From 0f3cc3aa55bcc6476d721f9fbb8dfe8559d85ff7 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Mon, 27 Jun 2016 16:26:25 -0400 Subject: First cut at consolidated alpha releng. Undoubtedly doesn't work yet, and still needs doc, but perhaps now ready for testing on build machine. --- .gitignore | 3 ++ .gitmodules | 57 ++++++++++++++++++++++ Makefile | 94 ++++++++++++++++++++++++++++++++++++ README.md | 67 ++++++++++++++++++++++++- build-firmware-package.py | 34 +++++++++++++ build-shadow-tree.py | 51 +++++++++++++++++++ firmware/.gitignore | 2 - firmware/.gitmodules | 54 --------------------- firmware/Makefile | 35 -------------- firmware/README.md | 19 -------- firmware/build-package.py | 34 ------------- firmware/core/cipher/aes | 1 - firmware/core/cipher/chacha | 1 - firmware/core/comm/fmc | 1 - firmware/core/comm/uart | 1 - firmware/core/hash/sha1 | 1 - firmware/core/hash/sha256 | 1 - firmware/core/hash/sha512 | 1 - firmware/core/math/modexpa7 | 1 - firmware/core/platform/alpha | 1 - firmware/core/rng/avalanche_entropy | 1 - firmware/core/rng/rosc_entropy | 1 - firmware/core/rng/trng | 1 - firmware/core/rng/vndecorrelator | 1 - firmware/core/util/mkmif | 1 - firmware/sw/libhal | 1 - firmware/sw/stm32 | 1 - firmware/sw/thirdparty/libtfm | 1 - firmware/user/ft/libcli | 1 - reprepro-conf/distributions | 15 ++++++ reprepro-conf/options | 4 ++ software/.gitmodules | 9 ---- software/Makefile | 64 ------------------------ software/README.md | 31 ------------ software/reprepro-conf/distributions | 7 --- software/reprepro-conf/options | 4 -- software/source/Makefile | 19 -------- software/source/debian/compat | 1 - software/source/debian/control | 14 ------ software/source/debian/copyright | 27 ----------- software/source/debian/rules | 4 -- software/source/debian/source/format | 1 - software/source/sw/libhal | 1 - software/source/sw/pkcs11 | 1 - software/source/sw/thirdparty/libtfm | 1 - source/Makefile | 19 ++++++++ source/core/cipher/aes | 1 + source/core/cipher/chacha | 1 + source/core/comm/fmc | 1 + source/core/comm/uart | 1 + source/core/hash/sha1 | 1 + source/core/hash/sha256 | 1 + source/core/hash/sha512 | 1 + source/core/math/modexpa7 | 1 + source/core/platform/alpha | 1 + source/core/rng/avalanche_entropy | 1 + source/core/rng/rosc_entropy | 1 + source/core/rng/trng | 1 + source/core/rng/vndecorrelator | 1 + source/core/util/mkmif | 1 + source/debian/compat | 1 + source/debian/control | 14 ++++++ source/debian/copyright | 27 +++++++++++ source/debian/rules | 4 ++ source/debian/source/format | 1 + source/sw/libhal | 1 + source/sw/pkcs11 | 1 + source/sw/stm32 | 1 + source/sw/thirdparty/libtfm | 1 + source/user/ft/libcli | 1 + 70 files changed, 409 insertions(+), 347 deletions(-) create mode 100644 .gitignore create mode 100644 .gitmodules create mode 100644 Makefile create mode 100755 build-firmware-package.py create mode 100755 build-shadow-tree.py delete mode 100644 firmware/.gitignore delete mode 100644 firmware/.gitmodules delete mode 100644 firmware/Makefile delete mode 100644 firmware/README.md delete mode 100755 firmware/build-package.py delete mode 160000 firmware/core/cipher/aes delete mode 160000 firmware/core/cipher/chacha delete mode 160000 firmware/core/comm/fmc delete mode 160000 firmware/core/comm/uart delete mode 160000 firmware/core/hash/sha1 delete mode 160000 firmware/core/hash/sha256 delete mode 160000 firmware/core/hash/sha512 delete mode 160000 firmware/core/math/modexpa7 delete mode 160000 firmware/core/platform/alpha delete mode 160000 firmware/core/rng/avalanche_entropy delete mode 160000 firmware/core/rng/rosc_entropy delete mode 160000 firmware/core/rng/trng delete mode 160000 firmware/core/rng/vndecorrelator delete mode 160000 firmware/core/util/mkmif delete mode 160000 firmware/sw/libhal delete mode 160000 firmware/sw/stm32 delete mode 160000 firmware/sw/thirdparty/libtfm delete mode 160000 firmware/user/ft/libcli create mode 100644 reprepro-conf/distributions create mode 100644 reprepro-conf/options delete mode 100644 software/.gitmodules delete mode 100644 software/Makefile delete mode 100644 software/README.md delete mode 100644 software/reprepro-conf/distributions delete mode 100644 software/reprepro-conf/options delete mode 100644 software/source/Makefile delete mode 100644 software/source/debian/compat delete mode 100644 software/source/debian/control delete mode 100644 software/source/debian/copyright delete mode 100755 software/source/debian/rules delete mode 100644 software/source/debian/source/format delete mode 160000 software/source/sw/libhal delete mode 160000 software/source/sw/pkcs11 delete mode 160000 software/source/sw/thirdparty/libtfm create mode 100644 source/Makefile create mode 160000 source/core/cipher/aes create mode 160000 source/core/cipher/chacha create mode 160000 source/core/comm/fmc create mode 160000 source/core/comm/uart create mode 160000 source/core/hash/sha1 create mode 160000 source/core/hash/sha256 create mode 160000 source/core/hash/sha512 create mode 160000 source/core/math/modexpa7 create mode 160000 source/core/platform/alpha create mode 160000 source/core/rng/avalanche_entropy create mode 160000 source/core/rng/rosc_entropy create mode 160000 source/core/rng/trng create mode 160000 source/core/rng/vndecorrelator create mode 160000 source/core/util/mkmif create mode 100644 source/debian/compat create mode 100644 source/debian/control create mode 100644 source/debian/copyright create mode 100755 source/debian/rules