Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 13ce264da084b31b577bd422df434dcffe3546e7 / . / Android.bp
blob: ffd6ea2f1c876c0b8c97369c0801b5e0cb0b0716 [file] [log] [blame]
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]1// Copyright (C) 2014 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// libkeymaster_messages contains just the code necessary to communicate with a
16// AndroidKeymaster implementation, e.g. one running in TrustZone.
17cc_library_shared {
18 name: "libkeymaster_messages",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]19 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]20 vndk: {
21 enabled: true,
22 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]23 srcs: [
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]24 "android_keymaster/android_keymaster_messages.cpp",
25 "android_keymaster/android_keymaster_utils.cpp",
26 "android_keymaster/authorization_set.cpp",
27 "android_keymaster/keymaster_tags.cpp",
28 "android_keymaster/logger.cpp",
29 "android_keymaster/serializable.cpp",
30 "android_keymaster/keymaster_stl.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]31 ],
Yifan Hongf0b39bb2017-04-18 17:07:58 -0700[diff] [blame]32 header_libs: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]33 cflags: [
34 "-Wall",
35 "-Werror",
36 "-Wunused",
37 "-DKEYMASTER_NAME_TAGS",
38 ],
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]39 stl: "none",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]40 clang: true,
41 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
42 // Currently, if enabled, these flags will cause an internal error in Clang.
43 clang_cflags: ["-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"],
44
45 export_include_dirs: ["include"],
46
47}
48
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]49// libkeymaster_portable contains almost everything needed for a keymaster
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]50// implementation, lacking only a subclass of the (abstract) KeymasterContext
51// class to provide environment-specific services and a wrapper to translate from
52// the function-based keymaster HAL API to the message-based AndroidKeymaster API.
53cc_library_shared {
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]54 name: "libkeymaster_portable",
Janis Danisevskiscf3763f2017-05-03 00:22:06 +0000[diff] [blame]55 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]56 vndk: {
57 enabled: true,
58 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]59 srcs: [
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]60 "km_openssl/aes_key.cpp",
61 "km_openssl/aes_operation.cpp",
62 "km_openssl/asymmetric_key.cpp",
63 "km_openssl/asymmetric_key_factory.cpp",
64 "km_openssl/attestation_record.cpp",
65 "km_openssl/ecdsa_operation.cpp",
66 "km_openssl/ec_key.cpp",
67 "km_openssl/ec_key_factory.cpp",
68 "km_openssl/hmac_key.cpp",
69 "km_openssl/hmac_operation.cpp",
70 "km_openssl/openssl_err.cpp",
71 "km_openssl/openssl_utils.cpp",
72 "km_openssl/rsa_key.cpp",
73 "km_openssl/rsa_key_factory.cpp",
74 "km_openssl/rsa_operation.cpp",
Janis Danisevskis41d5a742017-05-12 10:43:12 -0700[diff] [blame]75 "km_openssl/software_random_source.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]76 "km_openssl/symmetric_key.cpp",
77 "android_keymaster/android_keymaster.cpp",
78 "android_keymaster/android_keymaster_messages.cpp",
79 "android_keymaster/android_keymaster_utils.cpp",
80 "android_keymaster/authorization_set.cpp",
81 "android_keymaster/keymaster_enforcement.cpp",
82 "android_keymaster/keymaster_tags.cpp",
83 "android_keymaster/logger.cpp",
84 "android_keymaster/operation.cpp",
85 "android_keymaster/operation_table.cpp",
86 "android_keymaster/serializable.cpp",
87 "android_keymaster/keymaster_stl.cpp",
88 "key_blob_utils/auth_encrypted_key_blob.cpp",
89 "key_blob_utils/ocb.c",
90 "key_blob_utils/ocb_utils.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]91 ],
92
93 shared_libs: [
94 "libcrypto",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]95 ],
Yifan Hong19f07e72017-06-07 15:54:19 -0700[diff] [blame]96 header_libs: ["libhardware_headers"],
97 export_header_lib_headers: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]98 cflags: [
99 "-Wall",
100 "-Werror",
101 "-Wunused",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]102 "-DBORINGSSL_NO_CXX",
103 ],
104 // NOTE: libkeymaster_portable must run unchanged in the trusty runtime environment.
