Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / refs/heads/android10-mainline-resolv-release / . / Android.bp
blob: c3ab92466fcc575166298f6572bd2e71cff31e01 [file] [log] [blame]
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]1// Copyright (C) 2014 The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15// libkeymaster_messages contains just the code necessary to communicate with a
16// AndroidKeymaster implementation, e.g. one running in TrustZone.
17cc_library_shared {
18 name: "libkeymaster_messages",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]19 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]20 vndk: {
21 enabled: true,
22 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]23 srcs: [
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]24 "android_keymaster/android_keymaster_messages.cpp",
25 "android_keymaster/android_keymaster_utils.cpp",
26 "android_keymaster/authorization_set.cpp",
27 "android_keymaster/keymaster_tags.cpp",
28 "android_keymaster/logger.cpp",
29 "android_keymaster/serializable.cpp",
30 "android_keymaster/keymaster_stl.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]31 ],
Yifan Hongf0b39bb2017-04-18 17:07:58 -0700[diff] [blame]32 header_libs: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]33 cflags: [
34 "-Wall",
35 "-Werror",
36 "-Wunused",
37 "-DKEYMASTER_NAME_TAGS",
38 ],
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]39 stl: "none",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]40 clang: true,
Nick Bray335949a2018-03-20 11:02:53 -0700[diff] [blame]41 clang_cflags: [
42 "-Wimplicit-fallthrough",
43 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
44 // Currently, if enabled, these flags will cause an internal error in Clang.
45 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
46 ],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]47
48 export_include_dirs: ["include"],
Ivan Lozanoeb9d7532018-01-10 13:07:08 -0800[diff] [blame]49 sanitize: {
50 integer_overflow: false,
51 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]52}
53
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]54// libkeymaster_portable contains almost everything needed for a keymaster
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]55// implementation, lacking only a subclass of the (abstract) KeymasterContext
56// class to provide environment-specific services and a wrapper to translate from
57// the function-based keymaster HAL API to the message-based AndroidKeymaster API.
Shawn Willden25814f02018-04-02 10:55:34 -0600[diff] [blame]58cc_library {
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]59 name: "libkeymaster_portable",
Janis Danisevskiscf3763f2017-05-03 00:22:06 +0000[diff] [blame]60 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]61 vndk: {
62 enabled: true,
63 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]64 srcs: [
Shawn Willdenfb9b2a42017-12-21 12:35:06 -0700[diff] [blame]65 "android_keymaster/android_keymaster.cpp",
66 "android_keymaster/android_keymaster_messages.cpp",
67 "android_keymaster/android_keymaster_utils.cpp",
68 "android_keymaster/authorization_set.cpp",
69 "android_keymaster/keymaster_enforcement.cpp",
70 "android_keymaster/keymaster_stl.cpp",
71 "android_keymaster/keymaster_tags.cpp",
72 "android_keymaster/logger.cpp",
73 "android_keymaster/operation.cpp",
74 "android_keymaster/operation_table.cpp",
75 "android_keymaster/serializable.cpp",
76 "key_blob_utils/auth_encrypted_key_blob.cpp",
77 "key_blob_utils/integrity_assured_key_blob.cpp",