create mode 100644 source/debian/source/format create mode 160000 source/sw/libhal create mode 160000 source/sw/pkcs11 create mode 160000 source/sw/stm32 create mode 160000 source/sw/thirdparty/libtfm create mode 160000 source/user/ft/libcli diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..71aedc2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +build +package.tar.gz +screenlog.0 diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..6b5d092 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,57 @@ +[submodule "source/core/cipher/aes"] + path = source/core/cipher/aes + url = https://git.cryptech.is/core/cipher/aes.git +[submodule "source/core/cipher/chacha"] + path = source/core/cipher/chacha + url = https://git.cryptech.is/core/cipher/chacha.git +[submodule "source/core/comm/fmc"] + path = source/core/comm/fmc + url = https://git.cryptech.is/core/comm/fmc.git +[submodule "source/core/comm/uart"] + path = source/core/comm/uart + url = https://git.cryptech.is/core/comm/uart.git +[submodule "source/core/hash/sha1"] + path = source/core/hash/sha1 + url = https://git.cryptech.is/core/hash/sha1.git +[submodule "source/core/hash/sha256"] + path = source/core/hash/sha256 + url = https://git.cryptech.is/core/hash/sha256.git +[submodule "source/core/hash/sha512"] + path = source/core/hash/sha512 + url = https://git.cryptech.is/core/hash/sha512.git +[submodule "source/core/math/modexpa7"] + path = source/core/math/modexpa7 + url = https://git.cryptech.is/core/math/modexpa7.git +[submodule "source/core/platform/alpha"] + path = source/core/platform/alpha + url = https://git.cryptech.is/core/platform/alpha.git +[submodule "source/core/rng/avalanche_entropy"] + path = source/core/rng/avalanche_entropy + url = https://git.cryptech.is/core/rng/avalanche_entropy.git +[submodule "source/core/rng/rosc_entropy"] + path = source/core/rng/rosc_entropy + url = https://git.cryptech.is/core/rng/rosc_entropy.git +[submodule "source/core/rng/trng"] + path = source/core/rng/trng + url = https://git.cryptech.is/core/rng/trng.git +[submodule "source/core/rng/vndecorrelator"] + path = source/core/rng/vndecorrelator + url = https://git.cryptech.is/core/rng/vndecorrelator.git +[submodule "source/core/util/mkmif"] + path = source/core/util/mkmif + url = https://git.cryptech.is/core/util/mkmif.git +[submodule "source/sw/libhal"] + path = source/sw/libhal + url = https://git.cryptech.is/sw/libhal.git +[submodule "source/sw/pkcs11"] + path = source/sw/pkcs11 + url = https://git.cryptech.is/sw/pkcs11.git +[submodule "source/sw/stm32"] + path = source/sw/stm32 + url = https://git.cryptech.is/sw/stm32.git +[submodule "source/sw/thirdparty/libtfm"] + path = source/sw/thirdparty/libtfm + url = https://git.cryptech.is/sw/thirdparty/libtfm.git +[submodule "source/user/ft/libcli"] + path = source/user/ft/libcli + url = https://git.cryptech.is/user/ft/libcli.git diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..1f5b63f --- /dev/null +++ b/Makefile @@ -0,0 +1,94 @@ +# Top-level package build for Cryptech Alpha board. + +export CRYPTECH_VERSION := 2.0 + +HEAD_TIME := $(shell git show -s --format=%ct HEAD) +HEAD_HASH := $(shell git rev-parse HEAD) + +PACKAGE_NAME := cryptech-alpha +PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH} + +export GNUPGHOME := /home/aptbot/gnupg + +REPO_BASE := /home/aptbot/alpha +REPO_UMASK := 002 + +PBUILDER_BASE := ${HOME}/pbuilder +PBUILDER_TARGETS := debian/jessie/i386 debian/jessie/amd64 ubuntu/xenial/i386 ubuntu/xenial/amd64 + +REPO_UPLOAD_USER := aptbot +REPO_UPLOAD_URI := rsync://apt.cryptech.is/alpha/ + +# Yes, we really are putting the firmware tarball into the source package here. + +FIRMWARE_TARBALL := build/cryptech-alpha-firmware.tar.gz +BITSTREAM := build/core/platform/alpha/build/alpha_fmc.bit +ELVES := build/sw/stm32/projects/bootloader/bootloader.elf build/sw/stm32/projects/hsm/hsm.elf +FIRMWARE_BINARY := ${ELVES} ${ELVES:.elf=.bin} +FIRMWARE_ALL := ${BITSTREAM} ${FIRMWARE_BINARY} + +RTL_SOURCE := $(shell find source/core -name .git -prune -o -type f -print) +SW_SOURCE := $(shell find source/sw source/user -name .git -prune -o -type f -print) + +# Command to generate a new changelog containing one entry. +# Does nothing if the changelog already exists. + +DCH = test -f debian/changelog || \ + EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot ' \ + dch --create --package ${PACKAGE_NAME} --newversion '${PACKAGE_VERSION}' \ + '$(strip Version ${CRYPTECH_VERSION} package for Cryptech Alpha development board.)' + +all: init firmware dsc pbuilder homebrew + +enchilada: all upload + +init: + git submodule update --init --recursive + +clean: + git clean -dfx + git submodule foreach --recursive git clean -dfx + +sandblast: clean + git submodule deinit -f . + +firmware: shadow ${FIRMWARE_TARBALL} + +shadow: build + ./build-shadow-tree.py + +${FIRMWARE_TARBALL}: ${BITSTREAM} $(sort ${ELVES} ${ELVES:.elf=.bin}) + ./build-firmware-package.py $(basename $@) $^ + gzip -9f $(basename $@) + +bitstream: ${BITSTREAM} + +${BITSTREAM}: ${RTL_SOURCE} + ${MAKE} -C build/core/platform/alpha/build + +${ELVES:.elf=.bin}: shadow elves + +elves: + ${MAKE} -C build/core/sw/stm32 bootloader hsm + +dsc: + cd source; ${DCH} + cd source; debuild -S -uc -us + +pbuilder: + rm -f ${PBUILDER_BASE}/*result/* + umask ${REPO_UMASK}; \ + for target in ${PBUILDER_TARGETS}; do echo $$target | tr '/' ' '; done | \ + while read dist code arch; do \ + reprepro -b ${REPO_BASE}/$$dist -A $$arch list $$code ${PACKAGE_NAME} | awk '{v = $$3} END {exit v != "${PACKAGE_VERSION}"}' && continue; \ + pbuilder-dist $$code $$arch build ${PACKAGE_NAME}_${PACKAGE_VERSION}.dsc; \ + reprepro -b ${REPO_BASE}/$$dist include $$code ${PBUILDER_BASE}/$${code}-$${arch}_result/${PACKAGE_NAME}_${PACKAGE_VERSION}_$${arch}.changes; \ + done + +RSYNC := rsync --rsh 'ssh -l ${REPO_UPLOAD_USER}' --archive --itemize-changes + +upload: + ${RSYNC} --ignore-existing ${REPO_BASE}/ ${REPO_UPLOAD_URI} + ${RSYNC} --delete --delete-delay ${REPO_BASE}/ ${REPO_UPLOAD_URI} + +.PHONY: all init clean firmware shadow bitstream elves dsc pbuilder homebrew upload enchilada sandblast diff --git a/README.md b/README.md index 9ec137c..e3f3eff 100644 --- a/README.md +++ b/README.md @@ -1 +1,66 @@ -Unified release engineering stuff for Cryptech Alpha. +Alpha Releng +============ + +Release engineering stuff for Cryptech Alpha. + +Work in progress, currently a merge in progress of two separate +release engineering repositories, one for HSM firmware, one for host +software. + +This README is probably obsolete by the time you're reading it. + +## Old Firmware README ## + +Preliminary release engineering super-repository for building firmware +for the Cryptech "Alpha" board. + +Primary tasks here are to build a bitstream for the FPGA and the +"bootstrap" and "hsm" images for the Alpha's CPU. + +Eventually there will be a lot of packaging and versioning glorp here, +but let's start with basic build and clean targets. + +Current repository structure is, um, complicated. On the RTL side, we +have a tree of simple subrepositories, each representing one RTL core. + +On the software side, we have a subrepository which has several +subrepositories of its own: current thinking is that this should +probably be replaced by separate repositories and Makefile VPATH +magic, but this is what we have today so it's what we build with +today. + +This README is probably obsolete by the time you're reading it. + +## Old Software README ## + +Preliminary release engineering super-repository for building software +to work with the Cryptech "Alpha" board. + +Primary task here is to build the PKCS #11 library and any needed +support tools for whichever platforms we support. This will involve +some packaging voodoo. + +Our first targets for this are Debian and Ubuntu, probably the Jessie +and Xenial releases, respectively. If we really need to support +multiple releases for each of these platforms, the packaging mechanics +become more complicated, so we may just stop here for these platforms +and assume we can fill any odd corners using the associated source +package. + +Our next target for this is likely to be Mac OS X. This should be +relatively straightforward so long as we only have to support Homebrew +and we don't have to produce Homebrew "bottles" (binary packages). If +we do need to bottle, we either need one or more Mac build machines or +we need some kind of cross-compilation scheme (eg, +https://github.com/tpoechtrager/osxcross). + +Supporting Homebrew at all requires a bit of extra voodoo on top of +supporting Debian packaging, but none of it looks particularly +difficult, and the Debian packaging will produce the source tarball we +need for the Homebrew formula, so integrating production of these two +kinds of packaging makes some sense. + +Windoze is not currently on the radar. In theory, MinGW would suffice +as a cross compiler if and when we have to do something about it. + +This README is probably obsolete by the time you're reading it. diff --git a/build-firmware-package.py b/build-firmware-package.py new file mode 100755 index 0000000..0df116b --- /dev/null +++ b/build-firmware-package.py @@ -0,0 +1,34 @@ +#!/usr/bin/env python + +import subprocess +import tempfile +import argparse +import hashlib +import tarfile +import json +import os + +parser = argparse.ArgumentParser() +parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") +parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") +args = parser.parse_args() + +tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile) +head = subprocess.check_output(("git", "rev-parse", "HEAD")).strip() +time = subprocess.check_output(("git", "show", "-s", "--format=%ct", "HEAD")).strip() +commits = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()] +sha256 = {} + +for fn in args.firmware: + with open(fn, "rb") as f: + sha256[os.path.basename(fn)] = hashlib.sha256(f.read()).hexdigest() + tar.add(fn, os.path.basename(fn)) + +with tempfile.NamedTemporaryFile() as f: + gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256", "--no-permission-warning"), + stdin = subprocess.PIPE, stdout = f) + json.dump(dict(head = head, time = time, commits = commits, sha256 = sha256), gpg.stdin, indent = 2) + gpg.stdin.close() + if gpg.wait(): + raise subprocess.CalledProcessError(gpg.returncode, "gpg") + tar.add(f.name, "MANIFEST") diff --git a/build-shadow-tree.py b/build-shadow-tree.py new file mode 100755 index 0000000..f8c2376 --- /dev/null +++ b/build-shadow-tree.