105 // Therefore, it must not link against any c++ stl library. keymaster_stl.cpp
106 // weakly defines the subset of stl symbols required for this library to work
107 // and which are also available in the trusty context.
108 stl: "none",
109 clang: true,
110 clang_cflags: [
111 "-Wno-error=unused-const-variable",
112 "-Wno-error=unused-private-field",
113 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
114 // Currently, if enabled, these flags will cause an internal error in Clang.
115 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
116 ],
117
118 export_include_dirs: ["include"],
119
120}
121
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]122// libkeymaster_staging adds to libkeymaster_portable code that is needed by the softkeymaster device
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]123// to implement keymaster. This is sort of a staging area for functionality that may move
124// to libkeymaster_portalbe eventually. Unlike libkeymaster_portable, this library can use c++ stl
125// headers, but modules should avoid it if they are to be moved to libkeymaster_portable.
126cc_library_shared {
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]127 name: "libkeymaster_staging",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]128 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]129 vndk: {
130 enabled: true,
131 },
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]132 srcs: [
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]133 "km_openssl/ecies_kem.cpp",
134 "km_openssl/hkdf.cpp",
135 "km_openssl/hmac.cpp",
136 "km_openssl/iso18033kdf.cpp",
137 "km_openssl/kdf.cpp",
138 "km_openssl/nist_curve_key_exchange.cpp",
139 "key_blob_utils/integrity_assured_key_blob.cpp",
Janis Danisevskisfe671b62017-05-31 13:25:54 -0700[diff] [blame]140 "key_blob_utils/software_keyblobs.cpp",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]141 ],
142
143 shared_libs: [
144 "libcrypto",
145 "libkeymaster_portable",
146 "libkeymaster_messages",
147 ],
148 cflags: [
149 "-Wall",
150 "-Werror",
151 "-Wunused",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]152 ],
153 clang: true,
154 clang_cflags: [
155 "-Wno-error=unused-const-variable",
156 "-Wno-error=unused-private-field",
157 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
158 // Currently, if enabled, these flags will cause an internal error in Clang.
159 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
160 ],
161
162 export_include_dirs: ["include"],
163
164}
165
166// libsoftkeymaster provides a software-based keymaster HAL implementation.
167// This is used by keystore as a fallback for when the hardware keymaster does
168// not support the request.
Tri Vo0b674d02017-08-04 13:00:33 -0700[diff] [blame]169cc_library {
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]170 name: "libsoftkeymasterdevice",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]171 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]172 vndk: {
173 enabled: true,
174 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]175 srcs: [
Janis Danisevskis3bfda162017-05-12 13:10:41 -0700[diff] [blame]176 "android_keymaster/keymaster_configuration.cpp",
177 "km_openssl/attestation_utils.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]178 "legacy_support/ec_keymaster0_key.cpp",
179 "legacy_support/ec_keymaster1_key.cpp",
180 "legacy_support/ecdsa_keymaster1_operation.cpp",
181 "legacy_support/keymaster0_engine.cpp",
182 "legacy_support/keymaster1_engine.cpp",
183 "legacy_support/rsa_keymaster0_key.cpp",
184 "legacy_support/rsa_keymaster1_key.cpp",
185 "legacy_support/rsa_keymaster1_operation.cpp",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]186 "legacy_support/keymaster1_legacy_support.cpp",
Janis Danisevskis3bfda162017-05-12 13:10:41 -0700[diff] [blame]187 "contexts/soft_attestation_cert.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]188 "contexts/soft_keymaster_context.cpp",
189 "contexts/soft_keymaster_device.cpp",
Janis Danisevskis1455d2e2017-05-11 10:56:27 -0700[diff] [blame]190 "km_openssl/soft_keymaster_enforcement.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]191 "contexts/soft_keymaster_logger.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]192 ],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]193 cflags: [
194 "-Wall",
195 "-Werror",
196 "-Wunused",
197 ],
198 clang: true,
199 clang_cflags: [
200 "-Wno-error=unused-const-variable",
201 "-Wno-error=unused-private-field",
202 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
203 // Currently, if enabled, these flags will cause an internal error in Clang.
