diff options
Diffstat (limited to 'GNUmakefile')
| -rw-r--r-- | GNUmakefile | 168 |
1 files changed, 154 insertions, 14 deletions
diff --git a/GNUmakefile b/GNUmakefile index 2a11683..e7b272d 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -1,4 +1,4 @@ -# Copyright (c) 2015, NORDUnet A/S +# Copyright (c) 2015-2016, NORDUnet A/S # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -27,39 +27,179 @@ # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -INC = hal.h +# Number of static hash and HMAC state blocks to allocate. +# Numbers pulled out of a hat, just testing. + +STATIC_HASH_STATE_BLOCKS = 10 +STATIC_HMAC_STATE_BLOCKS = 4 +STATIC_PKEY_STATE_BLOCKS = 6 + +INC = hal.h hal_internal.h LIB = libhal.a -OBJ = ${IO_OBJ} core.o csprng.o hash.o aes_keywrap.o pbkdf2.o \ - modexp.o rsa.o ecdsa.o asn1.o errorstrings.o -IO_OBJ_EIM = hal_io_eim.o novena-eim.o -IO_OBJ_I2C = hal_io_i2c.o +OBJ = errorstrings.o rsa.o ecdsa.o asn1.o ${CORE_OBJ} ${IO_OBJ} ${RPC_OBJ} ${KS_OBJ} +CORE_OBJ := core.o csprng.o hash.o aes_keywrap.o pbkdf2.o modexp.o + +USAGE = "usage: make [IO_BUS=eim|i2c|fmc] [RPC_CLIENT=local|remote|mixed] [RPC_SERVER=yes] [KS=mmap|volatile|flash]" + +# I/O bus to the FPGA +# +# IO_BUS = eim | i2c | fmc +# eim: EIM bus from Novena +# i2c: older I2C bus from Novena +# fmc: FMC bus from dev-bridge board + +IO_BUS ?= eim +ifeq (${IO_BUS},eim) + IO_OBJ = hal_io_eim.o novena-eim.o +else ifeq (${IO_BUS},i2c) + IO_OBJ = hal_io_i2c.o +else ifeq (${IO_BUS},fmc) + IO_OBJ = hal_io_fmc.o +endif + +# If we're building for STM32, position-independent code leads to some +# hard-to-debug function pointer errors. OTOH, if we're building for Linux +# (even on the Novena), we want to make it possible to build a shared library. + +ifneq (${IO_BUS},fmc) + CFLAGS += -fPIC +endif + +# RPC_CLIENT = local | remote | mixed +# local: Build for Novena or dev-bridge, access FPGA cores directly. +# remote: Build for other host, communicate with RPC server. +# mixed: Do hashing locally in software, other functions remotely. +# +# RPC_SERVER = yes +# +# RPC_TRANSPORT = loopback | serial +# loopback: communicate over loopback socket on Novena +# serial: communicate over USB in serial pass-through mode + +RPC_CORE_OBJ = rpc_hash.o rpc_misc.o rpc_pkey.o + +ifdef RPC_SERVER + RPC_SERVER_OBJ = rpc_server.o rpc_api.o ${RPC_CORE_OBJ} + RPC_TRANSPORT ?= serial +endif + +ifdef RPC_CLIENT + RPC_CLIENT_OBJ = rpc_client.o rpc_api.o + ifeq (${RPC_CLIENT},local) + RPC_CLIENT_OBJ += ${RPC_CORE_OBJ} + else + CFLAGS += -DHAL_RSA_USE_MODEXP=0 + RPC_TRANSPORT ?