aboutsummaryrefslogtreecommitdiff
path: root/GNUmakefile
diff options
context:
space:
mode:
Diffstat (limited to 'GNUmakefile')
-rw-r--r--GNUmakefile168
1 files changed, 154 insertions, 14 deletions
diff --git a/GNUmakefile b/GNUmakefile
index 2a11683..e7b272d 100644
--- a/GNUmakefile
+++ b/GNUmakefile
@@ -1,4 +1,4 @@
-# Copyright (c) 2015, NORDUnet A/S
+# Copyright (c) 2015-2016, NORDUnet A/S
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
@@ -27,39 +27,179 @@
# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-INC = hal.h
+# Number of static hash and HMAC state blocks to allocate.
+# Numbers pulled out of a hat, just testing.
+
+STATIC_HASH_STATE_BLOCKS = 10
+STATIC_HMAC_STATE_BLOCKS = 4
+STATIC_PKEY_STATE_BLOCKS = 6
+
+INC = hal.h hal_internal.h
LIB = libhal.a
-OBJ = ${IO_OBJ} core.o csprng.o hash.o aes_keywrap.o pbkdf2.o \
- modexp.o rsa.o ecdsa.o asn1.o errorstrings.o
-IO_OBJ_EIM = hal_io_eim.o novena-eim.o
-IO_OBJ_I2C = hal_io_i2c.o
+OBJ = errorstrings.o rsa.o ecdsa.o asn1.o ${CORE_OBJ} ${IO_OBJ} ${RPC_OBJ} ${KS_OBJ}
+CORE_OBJ := core.o csprng.o hash.o aes_keywrap.o pbkdf2.o modexp.o
+
+USAGE = "usage: make [IO_BUS=eim|i2c|fmc] [RPC_CLIENT=local|remote|mixed] [RPC_SERVER=yes] [KS=mmap|volatile|flash]"
+
+# I/O bus to the FPGA
+#
+# IO_BUS = eim | i2c | fmc
+# eim: EIM bus from Novena
+# i2c: older I2C bus from Novena
+# fmc: FMC bus from dev-bridge board
+
+IO_BUS ?= eim
+ifeq (${IO_BUS},eim)
+ IO_OBJ = hal_io_eim.o novena-eim.o
+else ifeq (${IO_BUS},i2c)
+ IO_OBJ = hal_io_i2c.o
+else ifeq (${IO_BUS},fmc)
+ IO_OBJ = hal_io_fmc.o
+endif
+
+# If we're building for STM32, position-independent code leads to some
+# hard-to-debug function pointer errors. OTOH, if we're building for Linux
+# (even on the Novena), we want to make it possible to build a shared library.
+
+ifneq (${IO_BUS},fmc)
+ CFLAGS += -fPIC
+endif
+
+# RPC_CLIENT = local | remote | mixed
+# local: Build for Novena or dev-bridge, access FPGA cores directly.
+# remote: Build for other host, communicate with RPC server.
+# mixed: Do hashing locally in software, other functions remotely.
+#
+# RPC_SERVER = yes
+#
+# RPC_TRANSPORT = loopback | serial
+# loopback: communicate over loopback socket on Novena
+# serial: communicate over USB in serial pass-through mode
+
+RPC_CORE_OBJ = rpc_hash.o rpc_misc.o rpc_pkey.o
+
+ifdef RPC_SERVER
+ RPC_SERVER_OBJ = rpc_server.o rpc_api.o ${RPC_CORE_OBJ}
+ RPC_TRANSPORT ?= serial
+endif
+
+ifdef RPC_CLIENT
+ RPC_CLIENT_OBJ = rpc_client.o rpc_api.o
+ ifeq (${RPC_CLIENT},local)
+ RPC_CLIENT_OBJ += ${RPC_CORE_OBJ}
+ else
+ CFLAGS += -DHAL_RSA_USE_MODEXP=0
+ RPC_TRANSPORT ?= serial
+ ifeq (${RPC_CLIENT},mixed)
+ RPC_CLIENT_OBJ += rpc_hash.o hash.o
+ endif
+ ifndef RPC_SERVER
+ # If we're only building a remote RPC client lib, don't include
+ # the modules that access the FPGA cores.
