1 files changed, 112 insertions, 0 deletions
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..e2b3c43
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,112 @@
+# Cryptech project makefile for Cryptlib.  This is a work in progress.
+
+# The one thing that must be configured here is which Hardware
+# Adaption Layer ("HAL") to build into Cryptlib.  Due to the need to
+# support different Cryptech configurations on different boards, it's
+# not really possible to provide a single HAL which supports all
+# Cryptech configurations in a sane way, so you have to pick one.
+# This makefile provides a default, but you can override it by
+# providing a value for the CRYPTECH_HAL makefile variable on the
+# command line, or by setting the CRYPTECH_HAL environment variable
+# (explicit argument overrides environment variable, see GNU make
+# documentation for details).
+
+ifndef CRYPTECH_HAL
+  CRYPTECH_HAL := src/cryptech_novena_eim_trng.c
+endif
+
+# RNG hack defaults to enabled if we're building the TRNG, disabled
+# otherwise.  This is a kludge, do better later.
+
+ifndef CRYPTECH_RANDOM
+  CRYPTECH_RANDOM := $(and $(findstring trng,${CRYPTECH_HAL}),src/cryptech_random.c)
+endif
+
+ifndef CRYPTECH_DEBUG
+  CRYPTECH_DEBUG := yes
+endif
+
+# Notes on the option settings we use when building cryptlib:
+#
+# - Python extension modules need to be position-independent code.  We
+#   could handle this by building cryptlib as a shared library, but
+#   for the moment it's simpler to force even the static library to
+#   use position independent code.  Works with gcc and clang, anyway,
+#   which are the only compilers we care about at the moment.
+#
+# - Point of the exercise is a hardware device, and we want the full
+#   set of SHA-2 digests.
+#
+# - See config.h for other options we might want to add here.  In
+#   particular, USE_ECDH, USE_ECDSA, and USE_GCM all touch on subjects
+#   that came up during the early Cryptech design discussions.
+
+################################################################
+
+# From here down is not intended to be user-servicable.  Tinker to
+# your heart's content, but don't complain if it breaks.
+
+LIB = build/libcl.a
+
+PYTHONPATH = $(firstword $(wildcard build/bindings/build/lib.*))
+
+SED_COMMAND := -e '/^CFLAGS/s=$$= -fPIC -DUSE_SHA2_EXT -DUSE_HARDWARE -DUSE_DEVICES -DNO_THREADS='
+
+ifeq "${CRYPTECH_DEBUG}" "yes"
+  SED_COMMAND += -e 's=-DNDEBUG==g' -e 's=-O2==g' -e '/^CFLAGS	/s,^.*$$,CFLAGS = $$(CFLAGS_DEBUG),'
+endif
+
+ifneq "$(strip ${CRYPTECH_HAL})" ""
+  SED_COMMAND += -e 's=device/hw_dummy=../$(basename ${CRYPTECH_HAL})=g' -e 's=hw_dummy=$(notdir $(basename ${CRYPTECH_HAL}))=g'
+ifneq "$(findstring i2c,${CRYPTECH_HAL})" ""
+  SED_CMD_SETUP := -e "s='cl'='cl', 'cryptech_i2c'="
+else
+  SED_CMD_SETUP := -e "s='cl'='cl', 'cryptech'="
+endif
+endif
+
+ifneq "$(strip ${CRYPTECH_RANDOM})" ""
+  SED_COMMAND += -e 's=random/unix=../$(basename ${CRYPTECH_RANDOM})=g' -e 's=unix\.o=$(notdir $(basename ${CRYPTECH_RANDOM})).o=g'
+endif
+
+all: build/makefile.ready
+	cd build; ${MAKE} debug
+	@${MAKE} python-bindings
+
+clean:
+	rm -rf build
+
+build/makefile.ready: GNUmakefile dist/cl342.zip
+	rm -rf build
+	mkdir build
+	cd build; unzip -a ../dist/cl342.zip
+	sed <build/makefile >build/makefile.cryptech ${SED_COMMAND}
+	mv build/makefile.cryptech build/makefile
+	sed <build/bindings/setup.py >build/bindings/setup.py.cryptech ${SED_CMD_SETUP}
+	mv build/bindings/setup.py.cryptech build/bindings/setup.py
+	touch $@
+
+ifeq "${PYTHONPATH}" ""
+
+  python-bindings:
+	cd build/bindings; python setup.py build
+
+else
+
+  python-bindings: ${PYTHONPATH}/cryptlib_py.so
+
+  ${PYTHONPATH}/cryptlib_py.so: ${LIB}
+	cd build/bindings; python setup.py build --force
+
+endif
+
+test: all
+	@${MAKE} run-tests
+
+run-tests:
+	for script in tests/*.py; do echo Running $$script; PYTHONPATH=${PYTHONPATH} python $$script; done
+
+tags: TAGS
+
+TAGS: build/makefile.ready
+	find src build -type f -name '*.[ch]' | etags -