1 // Copyright (C) 2014 The Android Open Source Project 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 // libkeymaster_messages contains just the code necessary to communicate with a 16 // AndroidKeymaster implementation, e.g. one running in TrustZone. 17 cc_library_shared { 18 name: "libkeymaster_messages", 19 srcs: [ 20 "android_keymaster_messages.cpp", 21 "android_keymaster_utils.cpp", 22 "authorization_set.cpp", 23 "keymaster_tags.cpp", 24 "logger.cpp", 25 "serializable.cpp", 26 ], 27 cflags: [ 28 "-Wall", 29 "-Werror", 30 "-Wunused", 31 "-DKEYMASTER_NAME_TAGS", 32 ], 33 clang: true, 34 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released. 35 // Currently, if enabled, these flags will cause an internal error in Clang. 36 clang_cflags: ["-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp"], 37 38 export_include_dirs: ["include"], 39 40 } 41 42 // libkeymaster1 contains almost everything needed for a keymaster1 43 // implementation, lacking only a subclass of the (abstract) KeymasterContext 44 // class to provide environment-specific services and a wrapper to translate from 45 // the function-based keymaster HAL API to the message-based AndroidKeymaster API. 46 cc_library_shared { 47 name: "libkeymaster1", 48 srcs: [ 49 "aes_key.cpp", 50 "aes_operation.cpp", 51 "android_keymaster.cpp", 52 "android_keymaster_messages.cpp", 53 "android_keymaster_utils.cpp", 54 "asymmetric_key.cpp", 55 "asymmetric_key_factory.cpp", 56 "attestation_record.cpp", 57 "auth_encrypted_key_blob.cpp", 58 "ec_key.cpp", 59 "ec_key_factory.cpp", 60 "ecdsa_operation.cpp", 61 "ecies_kem.cpp", 62 "hkdf.cpp", 63 "hmac.cpp", 64 "hmac_key.cpp", 65 "hmac_operation.cpp", 66 "integrity_assured_key_blob.cpp", 67 "iso18033kdf.cpp", 68 "kdf.cpp", 69 "key.cpp", 70 "keymaster_enforcement.cpp", 71 "nist_curve_key_exchange.cpp", 72 "ocb.c", 73 "ocb_utils.cpp", 74 "openssl_err.cpp", 75 "openssl_utils.cpp", 76 "operation.cpp", 77 "operation_table.cpp", 78 "rsa_key.cpp", 79 "rsa_key_factory.cpp", 80 "rsa_operation.cpp", 81 "symmetric_key.cpp", 82 ], 83 84 shared_libs: [ 85 "libcrypto", 86 "libkeymaster_messages", 87 ], 88 cflags: [ 89 "-Wall", 90 "-Werror", 91 "-Wunused", 92 ], 93 clang: true, 94 clang_cflags: [ 95 "-Wno-error=unused-const-variable", 96 "-Wno-error=unused-private-field", 97 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released. 98 // Currently, if enabled, these flags will cause an internal error in Clang. 99 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp" 100 ], 101 102 export_include_dirs: ["include"], 103 104 } 105 106 // libsoftkeymaster provides a software-based keymaster HAL implementation. 107 // This is used by keystore as a fallback for when the hardware keymaster does 108 // not support the request. 109 cc_library_shared { 110 name: "libsoftkeymasterdevice", 111 srcs: [ 112 "ec_keymaster0_key.cpp", 113 "ec_keymaster1_key.cpp", 114 "ecdsa_keymaster1_operation.cpp", 115 "keymaster0_engine.cpp", 116 "keymaster1_engine.cpp", 117 "keymaster_configuration.cpp", 118 "rsa_keymaster0_key.cpp", 119 "rsa_keymaster1_key.cpp", 120 "rsa_keymaster1_operation.cpp", 121 "soft_keymaster_context.cpp", 122 "soft_keymaster_device.cpp", 123 "soft_keymaster_logger.cpp", 124 ], 125 include_dirs: ["system/security/keystore"], 126 cflags: [ 127 "-Wall", 128 "-Werror", 129 "-Wunused", 130 ], 131 clang: true, 132 clang_cflags: [ 133 "-Wno-error=unused-const-variable", 134 "-Wno-error=unused-private-field", 135 // TODO(krasin): reenable coverage flags, when the new Clang toolchain is released. 136 // Currently, if enabled, these flags will cause an internal error in Clang. 137 "-fno-sanitize-coverage=edge,indirect-calls,8bit-counters,trace-cmp" 138 ], 139 140 shared_libs: [ 141 "libkeymaster_messages", 142 "libkeymaster1", 143 "liblog", 144 "libcrypto", 145 "libcutils", 146 ], 147 148 export_include_dirs: ["include"], 149 } 150 151 // libkeymasterfiles is an empty library that exports all of the files in keymaster as includes. 152 cc_library_static { 153 name: "libkeymasterfiles", 154 export_include_dirs: [ 155 ".", 156 "include", 157 ], 158 } 159