1// Copyright (C) 2014 The Android Open Source Project 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15// libkeymaster_messages contains just the code necessary to communicate with a 16// AndroidKeymaster implementation, e.g. one running in TrustZone. 17cc_defaults { 18 name: "keymaster_defaults", 19 vendor_available: true, 20 cflags: [ 21 "-Wall", 22 "-Werror", 23 "-Wunused", 24 ], 25 clang: true, 26 clang_cflags: [ 27 "-Wno-error=unused-const-variable", 28 "-Wno-error=unused-private-field", 29 "-Wimplicit-fallthrough", 30 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released. 31 // Currently, if enabled, these flags will cause an internal error in Clang. 32 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp" 33 ], 34 sanitize: { 35 integer_overflow: false, 36 }, 37} 38 39cc_library_shared { 40 name: "libkeymaster_messages", 41 srcs: [ 42 "android_keymaster/android_keymaster_messages.cpp", 43 "android_keymaster/android_keymaster_utils.cpp", 44 "android_keymaster/authorization_set.cpp", 45 "android_keymaster/keymaster_tags.cpp", 46 "android_keymaster/logger.cpp", 47 "android_keymaster/serializable.cpp", 48 "android_keymaster/keymaster_stl.cpp", 49 ], 50 header_libs: ["libhardware_headers"], 51 defaults: ["keymaster_defaults" ], 52 clang_cflags: [ 53 "-DKEYMASTER_NAME_TAGS", 54 ], 55 stl: "none", 56 export_include_dirs: ["include"], 57} 58 59// libkeymaster_portable contains almost everything needed for a keymaster 60// implementation, lacking only a subclass of the (abstract) KeymasterContext 61// class to provide environment-specific services and a wrapper to translate from 62// the function-based keymaster HAL API to the message-based AndroidKeymaster API. 63cc_library { 64 name: "libkeymaster_portable", 65 srcs: [ 66 "android_keymaster/android_keymaster.cpp", 67 "android_keymaster/android_keymaster_messages.cpp", 68 "android_keymaster/android_keymaster_utils.cpp", 69 "android_keymaster/authorization_set.cpp", 70 "android_keymaster/keymaster_enforcement.cpp", 71 "android_keymaster/keymaster_stl.cpp", 72 "android_keymaster/keymaster_tags.cpp", 73 "android_keymaster/logger.cpp", 74 "android_keymaster/operation.cpp", 75 "android_keymaster/operation_table.cpp", 76 "android_keymaster/serializable.cpp", 77 "key_blob_utils/auth_encrypted_key_blob.cpp", 78 "key_blob_utils/integrity_assured_key_blob.cpp", 79 "key_blob_utils/ocb.c", 80 "key_blob_utils/ocb_utils.cpp", 81 "key_blob_utils/software_keyblobs.cpp", 82 "km_openssl/aes_key.cpp", 83 "km_openssl/aes_operation.cpp", 84 "km_openssl/asymmetric_key.cpp", 85 "km_openssl/asymmetric_key_factory.cpp", 86 "km_openssl/attestation_record.cpp", 87 "km_openssl/attestation_utils.cpp", 88 "km_openssl/block_cipher_operation.cpp", 89 "km_openssl/ckdf.cpp", 90 "km_openssl/ec_key.cpp", 91 "km_openssl/ec_key_factory.cpp", 92 "km_openssl/ecdsa_operation.cpp", 93 "km_openssl/ecies_kem.cpp", 94 "km_openssl/hkdf.cpp", 95 "km_openssl/hmac.cpp", 96 "km_openssl/hmac_key.cpp", 97 "km_openssl/hmac_operation.cpp", 98 "km_openssl/iso18033kdf.cpp", 99 "km_openssl/kdf.cpp", 100 "km_openssl/nist_curve_key_exchange.cpp", 101 "km_openssl/openssl_err.cpp", 102 "km_openssl/openssl_utils.cpp", 103 "km_openssl/rsa_key.cpp", 104 "km_openssl/rsa_key_factory.cpp", 105 "km_openssl/rsa_operation.cpp", 106 "km_openssl/software_random_source.cpp", 107 "km_openssl/symmetric_key.cpp", 108 "km_openssl/triple_des_key.cpp", 109 "km_openssl/triple_des_operation.cpp", 110 "km_openssl/wrapped_key.cpp", 111 ], 112 113 shared_libs: [ 114 "libcrypto", 115 ], 116 header_libs: ["libhardware_headers"], 117 export_header_lib_headers: ["libhardware_headers"], 118 defaults: ["keymaster_defaults" ], 119 cflags: [ 120 "-DBORINGSSL_NO_CXX", 121 ], 122 // NOTE: libkeymaster_portable must run unchanged in the trusty runtime environment. 123 // Therefore, it must not link against any c++ stl library. keymaster_stl.cpp 124 // weakly defines the subset of stl symbols required for this library to work 125 // and which are also available in the trusty context. 126 stl: "none", 127 export_include_dirs: ["include"], 128} 129 130// libsoftkeymaster provides a software-based keymaster HAL implementation. 131// This is used by keystore as a fallback for when the hardware keymaster does 132// not support the request. 