From 95009f48e05d06fb77a9127731d7f5f2de489055 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sat, 13 Dec 2014 13:38:50 -0500 Subject: Add code to use Cryptech TRNG in place of Cryptlib's default entropy sources. This may need further attention, particularly once we start working with buses other than the current I2C kludge. --- GNUmakefile | 36 +++++++++++++++++++++++++++++------- 1 file changed, 29 insertions(+), 7 deletions(-) (limited to 'GNUmakefile') diff --git a/GNUmakefile b/GNUmakefile index aed7b4a..9742a8f 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -12,7 +12,18 @@ # documentation for details). ifndef CRYPTECH_HAL - CRYPTECH_HAL := src/cryptech_novena_i2c_simple.c + CRYPTECH_HAL := src/cryptech_novena_i2c_trng.c +endif + +# RNG hack defaults to enabled if we're building the TRNG, disabled +# otherwise. This is a kludge, do better later. + +ifndef CRYPTECH_RANDOM + CRYPTECH_RANDOM := $(and $(findstring trng,${CRYPTECH_HAL}),src/cryptech_random.c) +endif + +ifndef CRYPTECH_DEBUG + CRYPTECH_DEBUG := yes endif # Notes on the option settings we use when building cryptlib: @@ -39,8 +50,22 @@ LIB = build/libcl.a PYTHONPATH = $(firstword $(wildcard build/bindings/build/lib.*)) +SED_COMMAND := -e '/^CFLAGS/s=$$= -fPIC -DUSE_SHA2_EXT -DUSE_HARDWARE -DUSE_DEVICES -DNO_THREADS=' + +ifeq "${CRYPTECH_DEBUG}" "yes" + SED_COMMAND += -e 's=-DNDEBUG==g' -e 's=-O2==g' -e '/^CFLAGS /s,^.*$$,CFLAGS = $$(CFLAGS_DEBUG),' +endif + +ifneq "$(strip ${CRYPTECH_HAL})" "" + SED_COMMAND += -e 's=device/hw_dummy=../$(basename ${CRYPTECH_HAL})=g' -e 's=hw_dummy=$(notdir $(basename ${CRYPTECH_HAL}))=g' +endif + +ifneq "$(strip ${CRYPTECH_RANDOM})" "" + SED_COMMAND += -e 's=random/unix=../$(basename ${CRYPTECH_RANDOM})=g' -e 's=unix\.o=$(notdir $(basename ${CRYPTECH_RANDOM})).o=g' +endif + all: build/makefile.ready - cd build; ${MAKE} + cd build; ${MAKE} debug @${MAKE} python-bindings clean: @@ -50,14 +75,11 @@ build/makefile.ready: GNUmakefile dist/cl342.zip rm -rf build mkdir build cd build; unzip -a ../dist/cl342.zip - sed build/makefile.cryptech \ - -e 's=device/hw_dummy=../$(basename ${CRYPTECH_HAL})=g' \ - -e 's=hw_dummy=$(notdir $(basename ${CRYPTECH_HAL}))=g' \ - -e '/^CFLAGS/s=$$= -fPIC -DUSE_SHA2_EXT -DUSE_HARDWARE -DUSE_DEVICES=' + sed build/makefile.cryptech ${SED_COMMAND} mv build/makefile.cryptech build/makefile touch $@ -ifeq (,${PYTHONPATH}) +ifeq "${PYTHONPATH}" "" python-bindings: cd build/bindings; python setup.py build -- cgit v1.2.3