RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00
Code Releases Activity
152ffe6db9
RIOT/pkg/tinydtls/Makefile.include
Leandro Lanzieri 531367a9a2
pkg/tinydtls: enforce the selection of a crypto secure PRNG 
Also add a sanity checks on the prng_ modules.
2020-08-21 08:39:34 +02:00

93 lines
3.4 KiB
Makefile
Raw Blame History

PKG_BUILDDIR ?= $(PKGDIRBASE)/tinydtls
INCLUDES += -I$(PKG_BUILDDIR)
ifeq ($(TOOLCHAIN), llvm)
CFLAGS += -Wno-gnu-zero-variadic-macro-arguments -Wno-unused-function
endif
INCLUDES += -I$(RIOTBASE)/pkg/tinydtls/include
INCLUDES += -I$(PKG_BUILDDIR)
# Mandatory for tinyDTLS
CFLAGS += -DDTLSv12 -DWITH_SHA256
# Check that the used PRNG implementation is cryptographically secure
CRYPTO_SECURE_IMPLEMENTATIONS := prng_sha256prng prng_sha1prng prng_hwrng
USED_PRNG_IMPLEMENTATIONS := $(filter prng_%,$(USEMODULE))
ifeq (,$(filter $(CRYPTO_SECURE_IMPLEMENTATIONS),$(USEMODULE)))
$(info TinyDTLS needs a cryptographically secure implementation of the PRNG module.)
$(info Currently using: $(USED_PRNG_IMPLEMENTATIONS))
$(error Please use one of: $(CRYPTO_SECURE_IMPLEMENTATIONS))
endif
# Dependencies partially under control of the App's requirements
# The configuration for socket overrides Sock
ifeq (,$(filter posix_sockets,$(USEMODULE)))
CFLAGS += -DWITH_RIOT_GNRC
endif
# Default cipher suite when not using Kconfig
ifeq (,$(CONFIG_KCONFIG_PKG_TINYDTLS))
# NOTE: PSK should be enabled by default BUT if the user define any other cipher
# suite(s) it should not be enabled.
# TODO: Create the flag DTLS_CIPHERS with keywords PSK, ECC (and future)
PSK_ENABLED := $(or $(filter -DCONFIG_DTLS_PSK,$(CFLAGS)), $(filter -DDTLS_PSK,$(CFLAGS)))
ECC_ENABLED := $(or $(filter -DCONFIG_DTLS_ECC,$(CFLAGS)), $(filter -DDTLS_ECC,$(CFLAGS)))
ifeq (, $(or $(PSK_ENABLED),$(ECC_ENABLED)))
CFLAGS += -DCONFIG_DTLS_PSK
endif
endif
ifneq (,$(filter -DDTLS_DEBUG,$(CFLAGS)))
# For backwards compability. This can be removed after release 2020.10
$(warning Warning! DTLS_DEBUG is deprecated use CONFIG_DTLS_DEBUG)
CFLAGS += -DCONFIG_DTLS_DEBUG
endif
ifneq (,$(or $(CONFIG_DTLS_DEBUG),$(filter -DCONFIG_DTLS_DEBUG,$(CFLAGS))))
CFLAGS += -DTINYDTLS_LOG_LVL=6
else
CFLAGS += -DTINYDTLS_LOG_LVL=0
endif
# For now contrib only contains sock_dtls adaption
ifneq (,$(filter tinydtls_sock_dtls,$(USEMODULE)))
DIRS += $(RIOTBASE)/pkg/tinydtls/contrib
endif
# Translate 'CONFIG_' options to package specific flags. This checks if the
# option is being set via Kconfig or CFLAGS
ifneq (,$(filter -DDTLS_PSK,$(CFLAGS)))
# For backwards compability. This can be removed after release 2020.10
$(warning Warning! DTLS_PSK is deprecated use CONFIG_DTLS_PSK)
CFLAGS += -DCONFIG_DTLS_PSK
endif
ifneq (,$(or $(CONFIG_DTLS_PSK),$(filter -DCONFIG_DTLS_PSK,$(CFLAGS))))
CFLAGS += -DDTLS_PSK
endif
ifneq (,$(filter -DDTLS_ECC,$(CFLAGS)))
# For backwards compability. This can be removed after release 2020.10
$(warning Warning! DTLS_ECC is deprecated use CONFIG_DTLS_ECC)
CFLAGS += -DCONFIG_DTLS_ECC
endif
ifneq (,$(or $(CONFIG_DTLS_ECC),$(filter -DCONFIG_DTLS_ECC,$(CFLAGS))))
CFLAGS += -DDTLS_ECC
endif
CONTEXT_MAX := $(or $(CONFIG_DTLS_CONTEXT_MAX),$(patsubst -DCONFIG_DTLS_CONTEXT_MAX=%,%,$(filter -DCONFIG_DTLS_CONTEXT_MAX=%,$(CFLAGS))))
ifneq (,$(CONTEXT_MAX))
CFLAGS += -DDTLS_CONTEXT_MAX=$(CONTEXT_MAX)
endif
PEER_MAX := $(or $(CONFIG_DTLS_PEER_MAX),$(patsubst -DCONFIG_DTLS_PEER_MAX=%,%,$(filter -DCONFIG_DTLS_PEER_MAX=%,$(CFLAGS))))
ifneq (,$(PEER_MAX))
CFLAGS += -DDTLS_PEER_MAX=$(PEER_MAX)
endif
HANDSHAKE_MAX := $(or $(CONFIG_DTLS_HANDSHAKE_MAX),$(patsubst -DCONFIG_DTLS_HANDSHAKE_MAX=%,%,$(filter -DCONFIG_DTLS_HANDSHAKE_MAX=%,$(CFLAGS))))
ifneq (,$(HANDSHAKE_MAX))
CFLAGS += -DDTLS_HANDSHAKE_MAX=$(HANDSHAKE_MAX)
endif
View Git Blame Copy Permalink