aws4embeddedlinux · thomas-roos · Jun 30, 2025 · Jul 10, 2025
@@ -0,0 +1,15 @@
+Upstream-Status: Inappropriate [oe-specific]
+
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/include/sockets_posix.h
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/platform/posix/transport/include/sockets_posix.h
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/include/sockets_posix.h
+@@ -55,7 +55,7 @@
+ /* *INDENT-ON* */
+
+ /* Transport interface include. */
+-#include "transport_interface.h"
++#include <core_mqtt/transport_interface.h>
+
+ /**
+  * @brief TCP Connect / Disconnect return status.
@@ -0,0 +1,51 @@
+Upstream-Status: Inappropriate [oe-specific]
+
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/demo_config.h
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/demos/fleet_provisioning/fleet_provisioning_keys_cert/demo_config.h
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/demo_config.h
+@@ -188,27 +188,27 @@
+  * The current value is given as an example. Please update for your specific
+  * operating system.
+  */
+-#define OS_NAME                   "Ubuntu"
++//#define OS_NAME                   "Ubuntu"
+
+ /**
+  * @brief The version of the operating system that the application is running
+  * on. The current value is given as an example. Please update for your specific
+  * operating system version.
+  */
+-#define OS_VERSION                "18.04 LTS"
++//#define OS_VERSION                "18.04 LTS"
+
+ /**
+  * @brief The name of the hardware platform the application is running on. The
+  * current value is given as an example. Please update for your specific
+  * hardware platform.
+  */
+-#define HARDWARE_PLATFORM_NAME    "PC"
++//#define HARDWARE_PLATFORM_NAME    "PC"
+
+ /**
+  * @brief The name of the MQTT library used and its version, following an "@"
+  * symbol.
+  */
+-#include "core_mqtt.h"
++#include <core_mqtt/core_mqtt.h>
+ #define MQTT_LIB    "core-mqtt@" MQTT_LIBRARY_VERSION
+
+ #endif /* ifndef DEMO_CONFIG_H_ */
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/src/openssl_posix.c
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/platform/posix/transport/src/openssl_posix.c
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/src/openssl_posix.c
+@@ -30,7 +30,7 @@
+ #include <poll.h>
+
+ /* Transport interface include. */
+-#include "transport_interface.h"
++#include <core_mqtt/transport_interface.h>
+
+ #include "openssl_posix.h"
+ #include <openssl/err.h>
@@ -0,0 +1,77 @@
+Upstream-Status: Inappropriate [oe-specific]
+
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/fleet_provisioning_keys_cert_demo.c
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/demos/fleet_provisioning/fleet_provisioning_keys_cert/fleet_provisioning_keys_cert_demo.c
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/fleet_provisioning_keys_cert_demo.c
+@@ -66,11 +66,11 @@
+ #include "demo_config.h"
+
+ /* corePKCS11 includes. */
+-#include "core_pkcs11.h"
+-#include "core_pkcs11_config.h"
++#include <core_pkcs/core_pkcs11.h>
++#include <core_pkcs/core_pkcs11_config.h>
+
+ /* AWS IoT Fleet Provisioning Library. */
+-#include "fleet_provisioning.h"
++#include <fleetprovisioning/fleet_provisioning.h>
+
+ /* Demo includes. */
+ #include "mqtt_operations.h"
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/include/openssl_posix.h
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/platform/posix/transport/include/openssl_posix.h
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/include/openssl_posix.h
+@@ -59,7 +59,7 @@
+ #include <openssl/ssl.h>
+
+ /* Transport includes. */
+-#include "transport_interface.h"
++#include <core_mqtt/transport_interface.h>
+
+ /* Socket include. */
+ #include "sockets_posix.h"
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/mqtt_operations.h
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/demos/fleet_provisioning/fleet_provisioning_keys_cert/mqtt_operations.h
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/mqtt_operations.h
+@@ -24,10 +24,10 @@
+ #define MQTT_OPERATIONS_H_
+
+ /* MQTT API header. */
+-#include "core_mqtt.h"
++#include <core_mqtt/core_mqtt.h>
+
+ /* corePKCS11 include. */
+-#include "core_pkcs11.h"
++#include <core_pkcs/core_pkcs11.h>
+
+ /**
+  * @brief Application callback type to handle the incoming publishes.
