizr/files/sota_hsm_test.toml
@@ -0,0 +1,17 @@
+[tls]
+certificates_directory = "/var/sota/"
+ca_file = "/var/sota/token/root.crt"
+client_certificate = "01"
+cert_source = "pkcs11"
+pkey_file = "02"
+pkey_source = "pkcs11"
+
+[p11]
+module = "/usr/lib/softhsm/libsofthsm2.so"
+pass = "1234"
+
+[uptane]
+metadata_path = "/var/sota/metadata"
+private_key_path = "ecukey.der"
+public_key_path = "ecukey.pub"
+
-- 
cgit v1.2.3-54-g00ecf