204 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
205 ],
206
207 shared_libs: [
208 "libkeymaster_messages",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]209 "libkeymaster_portable",
Janis Danisevskis2bf1d592017-05-04 14:02:05 -0700[diff] [blame]210 "libkeymaster_staging",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]211 "liblog",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]212 "libbase",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]213 "libcrypto",
214 "libcutils",
215 ],
216
217 export_include_dirs: ["include"],
218}
219
Janis Danisevskis1f8b1c92017-05-08 11:24:41 -0700[diff] [blame]220cc_library_shared {
221 name: "libpuresoftkeymasterdevice",
222 vendor_available: true,
223 vndk: {
224 enabled: true,
225 },
226 srcs: [
227 "km_openssl/attestation_utils.cpp",
228 "android_keymaster/keymaster_configuration.cpp",
229 "contexts/soft_attestation_cert.cpp",
230 "contexts/pure_soft_keymaster_context.cpp",
231 "contexts/soft_keymaster_logger.cpp",
232 "km_openssl/soft_keymaster_enforcement.cpp",
233 ],
234 cflags: [
235 "-Wall",
236 "-Werror",
237 "-Wunused",
238 ],
239 clang: true,
240 clang_cflags: [
241 "-Wno-error=unused-const-variable",
242 "-Wno-error=unused-private-field",
243 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
244 // Currently, if enabled, these flags will cause an internal error in Clang.
245 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
246 ],
247
248 shared_libs: [
249 "libkeymaster_messages",
250 "libkeymaster_portable",
251 "libkeymaster_staging",
252 "liblog",
253 "libcrypto",
254 "libcutils",
255 ],
256
257 export_include_dirs: ["include"],
258}
259
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]260cc_library_shared {
261 name: "libkeymaster3device",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]262 vendor_available: true,
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]263 srcs: [
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]264 "legacy_support/keymaster_passthrough_key.cpp",
265 "legacy_support/keymaster_passthrough_engine.cpp",
266 "legacy_support/keymaster_passthrough_operation.cpp",
267 "contexts/keymaster1_passthrough_context.cpp",
268 "contexts/keymaster2_passthrough_context.cpp",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]269 "ng/AndroidKeymaster3Device.cpp",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]270 "android_keymaster/keymaster_configuration.cpp",
271 "km_openssl/attestation_utils.cpp",
272 "legacy_support/ec_keymaster0_key.cpp",
273 "legacy_support/ec_keymaster1_key.cpp",
274 "legacy_support/ecdsa_keymaster1_operation.cpp",
275 "legacy_support/keymaster0_engine.cpp",
276 "legacy_support/keymaster1_engine.cpp",
277 "legacy_support/keymaster1_legacy_support.cpp",
278 "legacy_support/rsa_keymaster0_key.cpp",
279 "legacy_support/rsa_keymaster1_key.cpp",
280 "legacy_support/rsa_keymaster1_operation.cpp",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]281 ],
282 cflags: [
283 "-Wall",
284 "-Werror",
285 "-Wunused",
286 ],
287 clang: true,
288 clang_cflags: [
289 "-Wno-error=unused-const-variable",
290 "-Wno-error=unused-private-field",
291 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
292 // Currently, if enabled, these flags will cause an internal error in Clang.
293 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
294 ],
295
296 shared_libs: [
297 "libkeymaster_messages",
298 "android.hardware.keymaster@3.0",
299 "libcrypto",
300 "libcutils",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]301 "libbase",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]302 "libhidlbase",
303 "libhidltransport",
304 "libkeymaster_portable",
305 "libkeymaster_staging",
306 "libpuresoftkeymasterdevice",
307 "liblog",
308 "libutils",
309 ],
310
311 export_include_dirs: ["include", "ng/include"],
312}
313
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]314// libkeymasterfiles is an empty library that exports all of the files in keymaster as includes.
315cc_library_static {
316 name: "libkeymasterfiles",
317 export_include_dirs: [
318 ".",
319 "include",
320 ],
321}