• State TI Thinks Resolved
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 98 subscribers
  • Views 464 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

DRA829V: softhsmv2 support on DRA8X platforms

Priya Boloor
Prodigy 80 points

Part Number: DRA829V
Other Parts Discussed in Thread: DRA829

Let us know the steps to enable and use softhsm2-util on DRA8x platforms

  • 0
    TI__Guru** 113810 points

    Hi Priya,

    Here are the typical steps to build a component that is not present by default in the SDK.

    1. Locate if the recipe is already included in the Yocto layers that the SDK already uses. This can be achieved by doing the below.

    cd yocto-layers/sources/

find . | grep softhsm

./meta-openembedded/meta-oe/recipes-security/softhsm/softhsm_git.bb

    2. Next step, try to build this recipe by running the bitbake command:

    TOOLCHAIN_BASE=/sdk/tools MACHINE=j7-evm bitbake -k softhsm

    While building the softhsm, it went through really quick the package didn't have much dependency.

    3. You can search for the contents of the package after the build by doing something like below:

    cd build/arago-tmp-external-arm-glibc/work/aarch64-linux/softhsm/2.5.0-r0/image

find .
.
./etc
./etc/softhsm2.conf
./etc/softhsm2.conf.sample
./usr
./usr/lib
./usr/lib/softhsm
./usr/lib/softhsm/libsofthsm2.so
./usr/lib/softhsm/libsofthsm2.a
./usr/share
./usr/share/man
./usr/share/man/man5
./usr/share/man/man5/softhsm2.conf.5
./usr/share/man/man1
./usr/share/man/man1/softhsm2-keyconv.1
./usr/share/man/man1/softhsm2-dump-file.1
./usr/share/man/man1/softhsm2-util.1
./usr/bin
./usr/bin/softhsm2-keyconv
./usr/bin/softhsm2-dump-file
./usr/bin/softhsm2-util
./var
./var/lib
./var/lib/softhsm
./var/lib/softhsm/tokens

    You can see that it has the file that you wanted "softhsm2-util"

    4. You can either bitbake the TI SDK image or copy the ipk file and install it on the target.

    Regards

    Karthik

  • 0 in reply to Karthik Ramanan
    Prodigy 80 points

    Hi Kartik,

    After the ti-softhsmv2 recipe is built and image loaded on the J7(DRA829) platform. The below softhsm2-util command gives error in execution. Kindly help with pointers.

    softhsm2-util --show-slots --module /usr/lib/softhsm/libsecstore.so.1

    ERROR: Could not initialize the library.

    PFB the error logs:

    Oct 13 11:02:20 j7-evm user.info softhsm-daemon: server msg, length 13 from /var/run/softhsm/client_sock.1170
    Oct 13 11:02:20 j7-evm user.info softhsm-daemon: ../../../../git/src/bin/daemon/softhsm-daemon.cpp(146): SoftHSM daemon version = 2
    Oct 13 11:02:20 j7-evm user.info softhsm-daemon: ../../../../git/src/bin/daemon/softhsm-daemon.cpp(159): Starting with service thread /var/run/softhsm/server_sock.281473102770624
    Oct 13 11:02:20 j7-evm user.info softhsm-daemon: ../../../../git/src/lib/crypto/OSSLCryptoFactory.cpp(151): NOT using internal memory for OSSL heap
    Oct 13 11:02:20 j7-evm user.info softhsm-daemon: ../../../../git/src/lib/object_store/FileSystem.cpp(154): Starting filesystem at 0xc000020 length 0xffe0
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileStore.cpp(79): File does not exist: /mnt/securedbv0/securedb
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileStore.cpp(79): File does not exist: /mnt/securedbv1/securedb
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystem.cpp(178): Could not get data for the FileStore
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystem.cpp(643): FileSystem:250, Error in header: magic and/or size
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystem.cpp(251): FileSystem validity check failed
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystemDir.cpp(80): Add node returned error 3 for directory __SECUREDB_ROOT__
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystem.cpp(637): Directory:82, File system not valid (v: 0, rp: 0xffff90ba0020)
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystemDir.cpp(82): File system intagrity check failed with file __SECUREDB_ROOT__
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystem.cpp(637): Directory:91, File system not valid (v: 0, rp: 0xffff90ba0020)
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/FileSystemDir.cpp(91): File system intagrity check failed with file __SECUREDB_ROOT__
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../../git/src/lib/object_store/ObjectStore.cpp(59): Failed to enumerate object store in __SECUREDB_ROOT__
    Oct 13 11:02:20 j7-evm user.err softhsm-daemon: ../../../git/src/lib/SoftHSM.cpp(609): Could not load the object store

    PFB the softhsm.conf file

    root@j7-evm:~# cat /etc/softhsm2.conf
    # SoftHSM v2 configuration file
    # Name (with full path) of the Unix daemon socket for secure database server
    sockets.serversock = /var/run/softhsm/server_sock
    # Name (with full path) of the Unix daemon socket for softhsm client
    sockets.clientsock = /var/run/softhsm/client_sock
    # Base address of the secure database key location (should be internal memory)
    secstore.key.addr = 0x0c000000
    # Size of the secure database key location
    secstore.key.size = 0x20
    # Base address of the secure database (should be internal memory)
    secstore.mem.addr = 0x0c000020
    # Maximum size of the secure database
    secstore.mem.size = 0xffe0
    # Name (with full path) of the secure database file0 (should be in non-volatile memory (ubifs))
    secstore.file0 = /mnt/securedbv0/securedb
    # Name (with full path) of the secure database file1 (should be in non-volatile memory (ubifs))
    secstore.file1 = /mnt/securedbv1/securedb
    # Whether internal memory should be used for Openssl dynamic allocations
    # valid configurations are yes/no.
    secstore.osslheap.internal = no
    # ERROR, WARNING, INFO, DEBUG
    log.level = INFO

    Thanks,

    Priya

  • 0 in reply to Priya Boloor
    TI__Guru** 113810 points

    Hi Priya,

    Glad to know that you have it built.

    softhsmv2 is an opensource component. TI does not add anything to this, so I do not know the dependencies of running this or getting it working.

    I was just trying to give you a helping hand with building the same, but if you are running into issues with running this, you will have to look into the documentation for all the runtime dependencies or configuration to get you going. 

    Kindly suggest that you work with the respective community and get support for this time. 

    Regards

    Karthik