From patchwork Sat Feb 23 02:23:51 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Trent Piepho X-Patchwork-Id: 1047262 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=reject dis=none) header.from=impinj.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=impinj.com header.i=@impinj.com header.b="lg2pa2cB"; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 445tBG4QZ7z9s70 for ; Sat, 23 Feb 2019 13:55:49 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 17FF186282; Sat, 23 Feb 2019 02:55:47 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QmzzZ6Oyefdt; Sat, 23 Feb 2019 02:55:45 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 296AE858D3; Sat, 23 Feb 2019 02:55:45 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 97FC61BF99D for ; Sat, 23 Feb 2019 02:55:44 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id 94FD387DFE for ; Sat, 23 Feb 2019 02:55:44 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CSoXgIesmkkt for ; Sat, 23 Feb 2019 02:55:42 +0000 (UTC) X-Greylist: delayed 00:12:56 by SQLgrey-1.7.6 Received: from NAM05-BY2-obe.outbound.protection.outlook.com (mail-eopbgr710119.outbound.protection.outlook.com [40.107.71.119]) by hemlock.osuosl.org (Postfix) with ESMTPS id DF7BC87DDB for ; Sat, 23 Feb 2019 02:55:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=impinj.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vZRwzdWwcsRCUyfLtspvNXPMNnzOwTEQ3wsBybn2sBk=; b=lg2pa2cBrR9QG1/2JZ+ZjiTcylwpc/J2QCceJrppcI/5wKE4vo5fV+2Peh4buy9SrWcyjyulf0k8Kmgs++9X4ZkXnmbqPblzxbhjqGqPwOgMudSNbkaTtf28QCgvM45sqLobdpWZexs49qLTQyAFd/LZj9sDuSlhjrYL6gIc/gk= Received: from MWHPR0601MB3708.namprd06.prod.outlook.com (10.167.236.38) by MWHPR0601MB3612.namprd06.prod.outlook.com (10.167.236.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1643.18; Sat, 23 Feb 2019 02:23:51 +0000 Received: from MWHPR0601MB3708.namprd06.prod.outlook.com ([fe80::ac0c:a03e:77c7:fa85]) by MWHPR0601MB3708.namprd06.prod.outlook.com ([fe80::ac0c:a03e:77c7:fa85%5]) with mapi id 15.20.1643.014; Sat, 23 Feb 2019 02:23:51 +0000 From: Trent Piepho To: "buildroot@buildroot.org" Thread-Topic: [PATCH] host-rauc: Allow use of host-libp11 for crypto hardware support Thread-Index: AQHUyx7R1i11YGJmgkC8RRA7r9pxdA== Date: Sat, 23 Feb 2019 02:23:51 +0000 Message-ID: <20190223022338.5210-1-tpiepho@impinj.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BYAPR07CA0103.namprd07.prod.outlook.com (2603:10b6:a03:12b::44) To MWHPR0601MB3708.namprd06.prod.outlook.com (2603:10b6:301:7c::38) authentication-results: spf=none (sender IP is ) smtp.mailfrom=tpiepho@impinj.com; x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.14.4 x-originating-ip: [216.207.205.253] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 394cf546-a729-48e7-26c3-08d69935f353 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600110)(711020)(4605104)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7153060)(7193020); SRVR:MWHPR0601MB3612; x-ms-traffictypediagnostic: MWHPR0601MB3612: x-ms-exchange-purlcount: 1 x-microsoft-exchange-diagnostics: 1; MWHPR0601MB3612; 20:aEIh9GOgCOHNP0Ro0aZsKyOzMMOsgtnFRw4MYs3zqfSdIyZ34G6pBS5WoBI20tc/iyRlH3AfwOv9UF/xhtM3M5sIRC9bPAEHZJUaQPizveTSVSadvoIjBnhDXsx4vM7kx72hqGzLS1yNRz5lyQWiiXisA3o5gRIwG8hfs1pN2Nw= x-microsoft-antispam-prvs: x-forefront-prvs: 0957AD37A0 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39840400004)(346002)(376002)(396003)(366004)(136003)(199004)(189003)(53936002)(2501003)(106356001)(66066001)(2351001)(6506007)(105586002)(1076003)(6916009)(476003)(186003)(966005)(68736007)(7736002)(305945005)(386003)(2616005)(26005)(97736004)(81156014)(8676002)(256004)(81166006)(1730700003)(478600001)(486006)(8936002)(50226002)(71190400001)(71200400001)(6486002)(14454004)(102836004)(6116002)(6436002)(4326008)(316002)(86362001)(3846002)(36756003)(99286004)(52116002)(25786009)(5660300002)(2906002)(6512007)(107886003)(6306002)(5640700003); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR0601MB3612; H:MWHPR0601MB3708.namprd06.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:3; received-spf: None (protection.outlook.com: impinj.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: mCr22iBwm3fBG7onk3NBeUBpIwZTQLJG52tyqjkevreV260qFTz+v8pIQwwy0vV/WG0Mhkz7GKFATX9cGYkt52JwbaY6NchB+Mgyh+YpV3HQaLv7SbDNvOQGetC64Kq48dv/NFFlkTUdPE111+5/PvNnNdu+KMBQpgD25PvsyPUobBBTh306AJSpkhA7O1MJZErpLjhYk7Ug8NJRxTm88CK4/ClWxBfFA8hLCEK13uroKMsZ1xlr1nghBGhAlTTV0RZrCFMGTnYc+CWoJEr1ZIOrxBjcPtRW6Lmga5AiJauQebh9TQ1j30MZxhe2hl7+Rek9mCGQ3lpgUXZgfLs9oPkL2hM26ZFIvKClt7kuUFsfn9JLskgKsMDa8apuj+InNZRnUO1X8iAxVf/3uGqcs6eXJ6Ar1zPCySaIee2wUnE= MIME-Version: 1.0 X-OriginatorOrg: impinj.com X-MS-Exchange-CrossTenant-Network-Message-Id: 394cf546-a729-48e7-26c3-08d69935f353 X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Feb 2019 02:23:51.2381 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-id: 6de70f0f-7357-4529-a415-d8cbb7e93e5e X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR0601MB3612 Subject: [Buildroot] [PATCH] host-rauc: Allow use of host-libp11 for crypto hardware support X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Trent Piepho Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" To use a private key stored on a hardware crypto module, such as an HSM or smart card, rauc needs OpenSSL to have support for pkcs11 modules. OpenSSL achieves this through the libp11 library. The libp11 engine for OpenSSL is a dynamic module, so the dependency is at rauc's runtime, rather than openssl's or rauc's build time. However, it still needs to be added as a dependency, so that anything that uses host-rauc when building can be assured that host-rauc is fully functional. As this is a runtime dependency, there's no need for a target dependency. And it's only used for signing updates, which isn't done on the target anyway. Signed-off-by: Trent Piepho --- To work, this requires the patch to add libp11, https://patchwork.ozlabs.org/patch/1009607/ package/rauc/rauc.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/package/rauc/rauc.mk b/package/rauc/rauc.mk index 3848a010b3..92a5717544 100644 --- a/package/rauc/rauc.mk +++ b/package/rauc/rauc.mk @@ -30,6 +30,7 @@ RAUC_DEPENDENCIES += systemd endif HOST_RAUC_DEPENDENCIES = host-pkgconf host-openssl host-libglib2 host-squashfs +HOST_RAUC_DEPENDENCIES += $(if $(BR2_PACKAGE_HOST_LIBP11),host-libp11) HOST_RAUC_CONF_OPTS += --disable-network --disable-json --disable-service $(eval $(autotools-package))