Signed-off-by: Anton Antonov <anton.anto...@arm.com>
---
meta-parsec/README.md | 23 +++++++++++++++----
.../parsec-service/parsec-service_0.8.1.bb | 10 ++++----
2 files changed, 23 insertions(+), 10 deletions(-)
diff --git a/meta-parsec/README.md b/meta-parsec/README.md
index aeb48a6..c5635d3 100644
--- a/meta-parsec/README.md
+++ b/meta-parsec/README.md
@@ -1,8 +1,7 @@
meta-parsec layer
==============
-This layer contains recipes for the Parsec service with Mbed-Crypto,
-Pkcs11 and TPM providers and parsec tools.
+This layer contains recipes for the Parsec service and parsec tools.
Dependencies
============
@@ -43,9 +42,16 @@ local.conf:
IMAGE_INSTALL:append = " parsec-service"
- The Parsec service will be deployed into the image built with all the
supported
-providers and with the default config file from the Parsec repository:
+ By default the Parsec service will be deployed into the image with
+TPM, PKCS11, MBED-CRYPTO and CRYPTOAUTHLIB providers build in
+and with the default config file from the Parsec repository:
https://github.com/parallaxsecond/parsec/blob/main/config.toml
+
+ You can use PACKAGECONFIG for Parsec servic recipe to define
+what providers should be built in. For example,
+
+ PACKAGECONFIG:pn-parsec-service = "TPM"
+
The default Parsec service config file contains the MbedCrypto provider
enabled. The config file needs to be updated to use the Parsec service
with other providers like TPM or PKCS11. The required procedures are
@@ -80,12 +86,19 @@ manual testing of the Parsec service:
to test the Parsec service base functionality:
https://www.youtube.com/watch?v=ido0CyUdMHM&list=PLKjl7IFAwc4S7WQqqphCsyy6DPDxJ2Skg&index=4
+ The parsec-tool recipe also includes `parsec-cli-tests.sh` script
+which runs e2e tests against all providers enabled and configured
+in Parsec service.
+
You can use runqemu to start a VM with a built image file and run
manual tests with parsec-tool.
+Enabling Parsec providers for manual testing
+============================================
+
1. MbedCrypto provider
The default Parsec service config file contains the MbedCrypto provider
-enabled. No changes required for manual testing.
+enabled. No changes required.
2. PKCS11 provider
The Software HSM can be used for manual testing of the provider by
diff --git a/meta-parsec/recipes-parsec/parsec-service/parsec-service_0.8.1.bb
b/meta-parsec/recipes-parsec/parsec-service/parsec-service_0.8.1.bb
index b8bfa98..9161872 100644
--- a/meta-parsec/recipes-parsec/parsec-service/parsec-service_0.8.1.bb
+++ b/meta-parsec/recipes-parsec/parsec-service/parsec-service_0.8.1.bb
@@ -13,15 +13,15 @@ SRC_URI += "crate://crates.io/parsec-service/${PV} \
DEPENDS = "clang-native"
PACKAGECONFIG ??= "TPM PKCS11 MBED-CRYPTO CRYPTOAUTHLIB"
-PACKAGECONFIG[ALL] = "all-providers,,tpm2-tss libts,libts"
-PACKAGECONFIG[TPM] = "tpm-provider,,tpm2-tss"
-PACKAGECONFIG[PKCS11] = "pkcs11-provider,"
+PACKAGECONFIG[ALL] = "all-providers cryptoki/generate-bindings
tss-esapi/generate-bindings,,tpm2-tss libts,libts"
+PACKAGECONFIG[TPM] = "tpm-provider tss-esapi/generate-bindings,,tpm2-tss"
+PACKAGECONFIG[PKCS11] = "pkcs11-provider cryptoki/generate-bindings,"
PACKAGECONFIG[MBED-CRYPTO] = "mbed-crypto-provider,"
PACKAGECONFIG[CRYPTOAUTHLIB] = "cryptoauthlib-provider,"
PACKAGECONFIG[TS] = "trusted-service-provider,,libts,libts"
-PARSEC_PROVIDERS = "${@d.getVar('PACKAGECONFIG_CONFARGS',True).replace(' ',
',')}"
-CARGO_BUILD_FLAGS += " --features
${PARSEC_PROVIDERS},cryptoki/generate-bindings,tss-esapi/generate-bindings"
+PARSEC_FEATURES =
"${@d.getVar('PACKAGECONFIG_CONFARGS',True).strip().replace(' ', ',')}"
+CARGO_BUILD_FLAGS += " --features ${PARSEC_FEATURES}"
inherit systemd
SYSTEMD_SERVICE:${PN} = "parsec.service"
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#55120): https://lists.yoctoproject.org/g/yocto/message/55120
Mute This Topic: https://lists.yoctoproject.org/mt/86512471/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
