1# 2# Copyright (c) 2021-2022 Huawei Device Co., Ltd. 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14# 15 16import("//base/security/huks/build/config.gni") 17import("//base/security/huks/huks.gni") 18import("//build/lite/config/component/lite_component.gni") 19import("//build/ohos.gni") 20 21config("hilog_dir") { 22 include_dirs = 23 [ "//base/hiviewdfx/hilog_lite/interfaces/native/innerkits/hilog/" ] 24} 25config("hilog_lite_dir") { 26 include_dirs = 27 [ "//base/hiviewdfx/hilog_lite/interfaces/native/kits/hilog_lite/" ] 28} 29 30config("mbedtls_engine") { 31 include_dirs = 32 [ "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/include" ] 33} 34 35config("soft_huks_config") { 36 include_dirs = [ 37 "../../../frameworks/huks_standard/main/common/include", 38 "../../../frameworks/huks_standard/main/core/include", 39 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/include", 40 "../../../frameworks/huks_standard/main/crypto_engine/openssl/include", 41 "../../../frameworks/huks_standard/main/os_dependency/ipc/include", 42 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/include", 43 "../../../services/huks_standard/huks_engine/main/core/include", 44 "../../../services/huks_standard/huks_service/main/core/include", 45 "//base/security/huks/services/huks_standard/huks_engine/main/core/include", 46 "//base/security/huks/services/huks_standard/huks_engine/main/device_cert_manager/include", 47 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/passthrough", 48 "//base/security/huks/utils/crypto_adapter", 49 "//base/security/huks/utils/file_operator", 50 "//base/security/huks/utils/list", 51 "//base/security/huks/utils/mutex", 52 ] 53 54 if (board_toolchain_type != "iccarm") { 55 defines = [ "_FORTIFY_SOURCE = 2" ] 56 } 57 if (board_toolchain_type == "iccarm") { 58 cflags = [ 59 "--diag_suppress", 60 "Pe370,Pe226", 61 ] 62 } else { 63 cflags = [ 64 "-fvisibility=hidden", 65 "-Wall", 66 "-Werror", 67 ] 68 } 69 70 if (disable_authenticate == true) { 71 cflags += [ "-D_CUT_AUTHENTICATE_" ] 72 } 73 74 if (ohos_kernel_type != "liteos_m") { 75 cflags += [ "-flto" ] 76 } 77 78 if (huks_use_hardware_root_key == true) { 79 cflags += [ "-D_HARDWARE_ROOT_KEY_" ] 80 } 81 82 if (huks_use_lite_storage == true) { 83 cflags += [ "-D_STORAGE_LITE_" ] 84 } else { 85 if (ohos_kernel_type == "liteos_a") { 86 cflags += [ "-D_BSD_SOURCE" ] 87 } else { 88 cflags += [ "-D_DEFAULT_SOURCE" ] 89 } 90 } 91 92 if (ohos_kernel_type != "liteos_m" || huks_enable_log == true) { 93 cflags += [ "-D_HUKS_LOG_ENABLE_" ] 94 } 95 96 if (huks_config_file != "") { 97 print(huks_config_file) 98 cflags += [ "-DHKS_CONFIG_FILE=\"${huks_config_file}\"" ] 99 } 100 101 cflags += [ 102 "-DHKS_CONFIG_KEY_STORE_PATH=\"${huks_key_store_path}\"", 103 "-DHKS_KEY_VERSION=${huks_key_version}", 104 ] 105} 106 107config("public_huks_config") { 108 include_dirs = [ "../../../interfaces/inner_api/huks_standard/main/include" ] 109} 110 111#begin: add 112if (ohos_kernel_type == "liteos_m") { 113 ohos_static_library("huks_3.0_sdk") { 114 public_configs = [ ":public_huks_config" ] 115 configs = [ ":soft_huks_config" ] 116 117 sources = [] 118 119 cflags = [] 120 121 deps = [] 122 123 if (huks_use_mbedtls == true) { 124 sources += [ 125 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_crypto_ed25519.c", 126 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ability.c", 127 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_aes.c", 128 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_bn.c", 129 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_common.c", 130 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecc.c", 131 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecdh.c", 132 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecdsa.c", 133 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_engine.c", 134 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_get_main_key.c", 135 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_hash.c", 136 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_hmac.c", 137 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_kdf.c", 138 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_rsa.c", 139 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_x25519.c", 140 