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/include/plaintext_posix.h
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/platform/posix/transport/include/plaintext_posix.h
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/platform/posix/transport/include/plaintext_posix.h
+@@ -56,7 +56,7 @@
+ /* *INDENT-ON* */
+
+ /* Transport includes. */
+-#include "transport_interface.h"
++#include <core_mqtt/transport_interface.h>
+ #include "sockets_posix.h"
+
+ /**
+Index: aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/pkcs11_operations.h
+===================================================================
+--- aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git.orig/demos/fleet_provisioning/fleet_provisioning_keys_cert/pkcs11_operations.h
++++ aws-iot-device-sdk-embedded-c-fleet-provisioning-keys-cert-git/demos/fleet_provisioning/fleet_provisioning_keys_cert/pkcs11_operations.h
+@@ -33,7 +33,7 @@
+ #define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+ /* corePKCS11 include. */
+-#include "core_pkcs11.h"
++#include <core_pkcs/core_pkcs11.h>
+
+ /**
+  * @brief Loads the claim credentials into the PKCS #11 module. Claim
@@ -0,0 +1,90 @@
+cmake_minimum_required(VERSION 3.0)
+set( DEMO_NAME "fleet_provisioning_keys_cert" )
+
+# Find required packages
+find_package(backoffalgorithm REQUIRED)
+
+find_package(core_mqtt REQUIRED)
+
+find_package(fleetprovisioning REQUIRED)
+
+include(${CMAKE_CURRENT_SOURCE_DIR}/demos/logging-stack/logging.cmake)
+
+### tincycbor
+
+add_library(tinycbor STATIC
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborpretty.c"
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborpretty_stdio.c"
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborencoder.c"
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborencoder_close_container_checked.c"
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborerrorstrings.c"
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborparser.c"
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src/cborparser_dup_string.c"
+)
+
+set_target_properties(tinycbor PROPERTIES
+    ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib
+    POSITION_INDEPENDENT_CODE ON
+)
+
+# Use C99 for tinycbor as it is incompatible with C90
+if(CMAKE_C_STANDARD LESS 99)
+    set_target_properties(tinycbor PROPERTIES C_STANDARD 99)
+endif()
+
+target_include_directories(tinycbor PUBLIC
+    "${CMAKE_CURRENT_SOURCE_DIR}/libraries/3rdparty/tinycbor/src"
+)
+
+### DEMO
+
+file( GLOB DEMO_FILE "${DEMO_NAME}.c*" )
+
+# Add source files
+add_executable(${DEMO_NAME}
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/fleet_provisioning/${DEMO_NAME}/${DEMO_NAME}_demo.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/clock_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/src/plaintext_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/src/sockets_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/src/openssl_posix.c
+)
+
+# Add include directories for platform specific files
+target_include_directories(${DEMO_NAME} PRIVATE
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/fleet_provisioning/${DEMO_NAME}
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/http/common/include
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/include
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/include
+    PUBLIC
+        ${CMAKE_CURRENT_LIST_DIR}
+        ${LOGGING_INCLUDE_DIRS}
+)
+
+# Link libraries
+target_link_libraries(${DEMO_NAME}
+    PRIVATE
+       pthread
+       ssl
+       crypto
+       backoffalgorithm::backoffalgorithm
+       core_mqtt::core_mqtt
+       fleetprovisioning::fleetprovisioning
+       tinycbor
+)
+
+# Add compile definitions
+target_compile_definitions(${DEMO_NAME} PRIVATE
+    DOWNLOADED_CERT_WRITE_PATH=""
+    DOWNLOADED_PRIVATE_KEY_WRITE_PATH=""
+    AWS_IOT_ENDPOINT=""
+    ROOT_CA_CERT_PATH=""
+    CLAIM_CERT_PATH=""
+    CLAIM_PRIVATE_KEY_PATH=""
+    PROVISIONING_TEMPLATE_NAME=""
+    DEVICE_SERIAL_NUMBER=""
+    CSR_SUBJECT_NAME=""
+    CLIENT_IDENTIFIER=""
+    OS_NAME="Yocto"
+    OS_VERSION="Yocto"
+    HARDWARE_PLATFORM_NAME="Yocto"
+)
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+rm -rf tests.log
+timeout 30s mqtt_demo_plaintext | tee -a tests.log
+grep "Demo completed successfully" tests.log
+RETVAL=$?