78 "key_blob_utils/ocb.c",
79 "key_blob_utils/ocb_utils.cpp",
80 "key_blob_utils/software_keyblobs.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]81 "km_openssl/aes_key.cpp",
82 "km_openssl/aes_operation.cpp",
83 "km_openssl/asymmetric_key.cpp",
84 "km_openssl/asymmetric_key_factory.cpp",
85 "km_openssl/attestation_record.cpp",
Mustafa Yigit Bilgen01a9b8b2018-11-07 16:08:08 -0800[diff] [blame]86 "km_openssl/attestation_utils.cpp",
Shawn Willdena2f1a9b2018-01-09 09:37:43 -0700[diff] [blame]87 "km_openssl/block_cipher_operation.cpp",
Shawn Willden8b940582018-01-02 10:53:39 -0700[diff] [blame]88 "km_openssl/ckdf.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]89 "km_openssl/ec_key.cpp",
90 "km_openssl/ec_key_factory.cpp",
Shawn Willdenfb9b2a42017-12-21 12:35:06 -0700[diff] [blame]91 "km_openssl/ecdsa_operation.cpp",
92 "km_openssl/ecies_kem.cpp",
93 "km_openssl/hkdf.cpp",
94 "km_openssl/hmac.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]95 "km_openssl/hmac_key.cpp",
96 "km_openssl/hmac_operation.cpp",
Shawn Willdenfb9b2a42017-12-21 12:35:06 -0700[diff] [blame]97 "km_openssl/iso18033kdf.cpp",
98 "km_openssl/kdf.cpp",
99 "km_openssl/nist_curve_key_exchange.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]100 "km_openssl/openssl_err.cpp",
101 "km_openssl/openssl_utils.cpp",
102 "km_openssl/rsa_key.cpp",
103 "km_openssl/rsa_key_factory.cpp",
104 "km_openssl/rsa_operation.cpp",
Janis Danisevskis41d5a742017-05-12 10:43:12 -0700[diff] [blame]105 "km_openssl/software_random_source.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]106 "km_openssl/symmetric_key.cpp",
Shawn Willden7efc7722018-01-08 22:00:12 -0700[diff] [blame]107 "km_openssl/triple_des_key.cpp",
108 "km_openssl/triple_des_operation.cpp",
Shawn Willdendd7e8a02018-01-12 13:03:37 -0700[diff] [blame]109 "km_openssl/wrapped_key.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]110 ],
111
112 shared_libs: [
113 "libcrypto",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]114 ],
Yifan Hong19f07e72017-06-07 15:54:19 -0700[diff] [blame]115 header_libs: ["libhardware_headers"],
116 export_header_lib_headers: ["libhardware_headers"],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]117 cflags: [
118 "-Wall",
119 "-Werror",
120 "-Wunused",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]121 "-DBORINGSSL_NO_CXX",
122 ],
123 // NOTE: libkeymaster_portable must run unchanged in the trusty runtime environment.
124 // Therefore, it must not link against any c++ stl library. keymaster_stl.cpp
125 // weakly defines the subset of stl symbols required for this library to work
126 // and which are also available in the trusty context.
127 stl: "none",
128 clang: true,
129 clang_cflags: [
130 "-Wno-error=unused-const-variable",
131 "-Wno-error=unused-private-field",
Nick Bray335949a2018-03-20 11:02:53 -0700[diff] [blame]132 "-Wimplicit-fallthrough",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]133 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
134 // Currently, if enabled, these flags will cause an internal error in Clang.
135 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
136 ],
137
138 export_include_dirs: ["include"],
Ivan Lozanoeb9d7532018-01-10 13:07:08 -0800[diff] [blame]139 sanitize: {
140 integer_overflow: false,
141 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]142}
143
144// libsoftkeymaster provides a software-based keymaster HAL implementation.
145// This is used by keystore as a fallback for when the hardware keymaster does
146// not support the request.