133cc_library { 134 name: "libsoftkeymasterdevice", 135 srcs: [ 136 "android_keymaster/keymaster_configuration.cpp", 137 "legacy_support/ec_keymaster0_key.cpp", 138 "legacy_support/ec_keymaster1_key.cpp", 139 "legacy_support/ecdsa_keymaster1_operation.cpp", 140 "legacy_support/keymaster0_engine.cpp", 141 "legacy_support/keymaster1_engine.cpp", 142 "legacy_support/rsa_keymaster0_key.cpp", 143 "legacy_support/rsa_keymaster1_key.cpp", 144 "legacy_support/rsa_keymaster1_operation.cpp", 145 "legacy_support/keymaster1_legacy_support.cpp", 146 "contexts/soft_keymaster_context.cpp", 147 "contexts/pure_soft_keymaster_context.cpp", 148 "contexts/soft_keymaster_device.cpp", 149 "km_openssl/soft_keymaster_enforcement.cpp", 150 "contexts/soft_keymaster_logger.cpp", 151 ], 152 defaults: ["keymaster_defaults"], 153 shared_libs: [ 154 "libkeymaster_messages", 155 "libkeymaster_portable", 156 "libsoft_attestation_cert", 157 "liblog", 158 "libbase", 159 "libcrypto", 160 "libcutils", 161 ], 162 export_include_dirs: ["include"], 163} 164 165cc_library { 166 name: "libsoft_attestation_cert", 167 srcs: [ 168 "contexts/soft_attestation_cert.cpp", 169 ], 170 defaults: ["keymaster_defaults"], 171 shared_libs: [ 172 "libkeymaster_portable", 173 ], 174 175 export_include_dirs: ["include"], 176} 177 178cc_library { 179 name: "libpuresoftkeymasterdevice", 180 srcs: [ 181 "android_keymaster/keymaster_configuration.cpp", 182 "contexts/pure_soft_keymaster_context.cpp", 183 "contexts/soft_keymaster_logger.cpp", 184 "km_openssl/soft_keymaster_enforcement.cpp", 185 ], 186 defaults: ["keymaster_defaults"], 187 shared_libs: [ 188 "libkeymaster_messages", 189 "libkeymaster_portable", 190 "libsoft_attestation_cert", 191 "liblog", 192 "libcrypto", 193 "libcutils", 194 "libbase", 195 ], 196 197 export_include_dirs: ["include"], 198} 199 200cc_library_shared { 201 name: "libkeymaster3device", 202 srcs: [ 203 "legacy_support/keymaster_passthrough_key.cpp", 204 "legacy_support/keymaster_passthrough_engine.cpp", 205 "legacy_support/keymaster_passthrough_operation.cpp", 206 "contexts/keymaster1_passthrough_context.cpp", 207 "contexts/keymaster2_passthrough_context.cpp", 208 "ng/AndroidKeymaster3Device.cpp", 209 "android_keymaster/keymaster_configuration.cpp", 210 "legacy_support/ec_keymaster0_key.cpp", 211 "legacy_support/ec_keymaster1_key.cpp", 212 "legacy_support/ecdsa_keymaster1_operation.cpp", 213 "legacy_support/keymaster0_engine.cpp", 214 "legacy_support/keymaster1_engine.cpp", 215 "legacy_support/keymaster1_legacy_support.cpp", 216 "legacy_support/rsa_keymaster0_key.cpp", 217 "legacy_support/rsa_keymaster1_key.cpp", 218 "legacy_support/rsa_keymaster1_operation.cpp", 219 ], 220 defaults: ["keymaster_defaults"], 221 shared_libs: [ 222 "libkeymaster_messages", 223 "android.hardware.keymaster@3.0", 224 "libcrypto", 225 "libcutils", 226 "libbase", 227 "libhidlbase", 228 "libkeymaster_portable", 229 "liblog", 230 "libpuresoftkeymasterdevice", 231 "libsoft_attestation_cert", 232 "libutils", 233 ], 234 export_include_dirs: ["include", "ng/include"], 235} 236 237cc_library_shared { 238 name: "libkeymaster4", 239 srcs: [ 240 "legacy_support/keymaster_passthrough_key.cpp", 241 "legacy_support/keymaster_passthrough_engine.cpp", 242 "legacy_support/keymaster_passthrough_operation.cpp", 243 "ng/AndroidKeymaster4Device.cpp", 244 "android_keymaster/keymaster_configuration.cpp", 245 ], 246 defaults: ["keymaster_defaults"], 247 shared_libs: [ 248 "libkeymaster_messages", 249 "android.hardware.keymaster@4.0", 250 "libcrypto", 251 "libcutils", 252 "libbase", 253 "libhidlbase", 254 "libkeymaster_portable", 255 "libpuresoftkeymasterdevice", 256 "liblog", 257 "libutils", 258 "libkeymaster4support", 259 ], 260 export_include_dirs: ["ng/include"], 261} 262 263cc_library_shared { 264 name: "libkeymaster41", 265 vendor_available: true, 266 srcs: [ 267 "ng/AndroidKeymaster41Device.cpp", 268 ], 269 defaults: ["keymaster_defaults"], 270 shared_libs: [ 271 "android.hardware.keymaster@4.0", 272 "android.hardware.keymaster@4.1", 273 "libbase", 274 "libcrypto", 275 "libcutils", 276 "libhidlbase", 277 "libkeymaster4", 278 "libkeymaster4_1support", 279 "libkeymaster4support", 280 "libkeymaster_messages", 281 "libkeymaster_portable", 282 "liblog", 283 "libpuresoftkeymasterdevice", 284 "libutils", 285 ], 286 export_include_dirs: ["ng/include"], 287} 288 289// libkeymasterfiles is an empty library that exports all of the files in keymaster as includes. 290cc_library_static { 291 name: "libkeymasterfiles", 292 export_include_dirs: [ 293 ".", 294 "include", 295 ], 296} 297