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python + +# Create a symlink build tree like the old X11 project "lndir" program. +# +# Reason for this is simple: synthesizing the Alpha RTL code takes a +# looong time, so we don't want to do it unnecessarily, but we also +# don't want to include all of the intermediate files from the +# synthesis in the source tarball. So we symlink a shadow build tree +# off to the side, do the synthesis there. +# +# We could construct this symlink tree by hand, but that's fragile, so +# we'd probably write a script to do it anyway, so we might as well +# just use the script to build the shadow tree and have done with it. + +import os + +verbose = True +dry_run = False + +source_root = "source" +build_root = "build" + +if verbose: + " mkdir", build_root + +if not dry_run: + os.mkdir(build_root) + +for source_head, dirs, files in os.walk(source_root): + build_head = build_root + source_head[len(source_root):] + + print source_head, build_head, dirs, files + + for dn in dirs: + d = os.path.join(build_head, dn) + if verbose: + print " mkdir", d + if not dry_run: + os.mkdir(d) + + for fn in files: + if fn == ".git": + continue + d = os.path.join(build_head, fn) + s = os.path.join(source_head, fn) + s = os.path.abspath(s) + s = os.path.relpath(s, build_head) + if verbose: + print " ln -s", s, d + if not dry_run: + os.symlink(s, d) diff --git a/firmware/.gitignore b/firmware/.gitignore deleted file mode 100644 index f1a0492..0000000 --- a/firmware/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -package.tar.gz -screenlog.0 diff --git a/firmware/.gitmodules b/firmware/.gitmodules deleted file mode 100644 index 77a2f38..0000000 --- a/firmware/.gitmodules +++ /dev/null @@ -1,54 +0,0 @@ -[submodule "core/cipher/aes"] - path = core/cipher/aes - url = https://git.cryptech.is/core/cipher/aes.git -[submodule "core/cipher/chacha"] - path = core/cipher/chacha - url = https://git.cryptech.is/core/cipher/chacha.git -[submodule "core/comm/fmc"] - path = core/comm/fmc - url = https://git.cryptech.is/core/comm/fmc.git -[submodule "core/comm/uart"] - path = core/comm/uart - url = https://git.cryptech.is/core/comm/uart.git -[submodule "core/hash/sha1"] - path = core/hash/sha1 - url = https://git.cryptech.is/core/hash/sha1.git -[submodule "core/hash/sha256"] - path = core/hash/sha256 - url = https://git.cryptech.is/core/hash/sha256.git -[submodule "core/hash/sha512"] - path = core/hash/sha512 - url = https://git.cryptech.is/core/hash/sha512.git -[submodule "core/math/modexpa7"] - path = core/math/modexpa7 - url = https://git.cryptech.is/core/math/modexpa7.git -[submodule "core/platform/alpha"] - path = core/platform/alpha - url = https://git.cryptech.is/core/platform/alpha.git -[submodule "core/rng/avalanche_entropy"] - path = core/rng/avalanche_entropy - url = https://git.cryptech.is/core/rng/avalanche_entropy.git -[submodule "core/rng/rosc_entropy"] - path = core/rng/rosc_entropy - url = https://git.cryptech.is/core/rng/rosc_entropy.git -[submodule "core/rng/trng"] - path = core/rng/trng - url = https://git.cryptech.is/core/rng/trng.git -[submodule "core/rng/vndecorrelator"] - path = core/rng/vndecorrelator - url = https://git.cryptech.is/core/rng/vndecorrelator.git -[submodule "core/util/mkmif"] - path = core/util/mkmif - url = https://git.cryptech.is/core/util/mkmif.git -[submodule "sw/stm32"] - path = sw/stm32 - url = https://git.cryptech.is/sw/stm32.git -[submodule "sw/libhal"] - path = sw/libhal - url = https://git.cryptech.is/sw/libhal.git -[submodule "sw/thirdparty/libtfm"] - path = sw/thirdparty/libtfm - url = https://git.cryptech.is/sw/thirdparty/libtfm.git -[submodule "user/ft/libcli"] - path = user/ft/libcli - url = https://git.cryptech.is/user/ft/libcli.git diff --git a/firmware/Makefile b/firmware/Makefile deleted file mode 100644 index fc98e1d..0000000 --- a/firmware/Makefile +++ /dev/null @@ -1,35 +0,0 @@ -# Preliminary makefile for releng/alpha/firmware, just to test the -# basic build sequence before we start messing with packaging scripts, -# version numbers, and other forms of entertainment. Expect changes. - -export GNUPGHOME := /home/aptbot/gnupg - -TARBALL := package.tar.gz -BITSTREAM := core/platform/alpha/build/alpha_fmc.bit -BINARIES := sw/stm32/projects/bootloader/bootloader.bin sw/stm32/projects/hsm/hsm.bin -FIRMWARE := ${BITSTREAM} ${BINARIES} ${BINARIES:.bin=.elf} -RTLSOURCE := $(shell find core -name .git -prune -o -path core/platform/alpha/build -prune -o -type f -print) - -all: bitstream elves package - -bitstream: ${BITSTREAM} - -${BITSTREAM}: ${RTLSOURCE} - cd core/platform/alpha/build; ${MAKE} - -${BINARIES}: elves - -elves: - cd sw/stm32; ${MAKE} bootloader hsm - -package: ${TARBALL} - -${TARBALL}: ${FIRMWARE} - ./build-package.py $(basename $@) $^ - gzip -9f $(basename $@) - -clean: - git clean -dfx - git submodule foreach git clean -dfx - -.PHONY: all bitstream elves package clean diff --git a/firmware/README.md b/firmware/README.md deleted file mode 100644 index ebf4015..0000000 --- a/firmware/README.md +++ /dev/null @@ -1,19 +0,0 @@ -Preliminary release engineering super-repository for building firmware -for the Cryptech "Alpha" board. - -Primary tasks here are to build a bitstream for the FPGA and the -"bootstrap" and "hsm" images for the Alpha's CPU. - -Eventually there will be a lot of packaging and versioning glorp here, -but let's start with basic build and clean targets. - -Current repository structure is, um, complicated. On the RTL side, we -have a tree of simple subrepositories, each representing one RTL core. - -On the software side, we have a subrepository which has several -subrepositories of its own: current thinking is that this should -probably be replaced by separate repositories and Makefile VPATH -magic, but this is what we have today so it's what we build with -today. - -This README is probably obsolete by the time you're reading it. diff --git