diff options
-rw-r--r-- | GNUmakefile | 117 | ||||
-rw-r--r-- | tests/GNUmakefile | 28 |
2 files changed, 69 insertions, 76 deletions
diff --git a/GNUmakefile b/GNUmakefile index 04efc1f..b5f1f2b 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -39,32 +39,28 @@ LIB = libhal.a # Error checking on known control options, some of which allow the user entirely too much rope. -USAGE := "usage: ${MAKE} [IO_BUS=eim|i2c|fmc] [RPC_CLIENT=none|local|remote|mixed] [RPC_SERVER=no|yes] [KS=volatile|mmap|flash] [RPC_TRANSPORT=none|loopback|serial|daemon] [MODEXP_CORE=no|yes]" +USAGE := "usage: ${MAKE} [IO_BUS=eim|i2c|fmc] [RPC_MODE=none|server|client-simple|client-mixed] [KS=volatile|mmap|flash] [RPC_TRANSPORT=none|loopback|serial|daemon] [MODEXP_CORE=no|yes]" IO_BUS ?= eim -KS ?= mmap -RPC_CLIENT ?= none -RPC_SERVER ?= $(if $(filter local,${RPC_CLIENT}),yes,no) +KS ?= volatile +RPC_MODE ?= none RPC_TRANSPORT ?= daemon MODEXP_CORE ?= no ifeq (,$(and \ - $(filter none eim i2c fmc ,${IO_BUS}),\ - $(filter none local remote mixed ,${RPC_CLIENT}),\ - $(filter no yes ,${RPC_SERVER}),\ - $(filter volatile mmap flash ,${KS}),\ - $(filter none loopback serial daemon ,${RPC_TRANSPORT}),\ - $(filter no yes ,${MODEXP_CORE}))) + $(filter none eim i2c fmc ,${IO_BUS}),\ + $(filter none server client-simple client-mixed ,${RPC_MODE}),\ + $(filter volatile mmap flash ,${KS}),\ + $(filter none loopback serial daemon ,${RPC_TRANSPORT}),\ + $(filter no yes ,${MODEXP_CORE}))) $(error ${USAGE}) endif -ifneq (${RPC_SERVER},$(if $(filter local,${RPC_CLIENT}),yes,no)) - $(error RPC_SERVER=yes is probably only useful with RPC_CLIENT=local) -endif +$(info Building libhal with configuration IO_BUS=${IO_BUS} RPC_MODE=${RPC_MODE} KS=${KS} RPC_TRANSPORT=${RPC_TRANSPORT} MODEXP_CORE=${MODEXP_CORE}) # Whether the RSA code should use the ModExp | ModExpS6 | ModExpA7 core. -ifeq (${MODEXP_CORE},yes) +ifeq "${MODEXP_CORE}" "yes" RSA_USE_MODEXP_CORE := 1 else RSA_USE_MODEXP_CORE := 0 @@ -86,16 +82,16 @@ CORE_OBJ = core.o csprng.o pbkdf2.o aes_keywrap.o modexp.o mkmif.o ${IO_OBJ} # I/O bus to the FPGA # # IO_BUS = none | eim | i2c | fmc -# none: no FPGA I/O bus -# eim: EIM bus from Novena -# i2c: older I2C bus from Novena -# fmc: FMC bus from dev-bridge and alpha boards +# none: No FPGA I/O bus +# eim: EIM bus from Novena +# i2c: Older I2C bus from Novena +# fmc: FMC bus from dev-bridge and alpha boards -ifeq (${IO_BUS},eim) +ifeq "${IO_BUS}" "eim" IO_OBJ = hal_io_eim.o novena-eim.o -else ifeq (${IO_BUS},i2c) +else ifeq "${IO_BUS}" "i2c" IO_OBJ = hal_io_i2c.o -else ifeq (${IO_BUS},fmc) +else ifeq "${IO_BUS}" "fmc" IO_OBJ = hal_io_fmc.o endif @@ -103,7 +99,7 @@ endif # hard-to-debug function pointer errors. OTOH, if we're building for Linux # (even on the Novena), we want to make it possible to build a shared library. -ifneq (${IO_BUS},fmc) +ifneq "${IO_BUS}" "fmc" CFLAGS += -fPIC