1 ##### 2 # Local unit test Makefile 3 # 4 # This makefile builds and runs the keymaster unit tests locally on the development 5 # machine, not on an Android device. Android.mk builds the same tests into the 6 # "keymaster_tests" binary for execution on-device, but this Makefile runs them locally, 7 # for a very fast edit/build/test development cycle. 8 # 9 # To build and run these tests, one pre-requisite must be manually installed: BoringSSL. 10 # This Makefile expects to find BoringSSL in a directory adjacent to $ANDROID_BUILD_TOP. 11 # To get and build it, first install the Ninja build tool (e.g. apt-get install 12 # ninja-build), then do: 13 # 14 # cd $ANDROID_BUILD_TOP/.. 15 # git clone https://boringssl.googlesource.com/boringssl 16 # cd boringssl 17 # mdkir build 18 # cd build 19 # cmake -GNinja .. 20 # ninja 21 # 22 # Then return to $ANDROID_BUILD_TOP/system/keymaster and run "make". 23 ##### 24 25 BASE=../.. 26 SUBS=system/core \ 27 hardware/libhardware \ 28 external/gtest \ 29 system/security/softkeymaster \ 30 system/security/keystore 31 GTEST=$(BASE)/external/googletest/googletest 32 33 INCLUDES=$(foreach dir,$(SUBS),-I $(BASE)/$(dir)/include) \ 34 -I $(BASE)/libnativehelper/include/nativehelper \ 35 -I $(GTEST)/include -isystem $(GTEST) -Iinclude -I$(BASE)/../boringssl/include 36 37 ifdef FORCE_32_BIT 38 ARCH_FLAGS = -m32 39 endif 40 41 ifdef USE_CLANG 42 CC=/usr/bin/clang 43 CXX=/usr/bin/clang 44 CXXFLAGS +=-std=c++11 -DKEYMASTER_CLANG_TEST_BUILD 45 CFLAGS += -DKEYMASTER_CLANG_TEST_BUILD 46 else 47 CXXFLAGS +=-std=c++0x -fprofile-arcs -ftest-coverage 48 CFLAGS += -fprofile-arcs -ftest-coverage 49 endif 50 51 LDFLAGS += $(ARCH_FLAGS) 52 CPPFLAGS = $(INCLUDES) -g -O0 -MD -MP $(ARCH_FLAGS) -DKEYMASTER_UNIT_TEST_BUILD -DHOST_BUILD 53 CXXFLAGS += -Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-parameter \ 54 -Werror=sign-compare -Werror=return-type -fno-permissive \ 55 -Wno-deprecated-declarations -fno-exceptions -DKEYMASTER_NAME_TAGS $(ARCH_FLAGS) 56 CFLAGS += $(ARCH_FLAGS) -DKEYMASTER_UNIT_TEST_BUILD -DHOST_BUILD 57 58 # Uncomment to enable debug logging. 59 # CXXFLAGS += -DDEBUG 60 61 LDLIBS=-L$(BASE)/../boringssl/build/crypto -lcrypto -lpthread -lstdc++ -lgcov 62 63 CPPSRCS=\ 64 aes_key.cpp \ 65 aes_operation.cpp \ 66 android_keymaster.cpp \ 67 android_keymaster_messages.cpp \ 68 android_keymaster_messages_test.cpp \ 69 android_keymaster_test.cpp \ 70 android_keymaster_test_utils.cpp \ 71 android_keymaster_utils.cpp \ 72 asymmetric_key.cpp \ 73 asymmetric_key_factory.cpp \ 74 attestation_record.cpp \ 75 attestation_record_test.cpp \ 76 auth_encrypted_key_blob.cpp \ 77 authorization_set.cpp \ 78 authorization_set_test.cpp \ 79 ec_key.cpp \ 80 ec_key_factory.cpp \ 81 ec_keymaster0_key.cpp \ 82 ec_keymaster1_key.cpp \ 83 ecdsa_keymaster1_operation.cpp \ 84 ecdsa_operation.cpp \ 85 ecies_kem.cpp \ 86 ecies_kem_test.cpp \ 87 gtest_main.cpp \ 88 hkdf.cpp \ 89 hkdf_test.cpp \ 90 hmac.cpp \ 91 hmac_key.cpp \ 92 hmac_operation.cpp \ 93 hmac_test.cpp \ 94 integrity_assured_key_blob.cpp \ 95 iso18033kdf.cpp \ 96 kdf.cpp \ 97 kdf1_test.cpp \ 98 kdf2_test.cpp \ 99 kdf_test.cpp \ 100 key.cpp \ 101 key_blob_test.cpp \ 102 keymaster0_engine.cpp \ 103 keymaster1_engine.cpp \ 104 keymaster_configuration.cpp \ 105 keymaster_configuration_test.cpp \ 106 keymaster_enforcement.cpp \ 107 keymaster_enforcement_test.cpp \ 108 keymaster_tags.cpp \ 109 logger.cpp \ 110 nist_curve_key_exchange.cpp \ 111 nist_curve_key_exchange_test.cpp \ 112 ocb_utils.cpp \ 113 openssl_err.cpp \ 114 openssl_utils.cpp \ 115 operation.cpp \ 116 operation_table.cpp \ 117 rsa_key.cpp \ 118 rsa_key_factory.cpp \ 119 rsa_keymaster0_key.cpp \ 120 rsa_keymaster1_key.cpp \ 121 rsa_keymaster1_operation.cpp \ 122 rsa_operation.cpp \ 123 serializable.cpp \ 124 soft_keymaster_context.cpp \ 125 soft_keymaster_device.cpp \ 126 symmetric_key.cpp 127 128 CCSRCS=$(GTEST)/src/gtest-all.cc 129 CSRCS=ocb.c 130 131 OBJS=$(CPPSRCS:.cpp=.o) $(CCSRCS:.cc=.o) $(CSRCS:.c=.o) 132 DEPS=$(CPPSRCS:.cpp=.d) $(CCSRCS:.cc=.d) $(CSRCS:.c=.d) 133 134 BINARIES = \ 135 android_keymaster_messages_test \ 136 android_keymaster_test \ 137 attestation_record_test \ 138 authorization_set_test \ 139 ecies_kem_test \ 140 hkdf_test \ 141 hmac_test \ 142 kdf1_test \ 143 kdf2_test \ 144 kdf_test \ 145 key_blob_test \ 146 keymaster_configuration_test \ 147 keymaster_enforcement_test \ 148 nist_curve_key_exchange_test 149 150 .PHONY: coverage memcheck massif clean run 151 152 %.run: % 153 ./$< 154 touch $@ 155 156 run: $(BINARIES:=.run) 157 158 coverage: coverage.info 159 genhtml coverage.info --output-directory coverage 160 161 coverage.info: run 162 lcov --capture --directory=. --output-file coverage.info 163 164 %.coverage : % 165 $(MAKE) clean && $(MAKE) $< 166 ./$< 167 lcov --capture --directory=. --output-file coverage.info 168 genhtml coverage.info --output-directory coverage 169 170 #UNINIT_OPTS=--track-origins=yes 171 UNINIT_OPTS=--undef-value-errors=no 172 173 MEMCHECK_OPTS=--leak-check=full \ 174 --show-reachable=yes \ 175 --vgdb=full \ 176 $(UNINIT_OPTS) \ 177 --error-exitcode=1 \ 178 --suppressions=valgrind.supp \ 179 --gen-suppressions=all 180 181 MASSIF_OPTS=--tool=massif \ 182 --stacks=yes 183 184 %.memcheck : % 185 valgrind $(MEMCHECK_OPTS) ./$< && \ 186 touch $@ 187 188 %.massif : % 189 valgrind $(MASSIF_OPTS) --massif-out-file=$@ ./$< 190 191 memcheck: $(BINARIES:=.memcheck) 192 193 massif: $(BINARIES:=.massif) 194 195 GTEST_OBJS = $(GTEST)/src/gtest-all.o gtest_main.o 196 197 keymaster_configuration_test: keymaster_configuration_test.o \ 198 authorization_set.o \ 199 serializable.o \ 200 logger.o \ 201 keymaster_configuration.o \ 202 $(GTEST_OBJS) 203 204 hmac_test: hmac_test.o \ 205 android_keymaster_test_utils.o \ 206 android_keymaster_utils.o \ 207 authorization_set.o \ 208 hmac.o \ 209 keymaster_tags.o \ 210 logger.o \ 211 serializable.o \ 212 $(GTEST_OBJS) 213 214 hkdf_test: hkdf_test.o \ 215 android_keymaster_test_utils.o \ 216 android_keymaster_utils.o \ 217 authorization_set.o \ 218 hkdf.o \ 219 hmac.o \ 220 kdf.o \ 221 keymaster_tags.o \ 222 logger.o \ 223 serializable.o \ 224 $(GTEST_OBJS) 225 226 kdf_test: kdf_test.o \ 227 android_keymaster_utils.o \ 228 kdf.o \ 229 logger.o \ 230 serializable.o \ 231 $(GTEST_OBJS) 232 233 kdf1_test: kdf1_test.o \ 234 android_keymaster_test_utils.o \ 235 android_keymaster_utils.o \ 236 authorization_set.o \ 237 iso18033kdf.o \ 238 kdf.o \ 239 keymaster_tags.o \ 240 logger.o \ 241 serializable.o \ 242 $(GTEST_OBJS) 243 244 kdf2_test: kdf2_test.o \ 245 android_keymaster_test_utils.o \ 246 android_keymaster_utils.o \ 247 authorization_set.o \ 248 iso18033kdf.o \ 249 kdf.o \ 250 keymaster_tags.o \ 251 logger.o \ 252 serializable.o \ 253 $(GTEST_OBJS) 254 255 nist_curve_key_exchange_test: nist_curve_key_exchange_test.o \ 256 android_keymaster_test_utils.o \ 257 authorization_set.o \ 258 