1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
# Cryptech project makefile for Cryptlib. This is a work in progress.
# The one thing that must be configured here is which Hardware
# Adaption Layer ("HAL") to build into Cryptlib. Due to the need to
# support different Cryptech configurations on different boards, it's
# not really possible to provide a single HAL which supports all
# Cryptech configurations in a sane way, so you have to pick one.
# This makefile provides a default, but you can override it by
# providing a value for the CRYPTECH_HAL makefile variable on the
# command line, or by setting the CRYPTECH_HAL environment variable
# (explicit argument overrides environment variable, see GNU make
# documentation for details).
ifndef CRYPTECH_HAL
CRYPTECH_HAL := src/cryptech_novena_i2c_trng.c
endif
# RNG hack defaults to enabled if we're building the TRNG, disabled
# otherwise. This is a kludge, do better later.
ifndef CRYPTECH_RANDOM
CRYPTECH_RANDOM := $(and $(findstring trng,${CRYPTECH_HAL}),src/cryptech_random.c)
endif
ifndef CRYPTECH_DEBUG
CRYPTECH_DEBUG := yes
endif
# Notes on the option settings we use when building cryptlib:
#
# - Python extension modules need to be position-independent code. We
# could handle this by building cryptlib as a shared library, but
# for the moment it's simpler to force even the static library to
# use position independent code. Works with gcc and clang, anyway,
# which are the only compilers we care about at the moment.
#
# - Point of the exercise is a hardware device, and we want the full
# set of SHA-2 digests.
#
# - See config.h for other options we might want to add here. In
# particular, USE_ECDH, USE_ECDSA, and USE_GCM all touch on subjects
# that came up during the early Cryptech design discussions.
################################################################
# From here down is not intended to be user-servicable. Tinker to
# your heart's content, but don't complain if it breaks.
LIB = build/libcl.a
PYTHONPATH = $(firstword $(wildcard build/bindings/build/lib.*))
SED_COMMAND := -e '/^CFLAGS/s=$$= -fPIC -DUSE_SHA2_EXT -DUSE_HARDWARE -DUSE_DEVICES -DNO_THREADS='
ifeq "${CRYPTECH_DEBUG}" "yes"
SED_COMMAND += -e 's=-DNDEBUG==g' -e 's=-O2==g' -e '/^CFLAGS /s,^.*$$,CFLAGS = $$(CFLAGS_DEBUG),'
endif
ifneq "$(strip ${CRYPTECH_HAL})" ""
SED_COMMAND += -e 's=device/hw_dummy=../$(basename ${CRYPTECH_HAL})=g' -e 's=hw_dummy=$(notdir $(basename ${CRYPTECH_HAL}))=g'
endif
ifneq "$(strip ${CRYPTECH_RANDOM})" ""
SED_COMMAND += -e 's=random/unix=../$(basename ${CRYPTECH_RANDOM})=g' -e 's=unix\.o=$(notdir $(basename ${CRYPTECH_RANDOM})).o=g'
endif
all: build/makefile.ready
cd build; ${MAKE} debug
@${MAKE} python-bindings
clean:
rm -rf build
build/makefile.ready: GNUmakefile dist/cl342.zip
rm -rf build
mkdir build
cd build; unzip -a ../dist/cl342.zip
sed <build/makefile >build/makefile.cryptech ${SED_COMMAND}
mv build/makefile.cryptech build/makefile
touch $@
ifeq "${PYTHONPATH}" ""
python-bindings:
cd build/bindings; python setup.py build
else
python-bindings: ${PYTHONPATH}/cryptlib_py.so
${PYTHONPATH}/cryptlib_py.so: ${LIB}
cd build/bindings; python setup.py build --force
endif
test: all
@${MAKE} run-tests
run-tests:
for script in tests/*.py; do echo Running $$script; PYTHONPATH=${PYTHONPATH} python $$script; done
tags: TAGS
TAGS: build/makefile.ready
find src build -type f -name '*.[ch]' | etags -
|