endif @@ -117,71 +113,67 @@ endif KS_OBJ = ks.o -ifeq (${KS},mmap) +ifeq "${KS}" "mmap" KS_OBJ += ks_mmap.o -else ifeq (${KS},volatile) +else ifeq "${KS}" "volatile" KS_OBJ += ks_volatile.o -else ifeq (${KS},flash) +else ifeq "${KS}" "flash" KS_OBJ += ks_flash.o endif -# RPC_CLIENT = none | local | remote | mixed -# none: Build without RPC client -# local: Build for Novena or dev-bridge, access FPGA cores directly. -# remote: Build for other host, communicate with RPC server. -# mixed: Do hashing locally in software, other functions remotely. -# -# RPC_SERVER = no | yes +# RPC_MODE = none | server | client-simple | client-mixed +# none: Build without RPC client, use cores directly. +# server: Build for server side of RPC (HSM), use cores directly. +# client-simple: Build for other host, communicate with cores via RPC server. +# client-mixed: Like client-simple but do hashing locally in software and +# support a local keystore (for PKCS #11 public keys, etc) # # RPC_TRANSPORT = loopback | serial | daemon -# loopback: communicate over loopback socket on Novena -# serial: communicate over USB in serial pass-through mode -# daemon: communicate over USB via a daemon, to arbitrate multiple clients +# loopback: Communicate over loopback socket on Novena +# serial: Communicate over USB in serial pass-through mode +# daemon: Communicate over USB via a daemon, to arbitrate multiple clients # -# RPC client locality flags passed here via CFLAGS are tested as -# integers in the C preprocessor, so the symbols we pass must be -# defined as macros in the C code, not enum tokens. +# Note that RPC_MODE setting also controls the RPC_CLIENT setting passed to the C +# preprocessor via CFLAGS. Whatever we pass here must evaluate to an integer in +# the C preprocessor: we can use symbolic names so long as they're defined as macros +# in the C code, but we can't use things like C enum symbols. -ifneq (${RPC_CLIENT},none) +ifneq "${RPC_MODE}" "none" OBJ += rpc_api.o xdr.o endif -ifeq (${RPC_TRANSPORT},serial) +ifeq "${RPC_TRANSPORT}" "serial" OBJ += slip.o endif RPC_CLIENT_OBJ = rpc_client.o -ifeq (${RPC_TRANSPORT},loopback) +ifeq "${RPC_TRANSPORT}" "loopback" RPC_CLIENT_OBJ += rpc_client_loopback.o -else ifeq (${RPC_TRANSPORT},serial) +else ifeq "${RPC_TRANSPORT}" "serial" RPC_CLIENT_OBJ += rpc_client_serial.o -else ifeq (${RPC_TRANSPORT},daemon) +else ifeq "${RPC_TRANSPORT}" "daemon" RPC_CLIENT_OBJ += rpc_client_daemon.o endif RPC_DISPATCH_OBJ = rpc_hash.o rpc_misc.o rpc_pkey.o RPC_SERVER_OBJ = rpc_server.o -ifeq (${RPC_TRANSPORT},loopback) +ifeq "${RPC_TRANSPORT}" "loopback" RPC_SERVER_OBJ += rpc_server_loopback.o -else ifeq (${RPC_TRANSPORT},serial) +else ifeq "${RPC_TRANSPORT}" "serial" RPC_SERVER_OBJ += rpc_server_serial.o endif -ifeq (${RPC_SERVER},yes) - OBJ += ${RPC_SERVER_OBJ} -endif - -ifeq (${RPC_CLIENT},none) +ifeq "${RPC_MODE}" "none" OBJ += ${CORE_OBJ} CFLAGS += -DHAL_RSA_USE_MODEXP=${RSA_USE_MODEXP_CORE} -else ifeq (${RPC_CLIENT},local) - OBJ += ${CORE_OBJ} ${RPC_CLIENT_OBJ} ${RPC_DISPATCH_OBJ} +else ifeq "${RPC_MODE}" "server" + OBJ += ${CORE_OBJ} ${RPC_SERVER_OBJ} ${RPC_CLIENT_OBJ} ${RPC_DISPATCH_OBJ} CFLAGS += -DRPC_CLIENT=RPC_CLIENT_LOCAL -DHAL_RSA_USE_MODEXP=${RSA_USE_MODEXP_CORE} -else ifeq (${RPC_CLIENT},remote) +else ifeq "${RPC_MODE}" "client-simple" OBJ += ${RPC_CLIENT_OBJ} CFLAGS += -DRPC_CLIENT=RPC_CLIENT_REMOTE -DHAL_RSA_USE_MODEXP=0 -else ifeq (${RPC_CLIENT},mixed) +else ifeq "${RPC_MODE}" "client-mixed" OBJ += ${RPC_CLIENT_OBJ} ${RPC_DISPATCH_OBJ} CFLAGS += -DRPC_CLIENT=RPC_CLIENT_MIXED -DHAL_RSA_USE_MODEXP=0 KS = volatile @@ -199,24 +191,17 @@ all: ${LIB} cd tests; ${MAKE} CFLAGS='${CFLAGS} -I..' LDFLAGS='${LDFLAGS}' $@ cd utils; ${MAKE} CFLAGS='${CFLAGS} -I..' LDFLAGS='${LDFLAGS}' $@ -local: - ${MAKE} RPC_CLIENT=local RPC_TRANSPORT=none - client: - ${MAKE} RPC_CLIENT=remote + ${MAKE} RPC_MODE=client-simple mixed: - ${MAKE} RPC_CLIENT=mixed KS=volatile + ${MAKE} RPC_MODE=client-mixed server: - ${MAKE} RPC_SERVER=yes - -loopback: - ${MAKE} RPC_CLIENT=remote RPC_SERVER=yes RPC_TRANSPORT=loopback + ${MAKE} RPC_MODE=server daemon: cryptech_rpcd -# ${MAKE} RPC_CLIENT=mixed RPC_TRANSPORT=daemon - ${MAKE} RPC_CLIENT=remote RPC_TRANSPORT=daemon + ${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon cryptech_rpcd: daemon.o slip.o rpc_serial.o xdr.o ${CC} ${CFLAGS} -o $@ $^ ${LDFLAGS} @@ -236,7 +221,7 @@ last_gasp_pin_internal.h: ./utils/last_gasp_default_pin >$@ test: all - export RPC_CLIENT RPC_SERVER + export RPC_MODE cd tests; ${MAKE} -k $@ clean: diff --git a/tests/GNUmakefile b/tests/GNUmakefile index 5e2b3ea..f4299a0 100644 --- a/tests/GNUmakefile +++ b/tests/GNUmakefile @@ -32,16 +32,24 @@ LIB = ../libhal.a # Which tests to build depends on how the library was compiled. -ifeq (${RPC_SERVER},yes) - BIN += test-rpc_server -endif +CORE_TESTS = test-aes-key-wrap test-hash test-pbkdf2 test-ecdsa test-bus test-trng test-rsa test-mkmif +SERVER_TESTS = test-rpc_server +CLIENT_TESTS = test-rpc_hash test-rpc_pkey test-rpc_get_version test-rpc_get_random -ifeq (${RPC_CLIENT},none) - BIN += test-aes-key-wrap test-hash test-pbkdf2 test-ecdsa test-bus test-trng test-rsa -endif +ALL_TESTS = ${CORE_TESTS} ${SERVER_TESTS} ${CLIENT_TESTS} + +ifeq "${RPC_MODE}" "none" + + BIN += ${CORE_TESTS} + +else ifeq "${RPC_MODE}" "server" + + BIN += ${CORE_TESTS} ${SERVER_TESTS} + +else + + BIN += ${CLIENT_TESTS} -ifeq (${RPC_CLIENT},local) - BIN += test-rpc_hash test-rpc_pkey test-rpc_get_version test-rpc_get_random endif CFLAGS = -g3 -Wall -fPIC -std=c99 -I.. @@ -51,8 +59,8 @@ all: ${BIN} test: all for i in ${BIN}; do (set -x; ./$$i); done -clean: - rm -f *.o ${BIN} +clean distclean: + rm -f *.o ${ALL_TESTS} ${BIN}: %: %.o ${LIB} ${CC} ${CFLAGS} -o $@ $^ ${LDFLAGS} |