a/firmware/build-package.py b/firmware/build-package.py deleted file mode 100755 index 0df116b..0000000 --- a/firmware/build-package.py +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env python - -import subprocess -import tempfile -import argparse -import hashlib -import tarfile -import json -import os - -parser = argparse.ArgumentParser() -parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create") -parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball") -args = parser.parse_args() - -tar = tarfile.TarFile(mode = "w", fileobj = args.tarfile) -head = subprocess.check_output(("git", "rev-parse", "HEAD")).strip() -time = subprocess.check_output(("git", "show", "-s", "--format=%ct", "HEAD")).strip() -commits = [line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()] -sha256 = {} - -for fn in args.firmware: - with open(fn, "rb") as f: - sha256[os.path.basename(fn)] = hashlib.sha256(f.read()).hexdigest() - tar.add(fn, os.path.basename(fn)) - -with tempfile.NamedTemporaryFile() as f: - gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256", "--no-permission-warning"), - stdin = subprocess.PIPE, stdout = f) - json.dump(dict(head = head, time = time, commits = commits, sha256 = sha256), gpg.stdin, indent = 2) - gpg.stdin.close() - if gpg.wait(): - raise subprocess.CalledProcessError(gpg.returncode, "gpg") - tar.add(f.name, "MANIFEST") diff --git a/firmware/core/cipher/aes b/firmware/core/cipher/aes deleted file mode 160000 index 9157592..0000000 --- a/firmware/core/cipher/aes +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 915759285c179cf99be3c17ad401c79e4b8be054 diff --git a/firmware/core/cipher/chacha b/firmware/core/cipher/chacha deleted file mode 160000 index 549b75a..0000000 --- a/firmware/core/cipher/chacha +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 549b75a635817ce263c368c9b8b5b0b07f90ec21 diff --git a/firmware/core/comm/fmc b/firmware/core/comm/fmc deleted file mode 160000 index 61c16de..0000000 --- a/firmware/core/comm/fmc +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 61c16de8beb8deaadd2ffedfabfb3ce96e8699f0 diff --git a/firmware/core/comm/uart b/firmware/core/comm/uart deleted file mode 160000 index 0d3acd1..0000000 --- a/firmware/core/comm/uart +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 0d3acd1815da8fcbd2b30f4fe1ff514f87b25228 diff --git a/firmware/core/hash/sha1 b/firmware/core/hash/sha1 deleted file mode 160000 index ae915a1..0000000 --- a/firmware/core/hash/sha1 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit ae915a1ed47a807ec880c2f18053e4f8eda6bd93 diff --git a/firmware/core/hash/sha256 b/firmware/core/hash/sha256 deleted file mode 160000 index c894f78..0000000 --- a/firmware/core/hash/sha256 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit c894f78a95a01351f277c3d36bcf6dced08798e2 diff --git a/firmware/core/hash/sha512 b/firmware/core/hash/sha512 deleted file mode 160000 index 88e0d83..0000000 --- a/firmware/core/hash/sha512 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 88e0d83768004b6bab2d83edf7eae2841678b51c diff --git a/firmware/core/math/modexpa7 b/firmware/core/math/modexpa7 deleted file mode 160000 index 4612bc2..0000000 --- a/firmware/core/math/modexpa7 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 4612bc24a8b43c14580d6be06542b1fa9a6e615a diff --git a/firmware/core/platform/alpha b/firmware/core/platform/alpha deleted file mode 160000 index fc8be80..0000000 --- a/firmware/core/platform/alpha +++ /dev/null @@ -1 +0,0 @@ -Subproject commit fc8be8024560bb77221758b0351c3de7b4ea6e93 diff --git a/firmware/core/rng/avalanche_entropy b/firmware/core/rng/avalanche_entropy deleted file mode 160000 index 5742813..0000000 --- a/firmware/core/rng/avalanche_entropy +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 5742813ab43fec9fa90d970f086f1e266875b8f3 diff --git a/firmware/core/rng/rosc_entropy b/firmware/core/rng/rosc_entropy deleted file mode 160000 index 48e3c11..0000000 --- a/firmware/core/rng/rosc_entropy +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 48e3c117ae6944775010031b1691446220944b62 diff --git a/firmware/core/rng/trng b/firmware/core/rng/trng deleted file mode 160000 index 953909d..0000000 --- a/firmware/core/rng/trng +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 953909d18796c1caea35263eb902b1dd7021d92d diff --git a/firmware/core/rng/vndecorrelator b/firmware/core/rng/vndecorrelator deleted file mode 160000 index 49e388c..0000000 --- a/firmware/core/rng/vndecorrelator +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 49e388c3dadcaabe1e4e66a37fcd52b2f125c1dc diff --git a/firmware/core/util/mkmif b/firmware/core/util/mkmif deleted file mode 160000 index fd1dd73..0000000 --- a/firmware/core/util/mkmif +++ /dev/null @@ -1 +0,0 @@ -Subproject commit fd1dd73410ba6ca3d082ff61e4b39d6e8c2de35e diff --git a/firmware/sw/libhal b/firmware/sw/libhal deleted file mode 160000 index 709a71c..0000000 --- a/firmware/sw/libhal +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 709a71c0030225ba08cddf5227a1c67c2dbb4176 diff --git a/firmware/sw/stm32 b/firmware/sw/stm32 deleted file mode 160000 index 0d25f92..0000000 --- a/firmware/sw/stm32 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 0d25f920c9024a3a6f994b8f17b9b28ffa6e0930 diff --git a/firmware/sw/thirdparty/libtfm b/firmware/sw/thirdparty/libtfm deleted file mode 160000 index 269fc4e..0000000 --- a/firmware/sw/thirdparty/libtfm +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c diff --git a/firmware/user/ft/libcli