Tri Vo0b674d02017-08-04 13:00:33 -0700[diff] [blame]147cc_library {
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]148 name: "libsoftkeymasterdevice",
Steven Morelandd998c152017-04-18 10:25:45 -0700[diff] [blame]149 vendor_available: true,
Justin Yun00a498f2017-07-24 15:19:45 +0900[diff] [blame]150 vndk: {
151 enabled: true,
152 },
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]153 srcs: [
Janis Danisevskis3bfda162017-05-12 13:10:41 -0700[diff] [blame]154 "android_keymaster/keymaster_configuration.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]155 "legacy_support/ec_keymaster0_key.cpp",
156 "legacy_support/ec_keymaster1_key.cpp",
157 "legacy_support/ecdsa_keymaster1_operation.cpp",
158 "legacy_support/keymaster0_engine.cpp",
159 "legacy_support/keymaster1_engine.cpp",
160 "legacy_support/rsa_keymaster0_key.cpp",
161 "legacy_support/rsa_keymaster1_key.cpp",
162 "legacy_support/rsa_keymaster1_operation.cpp",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]163 "legacy_support/keymaster1_legacy_support.cpp",
Janis Danisevskis3bfda162017-05-12 13:10:41 -0700[diff] [blame]164 "contexts/soft_attestation_cert.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]165 "contexts/soft_keymaster_context.cpp",
Shawn Willdendd7e8a02018-01-12 13:03:37 -0700[diff] [blame]166 "contexts/pure_soft_keymaster_context.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]167 "contexts/soft_keymaster_device.cpp",
Janis Danisevskis1455d2e2017-05-11 10:56:27 -0700[diff] [blame]168 "km_openssl/soft_keymaster_enforcement.cpp",
Janis Danisevskisf54cc932017-05-10 15:29:10 -0700[diff] [blame]169 "contexts/soft_keymaster_logger.cpp",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]170 ],
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]171 cflags: [
172 "-Wall",
173 "-Werror",
174 "-Wunused",
175 ],
176 clang: true,
177 clang_cflags: [
178 "-Wno-error=unused-const-variable",
179 "-Wno-error=unused-private-field",
180 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
181 // Currently, if enabled, these flags will cause an internal error in Clang.
182 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
183 ],
184
185 shared_libs: [
186 "libkeymaster_messages",
Janis Danisevskisf38a0022017-04-26 14:44:46 -0700[diff] [blame]187 "libkeymaster_portable",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]188 "liblog",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]189 "libbase",
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]190 "libcrypto",
191 "libcutils",
192 ],
193
194 export_include_dirs: ["include"],
195}
196
Shawn Willden25814f02018-04-02 10:55:34 -0600[diff] [blame]197cc_library {
Janis Danisevskis1f8b1c92017-05-08 11:24:41 -0700[diff] [blame]198 name: "libpuresoftkeymasterdevice",
199 vendor_available: true,
200 vndk: {
201 enabled: true,
202 },
203 srcs: [
Janis Danisevskis1f8b1c92017-05-08 11:24:41 -0700[diff] [blame]204 "android_keymaster/keymaster_configuration.cpp",
205 "contexts/soft_attestation_cert.cpp",
206 "contexts/pure_soft_keymaster_context.cpp",
207 "contexts/soft_keymaster_logger.cpp",
208 "km_openssl/soft_keymaster_enforcement.cpp",
209 ],
210 cflags: [
211 "-Wall",
212 "-Werror",
213 "-Wunused",
214 ],
215 clang: true,
216 clang_cflags: [
217 "-Wno-error=unused-const-variable",
218 "-Wno-error=unused-private-field",
219 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
220 // Currently, if enabled, these flags will cause an internal error in Clang.
