Change makefile to make using libopaque as part of other libraries easier

[WorldofJARcraft]

Summary

Changes:

• added libopaque.a target
• made CFLAGS overwritable

Reasoning

For one of my projects, I include libopaque into a shared library. In order to make distribution of the library I am working on easier, I wanted to link libopaque statically. Thus, I added a libopaque.a as target in the makefile. Now I can include libopaque.a in my shared library and I only need to distribute one library.

Also, I have noticed that some of the default CFLAGS in the makefile might be problematic in two different ways. First, older gccs like 7.5 do not understand some of the flags, e.g. -fstack-clash-protection and -fcf-protection=full. Also, when distributing the library to other systems, since -march=native is used, the compiler might have used instructions that are not available on the other system, leading to SIGILL crashes. Thus, I have made the CFLAGS overwritable, so that problematic flags can be disabled by the library user.

[stef]

sounds all reasonable. good work, useful contribution!

one question, in what project are you using this?

thank you very much!

[WorldofJARcraft]

sounds all reasonable. good work, useful contribution!

one question, in what project are you using this?

thank you very much!

I work on an experimental fork of the Open-Source implementation of the RaSTA protocol, which is used as a transport protocol for reliable communication between railway infrastructure devices (e.g. signals and interlockings), https://github.com/WorldofJARcraft/rasta-protocol. The protocol usually relies on a static, long-term pre-shared key for security. I added a non-standard libopaque-based key exchange to the protocol implementation to demonstrate that an extension of the protocol that includes an augmented PAKE is possible and might be advantageous over the original protocol or tunneling the protocol over TLS.

[stef]

delicious!