b/firmware/user/ft/libcli deleted file mode 160000 index 54c6b86..0000000 --- a/firmware/user/ft/libcli +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 54c6b8649b1a13e69a908c96e8d4d19cf8d72845 diff --git a/reprepro-conf/distributions b/reprepro-conf/distributions new file mode 100644 index 0000000..4d06b15 --- /dev/null +++ b/reprepro-conf/distributions @@ -0,0 +1,15 @@ +Origin: cryptech.is +Label: cryptech.is APT repository +Codename: jessie +Architectures: i386 amd64 source +Components: main +Description: cryptech.is APT Repository +SignWith: yes + +Origin: cryptech.is +Label: cryptech.is APT repository +Codename: xenial +Architectures: i386 amd64 source +Components: main +Description: cryptech.is APT Repository +SignWith: yes diff --git a/reprepro-conf/options b/reprepro-conf/options new file mode 100644 index 0000000..f5ad660 --- /dev/null +++ b/reprepro-conf/options @@ -0,0 +1,4 @@ +verbose +ask-passphrase +basedir . +ignore wrongdistribution diff --git a/software/.gitmodules b/software/.gitmodules deleted file mode 100644 index a464eb3..0000000 --- a/software/.gitmodules +++ /dev/null @@ -1,9 +0,0 @@ -[submodule "source/sw/libhal"] - path = source/sw/libhal - url = https://git.cryptech.is/sw/libhal.git -[submodule "source/sw/pkcs11"] - path = source/sw/pkcs11 - url = https://git.cryptech.is/sw/pkcs11.git -[submodule "source/sw/thirdparty/libtfm"] - path = source/sw/thirdparty/libtfm - url = https://git.cryptech.is/sw/thirdparty/libtfm.git diff --git a/software/Makefile b/software/Makefile deleted file mode 100644 index 787fea4..0000000 --- a/software/Makefile +++ /dev/null @@ -1,64 +0,0 @@ -# Top-level build of software packages to work with Cryptech Alpha board. - -export CRYPTECH_VERSION := 2.0 - -HEAD_TIME := $(shell git show -s --format=%ct HEAD) -HEAD_HASH := $(shell git rev-parse HEAD) - -PACKAGE_NAME := cryptech-alpha -PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH} - -export GNUPGHOME := /home/aptbot/gnupg - -REPO_BASE := /home/aptbot/alpha -REPO_UMASK := 002 - -PBUILDER_BASE := ${HOME}/pbuilder -PBUILDER_TARGETS := debian/jessie/i386 debian/jessie/amd64 ubuntu/xenial/i386 ubuntu/xenial/amd64 - -REPO_UPLOAD_USER := aptbot -REPO_UPLOAD_URI := rsync://apt.cryptech.is/alpha/ - -# Command to generate a new changelog containing one entry. -# Does nothing if the changelog already exists. - -DCH = test -f debian/changelog || \ - EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot ' \ - dch --create --package ${PACKAGE_NAME} --newversion '${PACKAGE_VERSION}' \ - '$(strip Version ${CRYPTECH_VERSION} of software for Cryptech Alpha development board.)' - -all: init source pbuilder homebrew - -enchilada: all upload - -init: - git submodule update --init --recursive - -clean: - git clean -dfx - git submodule foreach --recursive git clean -dfx - -sandblast: clean - git submodule deinit -f . - -source: - cd source; ${DCH} - cd source; debuild -S -uc -us - -pbuilder: - rm -f ${PBUILDER_BASE}/*result/* - umask ${REPO_UMASK}; \ - for target in ${PBUILDER_TARGETS}; do echo $$target | tr '/' ' '; done | \ - while read dist code arch; do \ - reprepro -b ${REPO_BASE}/$$dist -A $$arch list $$code ${PACKAGE_NAME} | awk '{v = $$3} END {exit v != "${PACKAGE_VERSION}"}' && continue; \ - pbuilder-dist $$code $$arch build ${PACKAGE_NAME}_${PACKAGE_VERSION}.dsc; \ - reprepro -b ${REPO_BASE}/$$dist include $$code ${PBUILDER_BASE}/$${code}-$${arch}_result/${PACKAGE_NAME}_${PACKAGE_VERSION}_$${arch}.changes; \ - done - -RSYNC := rsync --rsh 'ssh -l ${REPO_UPLOAD_USER}' --archive --itemize-changes - -upload: - ${RSYNC} --ignore-existing ${REPO_BASE}/ ${REPO_UPLOAD_URI} - ${RSYNC} --delete --delete-delay ${REPO_BASE}/ ${REPO_UPLOAD_URI} - -.PHONY: all init clean source pbuilder homebrew upload enchilada sandblast diff --git a/software/README.md b/software/README.md deleted file mode 100644 index 15c1006..0000000 --- a/software/README.md +++ /dev/null @@ -1,31 +0,0 @@ -Preliminary release engineering super-repository for building software -to work with the Cryptech "Alpha" board. - -Primary task here is to build the PKCS #11 library and any needed -support tools for whichever platforms we support. This will involve -some packaging voodoo. - -Our first targets for this are Debian and Ubuntu, probably the Jessie -and Xenial releases, respectively. If we really need to support -multiple releases for each of these platforms, the packaging mechanics -become more complicated, so we may just stop here for these platforms -and assume we can fill any odd corners using the associated source -package. - -Our next target for this is likely to be Mac OS X. This should be -relatively straightforward so long as we only have to support Homebrew -and we don't have to produce Homebrew "bottles" (binary packages). If -we do need to bottle, we either need one or more Mac build machines or -we need some kind of cross-compilation scheme (eg, -https://github.com/tpoechtrager/osxcross). - -Supporting Homebrew at all requires a bit of extra voodoo on top of -supporting Debian packaging, but none of it looks particularly -difficult, and the Debian packaging will produce the source tarball we -need for the Homebrew formula, so integrating production of these two -kinds of packaging makes some sense. - -Windoze is not currently on the radar. In theory, MinGW would suffice -as a cross compiler if and when we have to do something about it. - -This README is probably obsolete by the time you're reading it. diff --git