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_rkc.c", 141 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_rkc_rw.c", 142 ] 143 144 if (huks_dependency_mbedtls_path != "") { 145 deps += [ huks_dependency_mbedtls_path ] 146 } else { 147 deps += [ "//third_party/mbedtls:mbedtls_static" ] 148 } 149 } 150 151 sources += [ 152 "../../../frameworks/huks_standard/main/common/src/hks_ability.c", 153 "../../../frameworks/huks_standard/main/common/src/hks_base_check.c", 154 "../../../frameworks/huks_standard/main/common/src/hks_check_paramset.c", 155 "../../../frameworks/huks_standard/main/common/src/hks_common_check.c", 156 "../../../frameworks/huks_standard/main/common/src/hks_crypto_adapter.c", 157 "../../../frameworks/huks_standard/main/common/src/hks_param.c", 158 "../../../frameworks/huks_standard/main/common/src/hks_tags_type_manager.c", 159 "../../../frameworks/huks_standard/main/core/src/hks_local_engine.c", 160 "../../../frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c", 161 "../../../frameworks/huks_standard/main/os_dependency/posix/hks_mem.c", 162 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/src/hks_get_process_info_passthrough.c", 163 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/src/hks_get_udid.c", 164 "../../../interfaces/inner_api/huks_standard/main/src/hks_api.c", 165 "../../../interfaces/inner_api/huks_standard/main/src/hks_api_adapter.c", 166 "../../../services/huks_standard/huks_engine/main/core/src/hks_auth.c", 167 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_interfaces.c", 168 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service.c", 169 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_three_stage.c", 170 "../../../services/huks_standard/huks_engine/main/core/src/hks_keyblob.c", 171 "../../../services/huks_standard/huks_engine/main/core/src/hks_keynode.c", 172 "../../../services/huks_standard/huks_engine/main/core/src/hks_secure_access.c", 173 "../../../services/huks_standard/huks_engine/main/core/src/hks_sm_import_wrap_key.c", 174 "../../../services/huks_standard/huks_service/main/core/src/hks_client_check.c", 175 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service.c", 176 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service_util.c", 177 "../../../services/huks_standard/huks_service/main/core/src/hks_hitrace.c", 178 "../../../services/huks_standard/huks_service/main/core/src/hks_report.c", 179 "../../../services/huks_standard/huks_service/main/core/src/hks_session_manager.c", 180 "../../../services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_access.c", 181 "../../../services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_core_static_hal.c", 182 "../../../utils/crypto_adapter/hks_client_service_adapter_common.c", 183 "../../../utils/crypto_adapter/hks_client_service_adapter_lite.c", 184 "../../../utils/file_operator/hks_file_operator_lite.c", 185 "../../../utils/list/hks_double_list.c", 186 "../../../utils/mutex/hks_mutex.c", 187 "//base/security/huks/services/huks_standard/huks_engine/main/core/src/hks_upgrade_key.c", 188 "//base/security/huks/services/huks_standard/huks_service/main/core/src/hks_upgrade_helper.c", 189 "//base/security/huks/services/huks_standard/huks_service/main/core/src/hks_upgrade_key_accesser.c", 190 ] 191 sources += [ "hks_tmp_client.c" ] 192 193 if (huks_use_lite_storage == true) { 194 sources += [ 195 "../../../services/huks_standard/huks_engine/main/core/src/hks_keyblob_lite.c", 196 "../../../services/huks_standard/huks_service/main/core/src/hks_storage_adapter.c", 197 "../../../services/huks_standard/huks_service/main/core/src/hks_storage_lite.c", 198 ] 199 } else { 200 sources += [ "../../../services/huks_standard/huks_service/main/core/src/hks_storage.c" ] 201 } 202 203 include_dirs = [ 204 "//base/security/huks/frameworks/huks_standard/main/common/include", 205 "//base/security/huks/services/huks_standard/huks_engine/main/core/include", 206 ] 207 208 defines = [ 209 "MBEDTLS_ECP_RESTARTABLE=1", 210 "LOG_ENGINE_HILOG_MODULE_SCY", 211 "HUKS_LOG_MINI_EXT_ENABLED", 212 ] 213 if (product_name == "wifiiot_hispark_pegasus") { 214 defines += [ "USE_HISI_MBED" ] 215 } 216 217 if (huks_enable_upgrade_key && !huks_use_lite_storage) { 218 defines += [ "HKS_ENABLE_UPGRADE_KEY" ] 219 } 220 221 if (enable_huks_lite_hap) { 