Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 00a498f92a21f1412873527ea02a267cc7dd9816 / . / Android.bp
blob: 37d9818d62dd531c84f1d9fa1f9e1779fbf33a3e [file] [log] [blame]
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]1// Copyright (C) 2014 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// libkeymaster_messages contains just the code necessary to communicate with a
16// AndroidKeymaster implementation, e.g. one running in TrustZone.
17cc_library_shared {
18 name: "libkeymaster_messages",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]19 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame^]20 vndk: {
21 enabled: true,
22 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]23 srcs: [
24 "android_keymaster_messages.cpp",
25 "android_keymaster_utils.cpp",
26 "authorization_set.cpp",
27 "keymaster_tags.cpp",
28 "logger.cpp",
29 "serializable.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]30 "keymaster_stl.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]31 ],
Yifan Hongf0b39bb2017-04-18 17:07:58 -0700[diff] [blame]32 header_libs: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]33 cflags: [
34 "-Wall",
35 "-Werror",
36 "-Wunused",
37 "-DKEYMASTER_NAME_TAGS",
38 ],
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]39 stl: "none",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]40 clang: true,
41 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
42 // Currently, if enabled, these flags will cause an internal error in Clang.
43 clang_cflags: ["-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"],
44
45 export_include_dirs: ["include"],
46
47}
48
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]49// libkeymaster_portable contains almost everything needed for a keymaster
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]50// implementation, lacking only a subclass of the (abstract) KeymasterContext
51// class to provide environment-specific services and a wrapper to translate from
52// the function-based keymaster HAL API to the message-based AndroidKeymaster API.
53cc_library_shared {
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]54 name: "libkeymaster_portable",
Janis Danisevskiscf3763f2017-05-03 00:22:06 +0000[diff] [blame]55 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame^]56 vndk: {
57 enabled: true,
58 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]59 srcs: [
60 "aes_key.cpp",
61 "aes_operation.cpp",
62 "android_keymaster.cpp",
63 "android_keymaster_messages.cpp",
64 "android_keymaster_utils.cpp",
65 "asymmetric_key.cpp",
66 "asymmetric_key_factory.cpp",
67 "attestation_record.cpp",
68 "auth_encrypted_key_blob.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]69 "authorization_set.cpp",
70 "ecdsa_operation.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]71 "ec_key.cpp",
72 "ec_key_factory.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]73 "hmac_key.cpp",
74 "hmac_operation.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]75 "key.cpp",
76 "keymaster_enforcement.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]77 "keymaster_tags.cpp",
78 "logger.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]79 "ocb.c",
80 "ocb_utils.cpp",
81 "openssl_err.cpp",
82 "openssl_utils.cpp",
83 "operation.cpp",
84 "operation_table.cpp",
85 "rsa_key.cpp",
86 "rsa_key_factory.cpp",
87 "rsa_operation.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]88 "serializable.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]89 "symmetric_key.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]90 "keymaster_stl.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]91 ],
92
93 shared_libs: [
94 "libcrypto",
95 "libkeymaster_messages",
96 ],
Yifan Hong19f07e72017-06-07 15:54:19 -0700[diff] [blame]97 header_libs: ["libhardware_headers"],
98 export_header_lib_headers: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]99 cflags: [
100 "-Wall",
101 "-Werror",
102 "-Wunused",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]103 "-DBORINGSSL_NO_CXX",
104 ],
105 // NOTE: libkeymaster_portable must run unchanged in the trusty runtime environment.
106 // Therefore, it must not link against any c++ stl library. keymaster_stl.cpp
107 // weakly defines the subset of stl symbols required for this library to work
108 // and which are also available in the trusty context.
109 stl: "none",
110 clang: true,
111 clang_cflags: [
112 "-Wno-error=unused-const-variable",
113 "-Wno-error=unused-private-field",
114 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
115 // Currently, if enabled, these flags will cause an internal error in Clang.
116 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
117 ],
118
119 export_include_dirs: ["include"],
120
121}
122
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]123// libkeymaster_staging adds to libkeymaster_portable code that is needed by the softkeymaster device
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]124// to implement keymaster. This is sort of a staging area for functionality that may move
125// to libkeymaster_portalbe eventually. Unlike libkeymaster_portable, this library can use c++ stl
126// headers, but modules should avoid it if they are to be moved to libkeymaster_portable.
127cc_library_shared {
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]128 name: "libkeymaster_staging",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]129 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame^]130 vndk: {
131 enabled: true,
132 },
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]133 srcs: [
134 "ecies_kem.cpp",
135 "hkdf.cpp",
136 "hmac.cpp",
137 "integrity_assured_key_blob.cpp",
138 "iso18033kdf.cpp",
139 "kdf.cpp",
140 "nist_curve_key_exchange.cpp",
141 ],
142
143 shared_libs: [
144 "libcrypto",
145 "libkeymaster_portable",
146 "libkeymaster_messages",
147 ],
148 cflags: [
149 "-Wall",
150 "-Werror",
151 "-Wunused",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]152 ],
153 clang: true,
154 clang_cflags: [
155 "-Wno-error=unused-const-variable",
156 "-Wno-error=unused-private-field",
157 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
158 // Currently, if enabled, these flags will cause an internal error in Clang.
159 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
160 ],
161
162 export_include_dirs: ["include"],
163
164}
165
166// libsoftkeymaster provides a software-based keymaster HAL implementation.
167// This is used by keystore as a fallback for when the hardware keymaster does
168// not support the request.
169cc_library_shared {
170 name: "libsoftkeymasterdevice",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]171 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame^]172 vndk: {
173 enabled: true,
174 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]175 srcs: [
176 "ec_keymaster0_key.cpp",
177 "ec_keymaster1_key.cpp",
178 "ecdsa_keymaster1_operation.cpp",
179 "keymaster0_engine.cpp",
180 "keymaster1_engine.cpp",
181 "keymaster_configuration.cpp",
182 "rsa_keymaster0_key.cpp",
183 "rsa_keymaster1_key.cpp",
184 "rsa_keymaster1_operation.cpp",
185 "soft_keymaster_context.cpp",
186 "soft_keymaster_device.cpp",
187 "soft_keymaster_logger.cpp",
188 ],
189 include_dirs: ["system/security/keystore"],
190 cflags: [
191 "-Wall",
192 "-Werror",
193 "-Wunused",
194 ],
195 clang: true,
196 clang_cflags: [
197 "-Wno-error=unused-const-variable",
198 "-Wno-error=unused-private-field",
199 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
200 // Currently, if enabled, these flags will cause an internal error in Clang.
201 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
202 ],
203
204 shared_libs: [
205 "libkeymaster_messages",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]206 "libkeymaster_portable",
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]207 "libkeymaster_staging",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]208 "liblog",
209 "libcrypto",
210 "libcutils",
211 ],
212
213 export_include_dirs: ["include"],
214}
215
216// libkeymasterfiles is an empty library that exports all of the files in keymaster as includes.
217cc_library_static {
218 name: "libkeymasterfiles",
219 export_include_dirs: [
220 ".",
221 "include",
222 ],
223}