diff options
author | Nir Sonnenschein <nir.sonnenschein@arm.com> | 2018-08-29 10:20:12 +0300 |
---|---|---|
committer | Nir Sonnenschein <nir.sonnenschein@arm.com> | 2018-08-29 10:20:12 +0300 |
commit | b7ebbcaa2cdee4b63ac2649e696f99b65327e109 (patch) | |
tree | 6cf9c9ced6cab01182c5f2c84b02d4f30917ac48 /Makefile | |
parent | ce266e4ca221fca99f5af2d582476e71bf071d5b (diff) | |
download | mbedtls-b7ebbcaa2cdee4b63ac2649e696f99b65327e109.zip mbedtls-b7ebbcaa2cdee4b63ac2649e696f99b65327e109.tar.gz mbedtls-b7ebbcaa2cdee4b63ac2649e696f99b65327e109.tar.bz2 |
compile time warning of 128bit ctr_drbg keys and standardized warnings
a compile time print was added warning in case of 128bit ctr_drbg keys.
This was don't to avoid an actual warning in these cases
(making build with warnings as errors possible).
Additional warnings on the Changelog/headers were set to use the same phrasing
phrasing was approved by Gilles and Janos.
Diffstat (limited to 'Makefile')
-rw-r--r-- | Makefile | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -61,9 +61,21 @@ NULL_ENTROPY_WARN_L3=**** AND IS *NOT* SUITABLE FOR PRODUCTION USE ****\n NULL_ENTROPY_WARNING=\n$(WARNING_BORDER)$(NULL_ENTROPY_WARN_L1)$(NULL_ENTROPY_WARN_L2)$(NULL_ENTROPY_WARN_L3)$(WARNING_BORDER) +WARNING_BORDER_LONG =**********************************************************************************\n +CTR_DRBG_128_BIT_KEY_WARN_L1=**** WARNING! MBEDTLS_CTR_DRBG_USE_128_BIT_KEY defined! ****\n +CTR_DRBG_128_BIT_KEY_WARN_L2=**** Using 128-bit keys for CTR_DRBG limits the security of generated ****\n +CTR_DRBG_128_BIT_KEY_WARN_L3=**** keys and operations that use random values generated to 128-bit security ****\n + +CTR_DRBG_128_BIT_KEY_WARNING=\n$(WARNING_BORDER_LONG)$(CTR_DRBG_128_BIT_KEY_WARN_L1)$(CTR_DRBG_128_BIT_KEY_WARN_L2)$(CTR_DRBG_128_BIT_KEY_WARN_L3)$(WARNING_BORDER_LONG) + # Post build steps post_build: ifndef WINDOWS + + # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning + -scripts/config.pl get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY && ([ $$? -eq 0 ]) && \ + echo '$(CTR_DRBG_128_BIT_KEY_WARNING)' + # If NULL Entropy is configured, display an appropriate warning -scripts/config.pl get MBEDTLS_TEST_NULL_ENTROPY && ([ $$? -eq 0 ]) && \ echo '$(NULL_ENTROPY_WARNING)' |