a/software/reprepro-conf/distributions b/software/reprepro-conf/distributions deleted file mode 100644 index 57c1afc..0000000 --- a/software/reprepro-conf/distributions +++ /dev/null @@ -1,7 +0,0 @@ -Origin: cryptech.is -Label: cryptech.is APT repository -Codename: jessie -Architectures: i386 amd64 source -Components: main -Description: cryptech.is APT Repository -SignWith: yes diff --git a/software/reprepro-conf/options b/software/reprepro-conf/options deleted file mode 100644 index f5ad660..0000000 --- a/software/reprepro-conf/options +++ /dev/null @@ -1,4 +0,0 @@ -verbose -ask-passphrase -basedir . -ignore wrongdistribution diff --git a/software/source/Makefile b/software/source/Makefile deleted file mode 100644 index e2fdb1b..0000000 --- a/software/source/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -# Makefile to build Debian package for Cryptech Alpha board software - -all: - cd sw/thirdparty/libtfm; ${MAKE} - cd sw/libhal; ${MAKE} daemon - cd sw/pkcs11; ${MAKE} - -clean distclean: - cd sw/thirdparty/libtfm; ${MAKE} $@ - cd sw/libhal; ${MAKE} $@ - cd sw/pkcs11; ${MAKE} $@ - -install: all - install -m 644 -D sw/pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so - install -D sw/pkcs11/p11util ${DESTDIR}/usr/sbin/p11util - install -D sw/libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd - ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0 - -# Might also want to install the firmware tarball, scripts to use it, .... diff --git a/software/source/debian/compat b/software/source/debian/compat deleted file mode 100644 index ec63514..0000000 --- a/software/source/debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/software/source/debian/control b/software/source/debian/control deleted file mode 100644 index 8ae25b9..0000000 --- a/software/source/debian/control +++ /dev/null @@ -1,14 +0,0 @@ -Source: cryptech-alpha -Maintainer: APT Builder Robot -Section: misc -Priority: optional -Standards-Version: 3.9.6 -Build-Depends: debhelper (>= 9), libsqlite3-0, libsqlite3-dev, python (>= 2.7), python-yaml -Homepage: http://trac.cryptech.is/wiki - -Package: cryptech-alpha -Architecture: any -Depends: libc6 (>= 2.13), ${misc:Depends}, libsqlite3-0 -Description: Cryptech open-source crypto software - "cryptech-alpha" contains software for use with the Cryptech Project - "Alpha" development board. diff --git a/software/source/debian/copyright b/software/source/debian/copyright deleted file mode 100644 index ec25460..0000000 --- a/software/source/debian/copyright +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2015-2016, NORDUnet A/S All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: -- Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - -- Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -- Neither the name of the NORDUnet nor the names of its contributors may - be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS -IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A -PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED -TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/software/source/debian/rules b/software/source/debian/rules deleted file mode 100755 index 2d33f6a..0000000 --- a/software/source/debian/rules +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/make -f - -%: - dh $@ diff --git a/software/source/debian/source/format b/software/source/debian/source/format deleted file mode 100644 index 89ae9db..0000000 --- a/software/source/debian/source/format +++ /dev/null @@ -1 +0,0 @@ -3.0 (native) diff --git a/software/source/sw/libhal b/software/source/sw/libhal deleted file mode 160000 index 709a71c..0000000 --- a/software/source/sw/libhal +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 709a71c0030225ba08cddf5227a1c67c2dbb4176 diff --git a/software/source/sw/pkcs11 b/software/source/sw/pkcs11 deleted file mode 160000 index 3118c13..0000000 --- a/software/source/sw/pkcs11 +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3118c1384c46140269033ea63faa6ebca9a3af5a diff --git a/software/source/sw/thirdparty/libtfm b/software/source/sw/thirdparty/libtfm deleted file mode 160000 index 269fc4e..0000000 --- a/software/source/sw/thirdparty/libtfm +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c diff --git a/source/Makefile b/source/Makefile new file mode 100644 index 0000000..e2fdb1b --- /dev/null +++ b/source/Makefile @@ -0,0 +1,19 @@ +# Makefile to build Debian package for Cryptech Alpha board software + +all: + cd sw/thirdparty/libtfm; ${MAKE} + cd sw/libhal; ${MAKE} daemon + cd sw/pkcs11; ${MAKE} + +clean distclean: + cd sw/thirdparty/libtfm; ${MAKE} $@ + cd sw/libhal; ${MAKE} $@ + cd sw/pkcs11; ${MAKE} $@ + +install: all + install -m 644 -D sw/pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so + install -D sw/pkcs11/p11util ${DESTDIR}/usr/sbin/p11util + install -D sw/libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd + ln -s libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so.0 + +# Might also want to install the firmware tarball, scripts to use it, .... diff --git a/source/core/cipher/aes b/source/core/cipher/aes new file mode 160000 index 0000000..9157592 --- /dev/null +++ b/source/core/cipher/aes @@ -0,0 +1 @@ +Subproject commit 915759285c179cf99be3c17ad401c79e4b8be054 diff --git a/source/core/cipher/chacha b/source/core/cipher/chacha new file mode 160000 index 0000000..549b75a --- /dev/null +++ b/source/core/cipher/chacha @@ -0,0 +1 @@ +Subproject commit 549b75a635817ce263c368c9b8b5b0b07f90ec21 diff --git