Skip to content
Open
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 67 additions & 0 deletions Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -132,3 +132,70 @@ cppcheck:
--suppress=invalidPrintfArgType_sint \
--error-exitcode=89 --std=c89 \
-I wolftpm src/ hal/ examples

# SBOM generation (CRA compliance)
SBOM_CDX = wolftpm-$(PACKAGE_VERSION).cdx.json
SBOM_SPDX = wolftpm-$(PACKAGE_VERSION).spdx.json
SBOM_SPDX_TV = wolftpm-$(PACKAGE_VERSION).spdx
sbomdir = $(datadir)/doc/$(PACKAGE)

.PHONY: sbom install-sbom uninstall-sbom

sbom:
@if test -z "$(PYTHON3)"; then \
echo ""; \
echo "ERROR: 'python3' not found in PATH. Cannot generate SBOM."; \
echo ""; \
exit 1; \
fi
@if test -z "$(PYSPDXTOOLS)"; then \
echo ""; \
echo "ERROR: 'pyspdxtools' not found in PATH. Cannot validate SBOM."; \
echo " Install: pip install spdx-tools"; \
echo ""; \
exit 1; \
fi
@if test -z "$(WOLFSSL_DIR)"; then \
echo ""; \
echo "ERROR: WOLFSSL_DIR is not set. Cannot locate gen-sbom."; \
echo " Set WOLFSSL_DIR to your wolfSSL source tree, e.g.:"; \
echo " make sbom WOLFSSL_DIR=/path/to/wolfssl"; \
echo ""; \
exit 1; \
fi
@if test ! -f "$(WOLFSSL_DIR)/scripts/gen-sbom"; then \
echo ""; \
echo "ERROR: $(WOLFSSL_DIR)/scripts/gen-sbom not found."; \
echo " Check that WOLFSSL_DIR points to a wolfSSL tree with SBOM support."; \
echo ""; \
exit 1; \
fi
rm -rf $(abs_builddir)/_sbom_staging
$(MAKE) install DESTDIR=$(abs_builddir)/_sbom_staging
$(PYTHON3) $(WOLFSSL_DIR)/scripts/gen-sbom \
--name wolftpm \
--version $(PACKAGE_VERSION) \
--supplier "wolfSSL Inc." \
--license-file $(srcdir)/LICENSE \
--options-h $(abs_builddir)/wolftpm/options.h \
--lib $(abs_builddir)/_sbom_staging$(libdir)/libwolftpm.so.@WOLFTPM_LIBRARY_VERSION_FIRST@.@WOLFTPM_LIBRARY_VERSION_SECOND@.@WOLFTPM_LIBRARY_VERSION_THIRD@ \
$(if $(SBOM_LICENSE_OVERRIDE),--license-override $(SBOM_LICENSE_OVERRIDE)) \
$(if $(SBOM_LICENSE_TEXT),--license-text $(SBOM_LICENSE_TEXT)) \
--cdx-out $(abs_builddir)/$(SBOM_CDX) \
--spdx-out $(abs_builddir)/$(SBOM_SPDX)
Comment on lines +175 to +185
Comment on lines +179 to +185
rm -rf $(abs_builddir)/_sbom_staging
$(PYSPDXTOOLS) --infile $(abs_builddir)/$(SBOM_SPDX) \
--outfile $(abs_builddir)/$(SBOM_SPDX_TV)

install-sbom: sbom
$(MKDIR_P) $(DESTDIR)$(sbomdir)
$(INSTALL_DATA) $(SBOM_CDX) $(DESTDIR)$(sbomdir)/
$(INSTALL_DATA) $(SBOM_SPDX) $(DESTDIR)$(sbomdir)/
$(INSTALL_DATA) $(SBOM_SPDX_TV) $(DESTDIR)$(sbomdir)/

uninstall-sbom:
-rm -f $(DESTDIR)$(sbomdir)/$(SBOM_CDX)
-rm -f $(DESTDIR)$(sbomdir)/$(SBOM_SPDX)
-rm -f $(DESTDIR)$(sbomdir)/$(SBOM_SPDX_TV)

CLEANFILES += $(SBOM_CDX) $(SBOM_SPDX) $(SBOM_SPDX_TV)
25 changes: 14 additions & 11 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -29,17 +29,16 @@ AC_ARG_PROGRAM

AC_CONFIG_HEADERS([src/config.h])

WOLFTPM_LIBRARY_VERSION=17:0:0
# | | |
# +------+ | +---+
# | | |
# current:revision:age
# | | |
# | | +- increment if source code has changed
# | | set to zero if [current] or [revision] is incremented
# | +- increment if interfaces have been added
# | set to zero if [current] is incremented
# +- increment if interfaces have been removed or changed
WOLFTPM_LIBRARY_VERSION_FIRST=17
# ^--- current (installed so name: current-age)
WOLFTPM_LIBRARY_VERSION_SECOND=0
# ^-- revision
WOLFTPM_LIBRARY_VERSION_THIRD=0
# ^--- age
WOLFTPM_LIBRARY_VERSION=${WOLFTPM_LIBRARY_VERSION_FIRST}:${WOLFTPM_LIBRARY_VERSION_SECOND}:${WOLFTPM_LIBRARY_VERSION_THIRD}
AC_SUBST([WOLFTPM_LIBRARY_VERSION_FIRST])
AC_SUBST([WOLFTPM_LIBRARY_VERSION_SECOND])
AC_SUBST([WOLFTPM_LIBRARY_VERSION_THIRD])
AC_SUBST([WOLFTPM_LIBRARY_VERSION])


Expand Down Expand Up @@ -991,6 +990,10 @@ AC_SUBST([AM_CFLAGS])
AC_SUBST([AM_LDFLAGS])
AC_SUBST([CPPCHECK])

# SBOM generation
AC_PATH_PROG([PYTHON3], [python3])
AC_PATH_PROG([PYSPDXTOOLS], [pyspdxtools])

# FINAL
AC_CONFIG_FILES([Makefile])
AC_CONFIG_FILES([wolftpm/version.h])
Expand Down
Loading