+if [ $RETVAL -eq 0 ] ; then
+    echo "PASS: aws-iot-device-sdk-embedded-c: mqtt_demo_plaintext"
+else
+    echo "FAIL: aws-iot-device-sdk-embedded-c: mqtt_demo_plaintext"
+fi
@@ -0,0 +1,39 @@
+SUMMARY = "AWS IoT Device SDK for Embedded C - demo fleet_provisioning_keys_cert"
+DESCRIPTION = "SDK for connecting to AWS IoT from a device using embedded C - demo fleet_provisioning_keys_cert build from discrete lib packages instead of self contained libs"
+HOMEPAGE = "https://github.com/aws/aws-iot-device-sdk-embedded-C"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${UNPACKDIR}/${PN}-${PV}/LICENSE;md5=c8c19afab7f99fb196c9287cbd60a258 "
+
+SRC_URI = "\
+    gitsm://github.com/aws/aws-iot-device-sdk-embedded-C.git;protocol=https;branch=main \
+    file://001-transport-interface.patch \
+    file://002-config.patch \
+    file://003-fix-includes.patch \
+    file://CMakeLists.txt \
+    file://run-ptest \
+    "
+
+SRCREV = "da99638ec373c791a45557b0cd91fc20968d492d"
+
+DEPENDS = "\
+    backoffalgorithm \
+    coremqtt \
+    corepkcs11 \
+    fleet-provisioning-for-aws-iot-embedded-sdk \
+    openssl \
+    "
+
+inherit cmake ptest
+
+do_configure:prepend () {
+    cp ${UNPACKDIR}/CMakeLists.txt ${S}/
+}
+
+do_install () {
+    install -d ${D}${bindir}
+    install -m 0755 ${B}/mqtt_demo_plaintext ${D}${bindir}
+}
+
+# TODO fix properly
+INSANE_SKIP:${PN} += "buildpaths"
+INSANE_SKIP:${PN}-dbg += "buildpaths"
@@ -0,0 +1,30 @@
+Upstream-Status: Submitted [https://github.com/aws/aws-iot-device-sdk-embedded-C/pull/1919]
+
+Sites like google.com have deprecated TLS 1.2 and require TLS 1.3.
+
+Index: aws-iot-device-sdk-embedded-c-http-demo-basic-tls-git/platform/posix/transport/src/openssl_posix.c
+===================================================================
+--- aws-iot-device-sdk-embedded-c-http-demo-basic-tls-git.orig/platform/posix/transport/src/openssl_posix.c
++++ aws-iot-device-sdk-embedded-c-http-demo-basic-tls-git/platform/posix/transport/src/openssl_posix.c
+@@ -630,8 +630,19 @@ OpensslStatus_t Openssl_Connect( Network
+             returnStatus = OPENSSL_API_ERROR;
+         }
+     }
+-
+-    /* Setup credentials. */
++
++    /* Set minimum TLS version. */
++    if( returnStatus == OPENSSL_SUCCESS )
++    {
++        int ret = SSL_CTX_set_min_proto_version( pSslContext, TLS1_3_VERSION );
++        if( ret != 1 )
++        {
++            LogError( ( "Failed to set minimum TLS version to 1.3." ) );
++            returnStatus = OPENSSL_API_ERROR;
++        }
++    }
++
++    /* Setup credentials. */
+     if( returnStatus == OPENSSL_SUCCESS )
+     {
+         /* Enable partial writes for blocking calls to SSL_write to allow a
@@ -0,0 +1,51 @@
+cmake_minimum_required(VERSION 3.0)
+set( DEMO_NAME "http_demo_basic_tls" )
+
+# Find required packages
+find_package(core_http REQUIRED)
+find_package(OpenSSL REQUIRED)
+find_package(backoffalgorithm REQUIRED)
+
+include(${CMAKE_CURRENT_SOURCE_DIR}/demos/logging-stack/logging.cmake)
+
+file( GLOB DEMO_FILE "${DEMO_NAME}.c*" )
+
+# Add source files
+add_executable(${DEMO_NAME}
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/clock_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/src/plaintext_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/src/sockets_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/src/openssl_posix.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/http/common/src/http_demo_utils.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/http/common/src/http_demo_url_utils.c
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/http/${DEMO_NAME}/${DEMO_NAME}.c
+)
+
+# Add include directories for platform specific files
+target_include_directories(${DEMO_NAME} PRIVATE
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/http/${DEMO_NAME}
+    ${CMAKE_CURRENT_SOURCE_DIR}/demos/http/common/include
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/posix/transport/include
+    ${CMAKE_CURRENT_SOURCE_DIR}/platform/include
+    PUBLIC
+        ${CMAKE_CURRENT_LIST_DIR}
+        ${LOGGING_INCLUDE_DIRS}
+)
+
+
+# Link libraries
+target_link_libraries(${DEMO_NAME}
+    PRIVATE
+        core_http::core_http
+        backoffalgorithm::backoffalgorithm
+        pthread
+        ssl
+        crypto
+)
+
+# Add compile definitions
+target_compile_definitions(${DEMO_NAME} PRIVATE
+    SERVER_HOST="google.com"
+    HTTPS_PORT=443
+    ROOT_CA_CERT_PATH="/etc/ssl/certs/ca-certificates.crt"
+)
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+rm -rf tests.log
+timeout 30s http_demo_basic_tls | tee -a tests.log
+grep "Demo completed successfully" tests.log
+RETVAL=$?
+if [ $RETVAL -eq 0 ] ; then
+    echo "PASS: aws-iot-device-sdk-embedded-c: http_demo_basic_tls"
+else
+    echo "FAIL: aws-iot-device-sdk-embedded-c: http_demo_basic_tls"
+fi