221 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
222 ],
223
224 shared_libs: [
225 "libkeymaster_messages",
226 "libkeymaster_portable",
Janis Danisevskis1f8b1c92017-05-08 11:24:41 -0700[diff] [blame]227 "liblog",
228 "libcrypto",
229 "libcutils",
Wei Wangc33ecdf2018-06-27 11:53:26 -0700[diff] [blame]230 "libbase",
Janis Danisevskis1f8b1c92017-05-08 11:24:41 -0700[diff] [blame]231 ],
232
233 export_include_dirs: ["include"],
234}
235
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]236cc_library_shared {
237 name: "libkeymaster3device",
Logan Chien65d5a832017-11-21 19:06:34 +0800[diff] [blame]238 vendor: true,
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]239 srcs: [
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]240 "legacy_support/keymaster_passthrough_key.cpp",
241 "legacy_support/keymaster_passthrough_engine.cpp",
242 "legacy_support/keymaster_passthrough_operation.cpp",
243 "contexts/keymaster1_passthrough_context.cpp",
244 "contexts/keymaster2_passthrough_context.cpp",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]245 "ng/AndroidKeymaster3Device.cpp",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]246 "android_keymaster/keymaster_configuration.cpp",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]247 "legacy_support/ec_keymaster0_key.cpp",
248 "legacy_support/ec_keymaster1_key.cpp",
249 "legacy_support/ecdsa_keymaster1_operation.cpp",
250 "legacy_support/keymaster0_engine.cpp",
251 "legacy_support/keymaster1_engine.cpp",
252 "legacy_support/keymaster1_legacy_support.cpp",
253 "legacy_support/rsa_keymaster0_key.cpp",
254 "legacy_support/rsa_keymaster1_key.cpp",
255 "legacy_support/rsa_keymaster1_operation.cpp",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]256 ],
257 cflags: [
258 "-Wall",
259 "-Werror",
260 "-Wunused",
261 ],
262 clang: true,
263 clang_cflags: [
264 "-Wno-error=unused-const-variable",
265 "-Wno-error=unused-private-field",
266 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
267 // Currently, if enabled, these flags will cause an internal error in Clang.
268 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
269 ],
270
271 shared_libs: [
272 "libkeymaster_messages",
273 "android.hardware.keymaster@3.0",
274 "libcrypto",
275 "libcutils",
Janis Danisevskis2fea2352017-07-26 16:52:33 -0700[diff] [blame]276 "libbase",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]277 "libhidlbase",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]278 "libkeymaster_portable",
Janis Danisevskisa68669b2017-02-06 11:46:54 +0000[diff] [blame]279 "libpuresoftkeymasterdevice",
280 "liblog",
281 "libutils",
282 ],
283
284 export_include_dirs: ["include", "ng/include"],
285}
286
Shawn Willden9e149572017-10-30 16:08:21 -0600[diff] [blame]287cc_library_shared {
288 name: "libkeymaster4",
289 vendor_available: true,
290 srcs: [
291 "legacy_support/keymaster_passthrough_key.cpp",
292 "legacy_support/keymaster_passthrough_engine.cpp",
293 "legacy_support/keymaster_passthrough_operation.cpp",
Shawn Willdenefd06732017-11-30 19:34:16 -0700[diff] [blame]294 "ng/AndroidKeymaster4Device.cpp",
Shawn Willden9e149572017-10-30 16:08:21 -0600[diff] [blame]295 "android_keymaster/keymaster_configuration.cpp",
Shawn Willden9e149572017-10-30 16:08:21 -0600[diff] [blame]296 ],
297 cflags: [
298 "-Wall",
299 "-Werror",
300 "-Wunused",
301 ],
302 clang: true,
303 clang_cflags: [
304 "-Wno-error=unused-const-variable",
305 "-Wno-error=unused-private-field",
306 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released.
307 // Currently, if enabled, these flags will cause an internal error in Clang.
308 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"
309 ],
310
311 shared_libs: [
312 "libkeymaster_messages",
313 "android.hardware.keymaster@4.0",
314 "libcrypto",
315 "libcutils",
316 "libbase",
317 "libhidlbase",
Shawn Willden9e149572017-10-30 16:08:21 -0600[diff] [blame]318 "libkeymaster_portable",
Shawn Willden9e149572017-10-30 16:08:21 -0600[diff] [blame]319 "libpuresoftkeymasterdevice",
320 "liblog",
321 "libutils",
322 "libkeymaster4support",
323 ],
324
325 export_include_dirs: ["ng/include"],
326}
327
Steven Moreland7d6416c2017-04-18 10:06:28 -0700[diff] [blame]328// libkeymasterfiles is an empty library that exports all of the files in keymaster as includes.
329cc_library_static {
330 name: "libkeymasterfiles",
331 export_include_dirs: [
332 ".",
333 "include",
334 ],
335}