keymaster_tags.o \ 259 logger.o \ 260 nist_curve_key_exchange.o \ 261 openssl_err.o \ 262 openssl_utils.o \ 263 serializable.o \ 264 $(GTEST_OBJS) 265 266 ecies_kem_test: ecies_kem_test.o \ 267 android_keymaster_utils.o \ 268 android_keymaster_test_utils.o \ 269 authorization_set.o \ 270 ecies_kem.o \ 271 hkdf.o \ 272 hmac.o \ 273 kdf.o \ 274 keymaster_tags.o \ 275 logger.o \ 276 nist_curve_key_exchange.o \ 277 openssl_err.o \ 278 openssl_utils.o \ 279 serializable.o \ 280 $(GTEST_OBJS) 281 282 authorization_set_test: authorization_set_test.o \ 283 android_keymaster_test_utils.o \ 284 authorization_set.o \ 285 keymaster_tags.o \ 286 logger.o \ 287 serializable.o \ 288 $(GTEST_OBJS) 289 290 key_blob_test: key_blob_test.o \ 291 android_keymaster_test_utils.o \ 292 android_keymaster_utils.o \ 293 auth_encrypted_key_blob.o \ 294 authorization_set.o \ 295 integrity_assured_key_blob.o \ 296 keymaster_tags.o \ 297 logger.o \ 298 ocb.o \ 299 ocb_utils.o \ 300 openssl_err.o \ 301 serializable.o \ 302 $(GTEST_OBJS) 303 304 android_keymaster_messages_test: android_keymaster_messages_test.o \ 305 android_keymaster_messages.o \ 306 android_keymaster_test_utils.o \ 307 android_keymaster_utils.o \ 308 authorization_set.o \ 309 keymaster_tags.o \ 310 logger.o \ 311 serializable.o \ 312 $(GTEST_OBJS) 313 314 android_keymaster_test: android_keymaster_test.o \ 315 aes_key.o \ 316 aes_operation.o \ 317 android_keymaster.o \ 318 android_keymaster_messages.o \ 319 android_keymaster_test_utils.o \ 320 android_keymaster_utils.o \ 321 asymmetric_key.o \ 322 asymmetric_key_factory.o \ 323 attestation_record.o \ 324 auth_encrypted_key_blob.o \ 325 authorization_set.o \ 326 ec_key.o \ 327 ec_key_factory.o \ 328 ec_keymaster0_key.o \ 329 ec_keymaster1_key.o \ 330 ecdsa_keymaster1_operation.o \ 331 ecdsa_operation.o \ 332 hmac_key.o \ 333 hmac_operation.o \ 334 integrity_assured_key_blob.o \ 335 key.o \ 336 keymaster0_engine.o \ 337 keymaster1_engine.o \ 338 keymaster_enforcement.o \ 339 keymaster_tags.o \ 340 logger.o \ 341 ocb.o \ 342 ocb_utils.o \ 343 openssl_err.o \ 344 openssl_utils.o \ 345 operation.o \ 346 operation_table.o \ 347 rsa_key.o \ 348 rsa_key_factory.o \ 349 rsa_keymaster0_key.o \ 350 rsa_keymaster1_key.o \ 351 rsa_keymaster1_operation.o \ 352 rsa_operation.o \ 353 serializable.o \ 354 soft_keymaster_context.o \ 355 soft_keymaster_device.o \ 356 symmetric_key.o \ 357 $(BASE)/system/security/softkeymaster/keymaster_openssl.o \ 358 $(BASE)/system/security/keystore/keyblob_utils.o \ 359 $(GTEST_OBJS) 360 361 keymaster_enforcement_test: keymaster_enforcement_test.o \ 362 android_keymaster_messages.o \ 363 android_keymaster_test_utils.o \ 364 android_keymaster_utils.o \ 365 authorization_set.o \ 366 keymaster_enforcement.o \ 367 keymaster_tags.o \ 368 logger.o \ 369 serializable.o \ 370 $(GTEST_OBJS) 371 372 attestation_record_test: attestation_record_test.o \ 373 android_keymaster_test_utils.o \ 374 android_keymaster_utils.o \ 375 attestation_record.o \ 376 authorization_set.o \ 377 keymaster_tags.o \ 378 logger.o \ 379 openssl_err.o \ 380 serializable.o \ 381 $(GTEST_OBJS) 382 383 $(GTEST)/src/gtest-all.o: CXXFLAGS:=$(subst -Wmissing-declarations,,$(CXXFLAGS)) 384 385 clean: 386 rm -f $(OBJS) $(DEPS) $(BINARIES) \ 387 $(BINARIES:=.run) $(BINARIES:=.memcheck) $(BINARIES:=.massif) \ 388 *gcov *gcno *gcda coverage.info 389 rm -rf coverage 390 391 -include $(CPPSRCS:.cpp=.d) 392 -include $(CCSRCS:.cc=.d) 393