PKG_BUILDDIR ?= $(PKGDIRBASE)/tinydtls INCLUDES += -I$(PKG_BUILDDIR) ifeq ($(TOOLCHAIN), llvm) CFLAGS += -Wno-gnu-zero-variadic-macro-arguments -Wno-unused-function endif INCLUDES += -I$(RIOTBASE)/pkg/tinydtls/include INCLUDES += -I$(PKG_BUILDDIR) # Mandatory for tinyDTLS CFLAGS += -DDTLSv12 -DWITH_SHA256 # Check that the used PRNG implementation is cryptographically secure CRYPTO_SECURE_IMPLEMENTATIONS := prng_sha256prng prng_sha1prng prng_hwrng USED_PRNG_IMPLEMENTATIONS := $(filter prng_%,$(USEMODULE)) ifeq (,$(filter $(CRYPTO_SECURE_IMPLEMENTATIONS),$(USEMODULE))) $(info TinyDTLS needs a cryptographically secure implementation of the PRNG module.) $(info Currently using: $(USED_PRNG_IMPLEMENTATIONS)) $(error Please use one of: $(CRYPTO_SECURE_IMPLEMENTATIONS)) endif # Dependencies partially under control of the App's requirements # The configuration for socket overrides Sock ifeq (,$(filter posix_sockets,$(USEMODULE))) CFLAGS += -DWITH_RIOT_SOCK endif # Default cipher suite when not using Kconfig ifeq (,$(CONFIG_KCONFIG_USEPKG_TINYDTLS)) # NOTE: PSK should be enabled by default BUT if the user define any other cipher # suite(s) it should not be enabled. # TODO: Create the flag DTLS_CIPHERS with keywords PSK, ECC (and future) PSK_ENABLED := $(or $(filter -DCONFIG_DTLS_PSK,$(CFLAGS)), $(filter -DDTLS_PSK,$(CFLAGS))) ECC_ENABLED := $(or $(filter -DCONFIG_DTLS_ECC,$(CFLAGS)), $(filter -DDTLS_ECC,$(CFLAGS))) ifeq (, $(or $(PSK_ENABLED),$(ECC_ENABLED))) CFLAGS += -DCONFIG_DTLS_PSK endif endif # For now contrib only contains sock_dtls adaption ifneq (,$(filter tinydtls_sock_dtls,$(USEMODULE))) DIRS += $(RIOTBASE)/pkg/tinydtls/contrib endif # Translate 'CONFIG_' options to package specific flags. This checks if the # option is being set via Kconfig or CFLAGS ifneq (,$(or $(CONFIG_DTLS_PSK),$(filter -DCONFIG_DTLS_PSK,$(CFLAGS)))) CFLAGS += -DDTLS_PSK endif ifneq (,$(or $(CONFIG_DTLS_ECC),$(filter -DCONFIG_DTLS_ECC,$(CFLAGS)))) CFLAGS += -DDTLS_ECC endif CONTEXT_MAX := $(or $(CONFIG_DTLS_CONTEXT_MAX),$(patsubst -DCONFIG_DTLS_CONTEXT_MAX=%,%,$(filter -DCONFIG_DTLS_CONTEXT_MAX=%,$(CFLAGS)))) ifneq (,$(CONTEXT_MAX)) CFLAGS += -DDTLS_CONTEXT_MAX=$(CONTEXT_MAX) endif PEER_MAX := $(or $(CONFIG_DTLS_PEER_MAX),$(patsubst -DCONFIG_DTLS_PEER_MAX=%,%,$(filter -DCONFIG_DTLS_PEER_MAX=%,$(CFLAGS)))) ifneq (,$(PEER_MAX)) CFLAGS += -DDTLS_PEER_MAX=$(PEER_MAX) else ifneq (,$(filter gcoap_dtls,$(USEMODULE))) # The default value in sys/include/net/dtls.h for CONFIG_DTLS_PEER_MAX is 2 # when gcoap_dtls is active, otherwise 1. As the default in tinydtls is 1, # we need to set it explicitly if the dtls.h default value deviates from # the tinydtls default. CFLAGS += -DDTLS_PEER_MAX=2 endif HANDSHAKE_MAX := $(or $(CONFIG_DTLS_HANDSHAKE_MAX),$(patsubst -DCONFIG_DTLS_HANDSHAKE_MAX=%,%,$(filter -DCONFIG_DTLS_HANDSHAKE_MAX=%,$(CFLAGS)))) ifneq (,$(HANDSHAKE_MAX)) CFLAGS += -DDTLS_HANDSHAKE_MAX=$(HANDSHAKE_MAX) endif DTLS_MAX_BUF ?= 200 CFLAGS += "-DDTLS_MAX_BUF=$(DTLS_MAX_BUF)"