Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 335949a09d1feb9dd3d294e3efd58536a8e51be4 / . / Android.bp
blob: 260208f8982c74d2f0e586e9f1edff9b48b8a990 [file] [log] [blame]
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]1// Copyright (C) 2014 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// libkeymaster_messages contains just the code necessary to communicate with a
16// AndroidKeymaster implementation, e.g. one running in TrustZone.
17cc_library_shared {
18 name: "libkeymaster_messages",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]19 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]20 vndk: {
21 enabled: true,
22 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]23 srcs: [
24 "android_keymaster_messages.cpp",
25 "android_keymaster_utils.cpp",
26 "authorization_set.cpp",
27 "keymaster_tags.cpp",
28 "logger.cpp",
29 "serializable.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]30 "keymaster_stl.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]31 ],
Yifan Hongf0b39bb2017-04-18 17:07:58 -0700[diff] [blame]32 header_libs: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]33 cflags: [
34 "-Wall",
35 "-Werror",
36 "-Wunused",
37 "-DKEYMASTER_NAME_TAGS",
38 ],
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]39 stl: "none",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]40 clang: true,
Nick Bray335949a2018-03-20 11:02:53 -0700[diff] [blame^]41 clang_cflags: [
42 "-Wimplicit-fallthrough",
43 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
44 // Currently, if enabled, these flags will cause an internal error in Clang.
45 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
46 ],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]47
48 export_include_dirs: ["include"],
Ivan Lozanodbca6582018-01-12 13:11:12 -0800[diff] [blame]49 sanitize: {
50 integer_overflow: false,
51 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]52}
53
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]54// libkeymaster_portable contains almost everything needed for a keymaster
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]55// implementation, lacking only a subclass of the (abstract) KeymasterContext
56// class to provide environment-specific services and a wrapper to translate from
57// the function-based keymaster HAL API to the message-based AndroidKeymaster API.
58cc_library_shared {
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]59 name: "libkeymaster_portable",
Janis Danisevskiscf3763f2017-05-03 00:22:06 +0000[diff] [blame]60 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]61 vndk: {
62 enabled: true,
63 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]64 srcs: [
65 "aes_key.cpp",
66 "aes_operation.cpp",
67 "android_keymaster.cpp",
68 "android_keymaster_messages.cpp",
69 "android_keymaster_utils.cpp",
70 "asymmetric_key.cpp",
71 "asymmetric_key_factory.cpp",
72 "attestation_record.cpp",
73 "auth_encrypted_key_blob.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]74 "authorization_set.cpp",
75 "ecdsa_operation.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]76 "ec_key.cpp",
77 "ec_key_factory.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]78 "hmac_key.cpp",
79 "hmac_operation.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]80 "key.cpp",
81 "keymaster_enforcement.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]82 "keymaster_tags.cpp",
83 "logger.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]84 "ocb.c",
85 "ocb_utils.cpp",
86 "openssl_err.cpp",
87 "openssl_utils.cpp",
88 "operation.cpp",
89 "operation_table.cpp",
90 "rsa_key.cpp",
91 "rsa_key_factory.cpp",
92 "rsa_operation.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]93 "serializable.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]94 "symmetric_key.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]95 "keymaster_stl.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]96 ],
97
98 shared_libs: [
99 "libcrypto",
100 "libkeymaster_messages",
101 ],
Yifan Hong19f07e72017-06-07 15:54:19 -0700[diff] [blame]102 header_libs: ["libhardware_headers"],
103 export_header_lib_headers: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]104 cflags: [
105 "-Wall",
106 "-Werror",
107 "-Wunused",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]108 "-DBORINGSSL_NO_CXX",
109 ],
110 // NOTE: libkeymaster_portable must run unchanged in the trusty runtime environment.
111 // Therefore, it must not link against any c++ stl library. keymaster_stl.cpp
112 // weakly defines the subset of stl symbols required for this library to work
113 // and which are also available in the trusty context.