+ CORE_OBJ :=
+ IO_OBJ :=
+ endif
+ endif
+endif
-# Default I/O bus is EIM, override this to use I2C instead
-IO_OBJ = ${IO_OBJ_EIM}
+ifdef RPC_TRANSPORT
+ RPC_TRANSPORT_OBJ = xdr.o
+ ifeq (${RPC_TRANSPORT},loopback)
+ ifdef RPC_SERVER
+ RPC_TRANSPORT_OBJ += rpc_server_loopback.o
+ endif
+ ifdef RPC_CLIENT
+ RPC_TRANSPORT_OBJ += rpc_client_loopback.o
+ endif
+ else ifeq (${RPC_TRANSPORT},serial)
+ RPC_TRANSPORT_OBJ += slip.o
+ ifdef RPC_SERVER
+ RPC_TRANSPORT_OBJ += rpc_server_serial.o
+ endif
+ ifdef RPC_CLIENT
+ RPC_TRANSPORT_OBJ += rpc_client_serial.o
+ endif
+ endif
+endif
+
+RPC_OBJ = ${RPC_SERVER_OBJ} ${RPC_CLIENT_OBJ} ${RPC_TRANSPORT_OBJ}
+
+# RPC client locality, for rpc_client.c. This has to be kept in sync with
+# hal_internal.h. Yeah, it's ugly, but the C preprocessor can only
+# compare integers, not strings.
+
+ifeq (${RPC_CLIENT},local)
+ RPC_CLIENT_FLAG = 0
+else ifeq (${RPC_CLIENT},remote)
+ RPC_CLIENT_FLAG = 1
+else ifeq (${RPC_CLIENT},mixed)
+ RPC_CLIENT_FLAG = 2
+endif
+ifdef RPC_CLIENT_FLAG
+CFLAGS += -DRPC_CLIENT=${RPC_CLIENT_FLAG}
+endif
+
+# The mmap and flash keystore implementations are both server code.
+#
+# The volatile keystore (conventional memory) is client code, to
+# support using the same API for things like PKCS #11 "session" objects.
+#
+# Default at the moment is mmap, since that should work on the Novena
+# and we haven't yet written the flash code for the bridge board.
+
+KS_OBJ = ks.o
+KS ?= mmap
+ifeq (${KS},mmap)
+ KS_OBJ += ks_mmap.o
+else ifeq (${KS},volatile)
+ KS_OBJ += ks_volatile.o
+else ifeq (${KS},flash)
+ KS_OBJ += ks_flash.o
+endif
TFMDIR := $(abspath ../thirdparty/libtfm)
-CFLAGS += -g3 -Wall -fPIC -std=c99 -I${TFMDIR}
+CFLAGS += -g3 -Wall -std=c99 -I${TFMDIR}
LDFLAGS := -g3 -L${TFMDIR} -ltfm
+CFLAGS += -DHAL_STATIC_HASH_STATE_BLOCKS=${STATIC_HASH_STATE_BLOCKS}
+CFLAGS += -DHAL_STATIC_HMAC_STATE_BLOCKS=${STATIC_HMAC_STATE_BLOCKS}
+CFLAGS += -DHAL_STATIC_PKEY_STATE_BLOCKS=${STATIC_PKEY_STATE_BLOCKS}
+
all: ${LIB}
cd tests; ${MAKE} CFLAGS='${CFLAGS} -I..' LDFLAGS='${LDFLAGS}' $@
+ifneq (${CORE_OBJ},)
cd utils; ${MAKE} CFLAGS='${CFLAGS} -I..' LDFLAGS='${LDFLAGS}' $@
+endif
+
+client:
+ ${MAKE} RPC_CLIENT=remote
+
+mixed:
+ ${MAKE} RPC_CLIENT=mixed
+
+server:
+ ${MAKE} RPC_SERVER=yes
+
+loopback:
+ ${MAKE} RPC_CLIENT=remote RPC_SERVER=yes RPC_TRANSPORT=loopback
${OBJ}: ${INC}
${LIB}: ${OBJ}
${AR} rcs $@ $^
-asn1.o rsa.o ecdsa.o: asn1_internal.h
-
-ecdsa.o: ecdsa_curves.h
+asn1.o rsa.o ecdsa.o: asn1_internal.h
+ecdsa.o: ecdsa_curves.h
+novena-eim.o hal_io_eim.o: novena-eim.h
+slip.o rpc_client_serial.o rpc_server_serial.o: slip_internal.h
test: all
+ export RPC_CLIENT RPC_SERVER
cd tests; ${MAKE} -k $@
clean:
- rm -f ${OBJ} ${LIB}
+ rm -f *.o ${LIB}
cd tests; ${MAKE} $@
cd utils; ${MAKE} $@
@@ -68,5 +208,5 @@ distclean: clean
tags: TAGS
-TAGS: *.[ch] tests/*.[ch]
+TAGS: *.[ch] tests/*.[ch] utils/*.[ch]
etags $^