a/source/core/comm/fmc b/source/core/comm/fmc new file mode 160000 index 0000000..61c16de --- /dev/null +++ b/source/core/comm/fmc @@ -0,0 +1 @@ +Subproject commit 61c16de8beb8deaadd2ffedfabfb3ce96e8699f0 diff --git a/source/core/comm/uart b/source/core/comm/uart new file mode 160000 index 0000000..0d3acd1 --- /dev/null +++ b/source/core/comm/uart @@ -0,0 +1 @@ +Subproject commit 0d3acd1815da8fcbd2b30f4fe1ff514f87b25228 diff --git a/source/core/hash/sha1 b/source/core/hash/sha1 new file mode 160000 index 0000000..ae915a1 --- /dev/null +++ b/source/core/hash/sha1 @@ -0,0 +1 @@ +Subproject commit ae915a1ed47a807ec880c2f18053e4f8eda6bd93 diff --git a/source/core/hash/sha256 b/source/core/hash/sha256 new file mode 160000 index 0000000..c894f78 --- /dev/null +++ b/source/core/hash/sha256 @@ -0,0 +1 @@ +Subproject commit c894f78a95a01351f277c3d36bcf6dced08798e2 diff --git a/source/core/hash/sha512 b/source/core/hash/sha512 new file mode 160000 index 0000000..88e0d83 --- /dev/null +++ b/source/core/hash/sha512 @@ -0,0 +1 @@ +Subproject commit 88e0d83768004b6bab2d83edf7eae2841678b51c diff --git a/source/core/math/modexpa7 b/source/core/math/modexpa7 new file mode 160000 index 0000000..4612bc2 --- /dev/null +++ b/source/core/math/modexpa7 @@ -0,0 +1 @@ +Subproject commit 4612bc24a8b43c14580d6be06542b1fa9a6e615a diff --git a/source/core/platform/alpha b/source/core/platform/alpha new file mode 160000 index 0000000..fc8be80 --- /dev/null +++ b/source/core/platform/alpha @@ -0,0 +1 @@ +Subproject commit fc8be8024560bb77221758b0351c3de7b4ea6e93 diff --git a/source/core/rng/avalanche_entropy b/source/core/rng/avalanche_entropy new file mode 160000 index 0000000..5742813 --- /dev/null +++ b/source/core/rng/avalanche_entropy @@ -0,0 +1 @@ +Subproject commit 5742813ab43fec9fa90d970f086f1e266875b8f3 diff --git a/source/core/rng/rosc_entropy b/source/core/rng/rosc_entropy new file mode 160000 index 0000000..48e3c11 --- /dev/null +++ b/source/core/rng/rosc_entropy @@ -0,0 +1 @@ +Subproject commit 48e3c117ae6944775010031b1691446220944b62 diff --git a/source/core/rng/trng b/source/core/rng/trng new file mode 160000 index 0000000..953909d --- /dev/null +++ b/source/core/rng/trng @@ -0,0 +1 @@ +Subproject commit 953909d18796c1caea35263eb902b1dd7021d92d diff --git a/source/core/rng/vndecorrelator b/source/core/rng/vndecorrelator new file mode 160000 index 0000000..49e388c --- /dev/null +++ b/source/core/rng/vndecorrelator @@ -0,0 +1 @@ +Subproject commit 49e388c3dadcaabe1e4e66a37fcd52b2f125c1dc diff --git a/source/core/util/mkmif b/source/core/util/mkmif new file mode 160000 index 0000000..fd1dd73 --- /dev/null +++ b/source/core/util/mkmif @@ -0,0 +1 @@ +Subproject commit fd1dd73410ba6ca3d082ff61e4b39d6e8c2de35e diff --git a/source/debian/compat b/source/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/source/debian/compat @@ -0,0 +1 @@ +9 diff --git a/source/debian/control b/source/debian/control new file mode 100644 index 0000000..8ae25b9 --- /dev/null +++ b/source/debian/control @@ -0,0 +1,14 @@ +Source: cryptech-alpha +Maintainer: APT Builder Robot +Section: misc +Priority: optional +Standards-Version: 3.9.6 +Build-Depends: debhelper (>= 9), libsqlite3-0, libsqlite3-dev, python (>= 2.7), python-yaml +Homepage: http://trac.cryptech.is/wiki + +Package: cryptech-alpha +Architecture: any +Depends: libc6 (>= 2.13), ${misc:Depends}, libsqlite3-0 +Description: Cryptech open-source crypto software + "cryptech-alpha" contains software for use with the Cryptech Project + "Alpha" development board. diff --git a/source/debian/copyright b/source/debian/copyright new file mode 100644 index 0000000..ec25460 --- /dev/null +++ b/source/debian/copyright @@ -0,0 +1,27 @@ +Copyright (c) 2015-2016, NORDUnet A/S All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: +- Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +- Neither the name of the NORDUnet nor the names of its contributors may + be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS +IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/source/debian/rules b/source/debian/rules new file mode 100755 index 0000000..2d33f6a --- /dev/null +++ b/source/debian/rules @@ -0,0 +1,4 @@ +#!/usr/bin/make -f + +%: + dh $@ diff --git a/source/debian/source/format b/source/debian/source/format new file mode 100644 index 0000000..89ae9db --- /dev/null +++ b/source/debian/source/format @@ -0,0 +1 @@ +3.0 (native) diff --git a/source/sw/libhal b/source/sw/libhal new file mode 160000 index 0000000..709a71c --- /dev/null +++ b/source/sw/libhal @@ -0,0 +1 @@ +Subproject commit 709a71c0030225ba08cddf5227a1c67c2dbb4176 diff --git a/source/sw/pkcs11 b/source/sw/pkcs11 new file mode 160000 index 0000000..3118c13 --- /dev/null +++ b/source/sw/pkcs11 @@ -0,0 +1 @@ +Subproject commit 3118c1384c46140269033ea63faa6ebca9a3af5a diff --git a/source/sw/stm32 b/source/sw/stm32 new file mode 160000 index 0000000..0d25f92 --- /dev/null +++ b/source/sw/stm32 @@ -0,0 +1 @@ +Subproject commit 0d25f920c9024a3a6f994b8f17b9b28ffa6e0930 diff --git a/source/sw/thirdparty/libtfm b/source/sw/thirdparty/libtfm new file mode 160000 index 0000000..269fc4e --- /dev/null +++ b/source/sw/thirdparty/libtfm @@ -0,0 +1 @@ +Subproject commit 269fc4e58f616a2cf1c318f494ec18a52991da8c diff --git a/source/user/ft/libcli b/source/user/ft/libcli new file mode 160000 index 0000000..54c6b86 --- /dev/null +++ b/source/user/ft/libcli @@ -0,0 +1 @@ +Subproject commit 54c6b8649b1a13e69a908c96e8d4d19cf8d72845 -- cgit v1.2.3