222 defines += [ "HKS_ENABLE_LITE_HAP" ] 223 cflags += 224 [ "-DHKS_CONFIG_LITE_HAP_STORE_PATH=\"${huks_lite_hap_store_path}\"" ] 225 } 226 227 configs += [ ":hilog_lite_dir" ] 228 deps += [ "//base/hiviewdfx/hilog_lite/frameworks/mini:hilog_lite" ] 229 230 if (huks_enable_upgrade_rkc_v1tov2) { 231 # enable upgrade rkc derivation algorithm from PBKDF2 to HKDF 232 defines += [ "HKS_ENABLE_UPGRADE_RKC_DERIVE_ALG" ] 233 234 # compile code of old version 235 sources += [ "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_rkc_v1.c" ] 236 } 237 238 if (huks_enable_upgrade_derive_key_alg) { 239 # enable upgrade key derivation algorithm from PBKDF2 to HKDF 240 defines += [ "HKS_CHANGE_DERIVE_KEY_ALG_TO_HKDF" ] 241 } 242 243 cflags += [ "-DHKS_ENABLE_CLEAN_FILE" ] 244 } 245} else { 246 ohos_shared_library("huks_3.0_sdk") { 247 public_configs = [ ":public_huks_config" ] 248 249 configs = [] 250 configs += [ 251 "//base/security/huks/frameworks/config/build:l1_small_common_config", 252 ] 253 configs += [ ":soft_huks_config" ] 254 255 cflags = [] 256 257 deps = [] 258 deps += [ 259 "//base/security/huks/frameworks/huks_standard/main:huks_small_frameworks", 260 "//base/security/huks/utils/crypto_adapter:libhuks_utils_client_service_adapter_static", 261 "//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single", 262 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 263 ] 264 265 include_dirs = [] 266 include_dirs += [ 267 "//foundation/systemabilitymgr/samgr_lite/interfaces/kits/registry", 268 "//foundation/systemabilitymgr/samgr_lite/samgr_endpoint/source", 269 270 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr", 271 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include", 272 ] 273 274 sources = [] 275 276 sources = [ 277 "//base/security/huks/interfaces/inner_api/huks_standard/main/src/hks_api.c", 278 "//base/security/huks/interfaces/inner_api/huks_standard/main/src/hks_api_adapter.c", 279 ] 280 281 sources += [ 282 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c", 283 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c", 284 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_serialization.c", 285 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_slice.c", 286 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_samgr_client_proxy.c", 287 ] 288 289 configs += [ ":hilog_dir" ] 290 deps += [ 291 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 292 "//third_party/bounds_checking_function:libsec_shared", 293 ] 294 295 external_deps = [ 296 "hilog_featured_lite:hilog_shared", 297 "init_lite:libbegetutil", 298 ] 299 300 defines = [ 301 "MBEDTLS_ECP_RESTARTABLE=1", 302 "LOG_ENGINE_HILOG_MODULE_SCY", 303 ] 304 } 305 306 ohos_executable("huks_server") { 307 configs = [] 308 configs += [ 309 "//base/security/huks/frameworks/config/build:l1_small_common_config", 310 ] 311 configs += [ ":soft_huks_config" ] 312 313 sources = [] 314 sources += [ "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/service_pro_main.c" ] 315 316 sources += [ 317 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/hks_samgr_service.c", 318 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/hks_samgr_service_feature.c", 319 ] 320 321 include_dirs = [] 322 323 include_dirs += [ 324 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include", 325 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa", 326 ] 327 328 deps = [] 329 deps += [ 330 "//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single", 331 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 332 ] 333 334 configs += [ ":hilog_dir" ] 335 deps += [ "//third_party/bounds_checking_function:libsec_shared" ] 336 337 deps += [ 338 "//base/security/huks/frameworks/huks_standard/main:huks_small_frameworks", 339 "//base/security/huks/services/huks_standard/huks_service/main:libhuks_service_small_static", 340 ] 341 external_deps = [ "hilog_featured_lite:hilog_shared" ] 342 } 343 344 if (ohos_build_type == "debug") { 345 group("huks_3.0_test") { 346 deps = [ "//base/security/huks/test:unittest" ] 347 } 348 } 349 350 ohos_executable("hks_compatibility_bin") { 351 sources = 352 [ "//base/security/huks/utils/compatibility_bin/compatibility_bin.c" ] 353 deps = [ "//third_party/bounds_checking_function:libsec_shared" ] 354 } 355} 356