114 stl: "none",
115 clang: true,
116 clang_cflags: [
117 "-Wno-error=unused-const-variable",
118 "-Wno-error=unused-private-field",
Nick Bray335949a2018-03-20 11:02:53 -0700[diff] [blame^]119 "-Wimplicit-fallthrough",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]120 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
121 // Currently, if enabled, these flags will cause an internal error in Clang.
122 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
123 ],
124
125 export_include_dirs: ["include"],
126
Ivan Lozanodbca6582018-01-12 13:11:12 -0800[diff] [blame]127 sanitize: {
128 integer_overflow: false,
129 },
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]130}
131
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]132// libkeymaster_staging adds to libkeymaster_portable code that is needed by the softkeymaster device
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]133// to implement keymaster. This is sort of a staging area for functionality that may move
134// to libkeymaster_portalbe eventually. Unlike libkeymaster_portable, this library can use c++ stl
135// headers, but modules should avoid it if they are to be moved to libkeymaster_portable.
136cc_library_shared {
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]137 name: "libkeymaster_staging",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]138 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]139 vndk: {
140 enabled: true,
141 },
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]142 srcs: [
143 "ecies_kem.cpp",
144 "hkdf.cpp",
145 "hmac.cpp",
146 "integrity_assured_key_blob.cpp",
147 "iso18033kdf.cpp",
148 "kdf.cpp",
149 "nist_curve_key_exchange.cpp",
150 ],
151
152 shared_libs: [
153 "libcrypto",
154 "libkeymaster_portable",
155 "libkeymaster_messages",
156 ],
157 cflags: [
158 "-Wall",
159 "-Werror",
160 "-Wunused",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]161 ],
162 clang: true,
163 clang_cflags: [
164 "-Wno-error=unused-const-variable",
165 "-Wno-error=unused-private-field",
166 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
167 // Currently, if enabled, these flags will cause an internal error in Clang.
168 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
169 ],
170
171 export_include_dirs: ["include"],
172
173}
174
175// libsoftkeymaster provides a software-based keymaster HAL implementation.
176// This is used by keystore as a fallback for when the hardware keymaster does
177// not support the request.
Tri Vo0b674d02017-08-04 13:00:33 -0700[diff] [blame]178cc_library {
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]179 name: "libsoftkeymasterdevice",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]180 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]181 vndk: {
182 enabled: true,
183 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]184 srcs: [
185 "ec_keymaster0_key.cpp",
186 "ec_keymaster1_key.cpp",
187 "ecdsa_keymaster1_operation.cpp",
188 "keymaster0_engine.cpp",
189 "keymaster1_engine.cpp",
190 "keymaster_configuration.cpp",
191 "rsa_keymaster0_key.cpp",
192 "rsa_keymaster1_key.cpp",
193 "rsa_keymaster1_operation.cpp",
194 "soft_keymaster_context.cpp",
195 "soft_keymaster_device.cpp",
196 "soft_keymaster_logger.cpp",
197 ],
198 include_dirs: ["system/security/keystore"],
199 cflags: [
200 "-Wall",
201 "-Werror",
202 "-Wunused",
203 ],
204 clang: true,
205 clang_cflags: [
206 "-Wno-error=unused-const-variable",
207 "-Wno-error=unused-private-field",
208 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
209 // Currently, if enabled, these flags will cause an internal error in Clang.
210 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
211 ],
212
213 shared_libs: [
214 "libkeymaster_messages",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]215 "libkeymaster_portable",
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]216 "libkeymaster_staging",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]217 "liblog",
218 "libcrypto",
219 "libcutils",
220 ],
221
222 export_include_dirs: ["include"],
223}
224
225// libkeymasterfiles is an empty library that exports all of the files in keymaster as includes.
226cc_library_static {
227 name: "libkeymasterfiles",
228 export_include_dirs: [
229 ".",
230 "include",
231 ],
232}