= serial + ifeq (${RPC_CLIENT},mixed) + RPC_CLIENT_OBJ += rpc_hash.o hash.o + endif + ifndef RPC_SERVER + # If we're only building a remote RPC client lib, don't include + # the modules that access the FPGA cores. + CORE_OBJ := + IO_OBJ := + endif + endif +endif -# Default I/O bus is EIM, override this to use I2C instead -IO_OBJ = ${IO_OBJ_EIM} +ifdef RPC_TRANSPORT + RPC_TRANSPORT_OBJ = xdr.o + ifeq (${RPC_TRANSPORT},loopback) + ifdef RPC_SERVER + RPC_TRANSPORT_OBJ += rpc_server_loopback.o + endif + ifdef RPC_CLIENT + RPC_TRANSPORT_OBJ += rpc_client_loopback.o + endif + else ifeq (${RPC_TRANSPORT},serial) + RPC_TRANSPORT_OBJ += slip.o + ifdef RPC_SERVER + RPC_TRANSPORT_OBJ += rpc_server_serial.o + endif + ifdef RPC_CLIENT + RPC_TRANSPORT_OBJ += rpc_client_serial.o + endif + endif +endif + +RPC_OBJ = ${RPC_SERVER_OBJ} ${RPC_CLIENT_OBJ} ${RPC_TRANSPORT_OBJ} + +# RPC client locality, for rpc_client.c. This has to be kept in sync with +# hal_internal.h. Yeah, it's ugly, but the C preprocessor can only +# compare integers, not strings. + +ifeq (${RPC_CLIENT},local) + RPC_CLIENT_FLAG = 0 +else ifeq (${RPC_CLIENT},remote) + RPC_CLIENT_FLAG = 1 +else ifeq (${RPC_CLIENT},mixed) + RPC_CLIENT_FLAG = 2 +endif +ifdef RPC_CLIENT_FLAG +CFLAGS += -DRPC_CLIENT=${RPC_CLIENT_FLAG} +endif + +# The mmap and flash keystore implementations are both server code. +# +# The volatile keystore (conventional memory) is client code, to +# support using the same API for things like PKCS #11 "session" objects. +# +# Default at the moment is mmap, since that should work on the Novena +# and we haven't yet written the flash code for the bridge board. + +KS_OBJ = ks.o +KS ?= mmap +ifeq (${KS},mmap) + KS_OBJ += ks_mmap.o +else ifeq (${KS},volatile) + KS_OBJ += ks_volatile.o +else ifeq (${KS},flash) + KS_OBJ += ks_flash.o +endif TFMDIR := $(abspath ../thirdparty/libtfm) -CFLAGS += -g3 -Wall -fPIC -std=c99 -I${TFMDIR} +CFLAGS += -g3 -Wall -std=c99 -I${TFMDIR} LDFLAGS := -g3 -L${TFMDIR} -ltfm +CFLAGS += -DHAL_STATIC_HASH_STATE_BLOCKS=${STATIC_HASH_STATE_BLOCKS} +CFLAGS += -DHAL_STATIC_HMAC_STATE_BLOCKS=${STATIC_HMAC_STATE_BLOCKS} +CFLAGS += -DHAL_STATIC_PKEY_STATE_BLOCKS=${STATIC_PKEY_STATE_BLOCKS} + all: ${LIB} cd tests; ${MAKE} CFLAGS='${CFLAGS} -I..' LDFLAGS='${LDFLAGS}' $@ +ifneq (${CORE_OBJ},) cd utils; ${MAKE} CFLAGS='${CFLAGS} -I..' LDFLAGS='${LDFLAGS}' $@ +endif + +client: + ${MAKE} RPC_CLIENT=remote + +mixed: + ${MAKE} RPC_CLIENT=mixed + +server: + ${MAKE} RPC_SERVER=yes + +loopback: + ${MAKE} RPC_CLIENT=remote RPC_SERVER=yes RPC_TRANSPORT=loopback ${OBJ}: ${INC} ${LIB}: ${OBJ} ${AR} rcs $@ $^ -asn1.o rsa.o ecdsa.o: asn1_internal.h - -ecdsa.o: ecdsa_curves.h +asn1.o rsa.o ecdsa.o: asn1_internal.h +ecdsa.o: ecdsa_curves.h +novena-eim.o hal_io_eim.o: novena-eim.h +slip.o rpc_client_serial.o rpc_server_serial.o: slip_internal.h test: all + export RPC_CLIENT RPC_SERVER cd tests; ${MAKE} -k $@ clean: - rm -f ${OBJ} ${LIB} + rm -f *.o ${LIB} cd tests; ${MAKE} $@ cd utils; ${MAKE} $@ @@ -68,5 +208,5 @@ distclean: clean tags: TAGS -TAGS: *.[ch] tests/*.[ch] +TAGS: *.[ch] tests/*.[ch] utils/*.[ch] etags $^ |