aboutsummaryrefslogtreecommitdiff
path: root/Makefile
diff options
context:
space:
mode:
Diffstat (limited to 'Makefile')
-rw-r--r--Makefile53
1 files changed, 30 insertions, 23 deletions
diff --git a/Makefile b/Makefile
index d0432f5..a2ddb10 100644
--- a/Makefile
+++ b/Makefile
@@ -33,17 +33,18 @@
STATIC_CORE_STATE_BLOCKS = 32
STATIC_HASH_STATE_BLOCKS = 10
STATIC_HMAC_STATE_BLOCKS = 4
-STATIC_PKEY_STATE_BLOCKS = 6
+STATIC_PKEY_STATE_BLOCKS = 32
+STATIC_KS_VOLATILE_SLOTS = 128
INC = hal.h hal_internal.h
LIB = libhal.a
# Error checking on known control options, some of which allow the user entirely too much rope.
-USAGE := "usage: ${MAKE} [IO_BUS=eim|i2c|fmc] [RPC_MODE=none|server|client-simple|client-mixed] [KS=volatile|mmap|flash] [RPC_TRANSPORT=none|loopback|serial|daemon] [MODEXP_CORE=no|yes]"
+USAGE := "usage: ${MAKE} [IO_BUS=eim|i2c|fmc] [RPC_MODE=none|server|client-simple|client-mixed] [KS=mmap|flash] [RPC_TRANSPORT=none|loopback|serial|daemon] [MODEXP_CORE=no|yes]"
IO_BUS ?= none
-KS ?= volatile
+KS ?= flash
RPC_MODE ?= none
RPC_TRANSPORT ?= none
MODEXP_CORE ?= no
@@ -51,7 +52,7 @@ MODEXP_CORE ?= no
ifeq (,$(and \
$(filter none eim i2c fmc ,${IO_BUS}),\
$(filter none server client-simple client-mixed ,${RPC_MODE}),\
- $(filter volatile mmap flash ,${KS}),\
+ $(filter mmap flash ,${KS}),\
$(filter none loopback serial daemon ,${RPC_TRANSPORT}),\
$(filter no yes ,${MODEXP_CORE})))
$(error ${USAGE})
@@ -73,8 +74,8 @@ endif
# makefile, so the working definition of "always want" is sometimes
# just "building this is harmless even if we don't use it."
-OBJ += errorstrings.o hash.o asn1.o ecdsa.o rsa.o ${KS_OBJ} xdr.o slip.o
-OBJ += rpc_api.o rpc_hash.o rpc_misc.o rpc_pkey.o rpc_client.o rpc_server.o
+OBJ += errorstrings.o hash.o asn1.o ecdsa.o rsa.o xdr.o slip.o
+OBJ += rpc_api.o rpc_hash.o uuid.o rpc_pkcs1.o crc32.o
# Object files to build when we're on a platform with direct access
# to our hardware (Verilog) cores.
@@ -105,22 +106,25 @@ ifneq "${IO_BUS}" "fmc"
CFLAGS += -fPIC
endif
-# The mmap and flash keystore implementations are both server code.
+# The keystore code has mutated a bit with the new API, and the Makefile,
+# probably needs more extensive changes to track that.
#
-# The volatile keystore (conventional memory) is client code, to
-# support using the same API for things like PKCS #11 "session" objects.
+# In the old world, the volatile keystore was for the client side,
+# while the flash and mmap keystores were for the server side (on the
+# Alpha and the Novena, respectively).
#
-# Default at the moment is mmap, since that should work on the Novena
-# and we haven't yet written the flash code for the bridge board.
+# In the new world, all keystores are on the server side, and the
+# volatile keystore is always present, to support things like PKCS #11
+# "session" objects.
+#
+# The mmap keystore hasn't been rewritten for the new API yet.
-KS_OBJ = ks.o
+KS_OBJ = ks_index.o ks_attribute.o ks_volatile.o
ifeq "${KS}" "mmap"
KS_OBJ += ks_mmap.o
-else ifeq "${KS}" "volatile"
- KS_OBJ += ks_volatile.o
else ifeq "${KS}" "flash"
- KS_OBJ += ks_flash.o masterkey.o
+ KS_OBJ += ks_flash.o mkm.o
endif
# RPC_MODE = none | server | client-simple | client-mixed
@@ -144,18 +148,22 @@ ifneq "${RPC_MODE}" "server"
OBJ += rpc_serial.o
endif
+RPC_CLIENT_OBJ = rpc_client.o
+
ifeq "${RPC_TRANSPORT}" "loopback"
- RPC_CLIENT_OBJ = rpc_client_loopback.o
+ RPC_CLIENT_OBJ += rpc_client_loopback.o
else ifeq "${RPC_TRANSPORT}" "serial"
- RPC_CLIENT_OBJ = rpc_client_serial.o
+ RPC_CLIENT_OBJ += rpc_client_serial.o
else ifeq "${RPC_TRANSPORT}" "daemon"
- RPC_CLIENT_OBJ = rpc_client_daemon.o
+ RPC_CLIENT_OBJ += rpc_client_daemon.o
endif
+RPC_SERVER_OBJ = ${KS_OBJ} rpc_misc.o rpc_pkey.o rpc_server.o
+
ifeq "${RPC_TRANSPORT}" "loopback"
- RPC_SERVER_OBJ = rpc_server_loopback.o
+ RPC_SERVER_OBJ += rpc_server_loopback.o
else ifeq "${RPC_TRANSPORT}" "serial"
- RPC_SERVER_OBJ = rpc_server_serial.o
+ RPC_SERVER_OBJ += rpc_server_serial.o
endif
ifeq "${RPC_MODE}" "none"
@@ -169,8 +177,7 @@ else ifeq "${RPC_MODE}" "client-simple"
CFLAGS += -DRPC_CLIENT=RPC_CLIENT_REMOTE -DHAL_RSA_USE_MODEXP=0
else ifeq "${RPC_MODE}" "client-mixed"
OBJ += ${RPC_CLIENT_OBJ}
- CFLAGS += -DRPC_CLIENT=RPC_CLIENT_MIXED -DHAL_RSA_USE_MODEXP=0 -DHAL_ONLY_USE_SOFTWARE_HASH_CORES=1
- KS = volatile
+ CFLAGS += -DRPC_CLIENT=RPC_CLIENT_MIXED -DHAL_RSA_USE_MODEXP=0
endif
ifndef CRYPTECH_ROOT
@@ -234,7 +241,7 @@ asn1.o rsa.o ecdsa.o: asn1_internal.h
ecdsa.o: ecdsa_curves.h
novena-eim.o hal_io_eim.o: novena-eim.h
slip.o rpc_client_serial.o rpc_server_serial.o: slip_internal.h
-ks.o: last_gasp_pin_internal.h
+ks_flash.o: last_gasp_pin_internal.h
last_gasp_pin_internal.h:
./utils/last_gasp_default_pin >$@