1# 2# Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14# 15 16import("//base/security/huks/build/config.gni") 17import("//base/security/huks/huks.gni") 18import("//build/lite/config/component/lite_component.gni") 19import("//build/ohos.gni") 20 21config("hilog_dir") { 22 include_dirs = 23 [ "//base/hiviewdfx/hilog_lite/interfaces/native/innerkits/hilog/" ] 24} 25config("hilog_lite_dir") { 26 include_dirs = 27 [ "//base/hiviewdfx/hilog_lite/interfaces/native/kits/hilog_lite/" ] 28} 29 30config("mbedtls_engine") { 31 include_dirs = 32 [ "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/include" ] 33} 34 35config("soft_huks_config") { 36 include_dirs = [ 37 "../../../frameworks/huks_standard/main/common/include", 38 "../../../frameworks/huks_standard/main/core/include", 39 "../../../frameworks/huks_standard/main/crypto_engine/crypto_common/include", 40 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/include", 41 "../../../frameworks/huks_standard/main/crypto_engine/openssl/include", 42 "../../../frameworks/huks_standard/main/crypto_engine/rkc/include", 43 "../../../frameworks/huks_standard/main/os_dependency/ipc/include", 44 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/include", 45 "../../../services/huks_standard/huks_engine/main/core/include", 46 "../../../services/huks_standard/huks_service/main/core/include", 47 "//base/security/huks/services/huks_standard/huks_engine/main/core/include", 48 "//base/security/huks/services/huks_standard/huks_engine/main/device_cert_manager/include", 49 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/passthrough", 50 "//base/security/huks/utils/crypto_adapter", 51 "//base/security/huks/utils/file_operator", 52 "//base/security/huks/utils/list", 53 "//base/security/huks/utils/mutex", 54 "//commonlibrary/utils_lite/memory/include", 55 ] 56 57 if (board_toolchain_type != "iccarm") { 58 defines = [ "_FORTIFY_SOURCE = 2" ] 59 } 60 if (board_toolchain_type == "iccarm") { 61 cflags = [ 62 "--diag_suppress", 63 "Pe370,Pe226", 64 ] 65 defines = [ "HKS_USE_OHOS_MEM" ] 66 } else { 67 cflags = [ 68 "-fvisibility=hidden", 69 "-Wall", 70 "-Werror", 71 ] 72 } 73 74 if (disable_authenticate == true) { 75 cflags += [ "-D_CUT_AUTHENTICATE_" ] 76 } 77 78 if (ohos_kernel_type != "liteos_m") { 79 cflags += [ "-flto" ] 80 } 81 82 if (huks_use_hardware_root_key == true) { 83 cflags += [ "-D_HARDWARE_ROOT_KEY_" ] 84 } 85 86 if (huks_use_lite_storage == true) { 87 cflags += [ "-D_STORAGE_LITE_" ] 88 } else { 89 if (ohos_kernel_type == "liteos_a") { 90 cflags += [ "-D_BSD_SOURCE" ] 91 } else { 92 cflags += [ "-D_DEFAULT_SOURCE" ] 93 } 94 } 95 96 if (ohos_kernel_type != "liteos_m" || huks_enable_log == true) { 97 cflags += [ "-D_HUKS_LOG_ENABLE_" ] 98 } 99 100 if (huks_config_file != "") { 101 print(huks_config_file) 102 cflags += [ "-DHKS_CONFIG_FILE=\"${huks_config_file}\"" ] 103 } 104 105 cflags += [ 106 "-DHKS_CONFIG_KEY_STORE_PATH=\"${huks_key_store_path}\"", 107 "-DHKS_KEY_VERSION=${huks_key_version}", 108 ] 109} 110 111config("public_huks_config") { 112 include_dirs = [ "../../../interfaces/inner_api/huks_standard/main/include" ] 113} 114 115#begin: add 116if (ohos_kernel_type == "liteos_m") { 117 ohos_static_library("huks_3.0_sdk") { 118 public_configs = [ ":public_huks_config" ] 119 configs = [ ":soft_huks_config" ] 120 121 sources = [] 122 123 cflags = [] 124 125 deps = [] 126 127 if (huks_use_mbedtls == true) { 128 sources += [ 129 "../../../frameworks/huks_standard/main/crypto_engine/crypto_common/src/hks_core_ability.c", 130 "../../../frameworks/huks_standard/main/crypto_engine/crypto_common/src/hks_core_get_main_key.c", 131 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_crypto_ed25519.c", 132 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_3des.c", 133 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ability.c", 134 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_aes.c", 135 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_bn.c", 136 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_common.c", 137 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_des.c", 138 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecc.c", 139 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecdh.c", 140 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecdsa.c", 141 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_engine.c", 142 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_hash.c", 143 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_hmac.c", 144 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_kdf.c", 145 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_rsa.c", 146 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_x25519.c", 147 "../../../frameworks/huks_standard/main/crypto_engine/rkc/src/hks_rkc.c", 148 "../../../frameworks/huks_standard/main/crypto_engine/rkc/src/hks_rkc_rw.c", 149 ] 150 151 if (huks_dependency_mbedtls_path != "") { 152 deps += [ huks_dependency_mbedtls_path ] 153 } else { 154 deps += [ "//third_party/mbedtls" ] 155 } 156 } 157 158 sources += [ 159 "../../../frameworks/huks_standard/main/common/src/hks_ability.c", 160 "../../../frameworks/huks_standard/main/common/src/hks_base_check.c", 161 "../../../frameworks/huks_standard/main/common/src/hks_check_paramset.c", 162 "../../../frameworks/huks_standard/main/common/src/hks_common_check.c", 163 "../../../frameworks/huks_standard/main/common/src/hks_crypto_adapter.c", 164 "../../../frameworks/huks_standard/main/common/src/hks_param.c", 165 "../../../frameworks/huks_standard/main/common/src/hks_tags_type_manager.c", 166 "../../../frameworks/huks_standard/main/core/src/hks_local_engine.c", 167 "../../../frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c", 168 "../../../frameworks/huks_standard/main/os_dependency/posix/hks_mem.c", 169 "../../../frameworks/huks_standard/main/os_dependency/posix/hks_util.c", 170 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/src/hks_get_process_info_passthrough.c", 171 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/src/hks_get_udid.c", 172 "../../../interfaces/inner_api/huks_standard/source/hks_api.c", 173 "../../../interfaces/inner_api/huks_standard/source/hks_api_adapter.c", 174 "../../../services/huks_standard/huks_engine/main/core/src/hks_auth.c", 175 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_interfaces.c", 176 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_attest.c", 177 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_generate.c", 178 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_operate_one_stage.c", 179 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_operate_three_stage.c", 180 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_other.c", 181 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_three_stage.c", 182 "../../../services/huks_standard/huks_engine/main/core/src/hks_keyblob.c", 183 "../../../services/huks_standard/huks_engine/main/core/src/hks_keynode.c", 184 "../../../services/huks_standard/huks_engine/main/core/src/hks_secure_access.c", 185 "../../../services/huks_standard/huks_engine/main/core/src/hks_sm_import_wrap_key.c", 186 "../../../services/huks_standard/huks_service/main/core/src/hks_client_check.c", 187 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service.c", 188 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service_common.c", 189 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service_util.c", 190 "../../../services/huks_standard/huks_service/main/core/src/hks_hitrace.c", 191 "../../../services/huks_standard/huks_service/main/core/src/hks_report.c", 192 "../../../services/huks_standard/huks_service/main/core/src/hks_session_manager.c", 193 "../../../services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_access.c", 194 "../../../services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_core_static_hal.c", 195 "../../../services/huks_standard/huks_service/main/plugin_proxy/src/hks_plugin_adapter_mock.c", 196 "../../../utils/crypto_adapter/hks_client_service_adapter_common.c", 197 "../../../utils/crypto_adapter/hks_client_service_adapter_lite.c", 198 "../../../utils/file_operator/hks_file_operator_lite.c", 199 "../../../utils/list/hks_double_list.c", 200 "../../../utils/mutex/hks_mutex.c", 201 "//base/security/huks/services/huks_standard/huks_engine/main/core/src/hks_upgrade_key.c", 202 "//base/security/huks/services/huks_standard/huks_service/main/core/src/hks_upgrade_helper.c", 203 "//base/security/huks/services/huks_standard/huks_service/main/core/src/hks_upgrade_key_accesser.c", 204 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_permission_check.cpp", 205 ] 206 sources += [ "hks_tmp_client.c" ] 207 208 if (huks_use_lite_storage == true) { 209 sources += [ 210 "../../../services/huks_standard/huks_engine/main/core/src/hks_keyblob_lite.c", 211 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_adapter.c", 212 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_lite.c", 213 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c", 214 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_utils.c", 215 ] 216 } else { 217 sources += [ 218 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c", 219 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c", 220 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_utils.c", 221 ] 222 } 223 224 include_dirs = [ 225 "//base/security/huks/frameworks/huks_standard/main/common/include", 226 "//base/security/huks/services/huks_standard/huks_engine/main/core/include", 227 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/include", 228 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc", 229 "//base/security/huks/services/huks_standard/huks_service/main/plugin_proxy/include", 230 ] 231 232 defines = [ 233 "LOG_ENGINE_HILOG_MODULE_SCY", 234 "HUKS_LOG_MINI_EXT_ENABLED", 235 ] 236 if (product_name == "wifiiot_hispark_pegasus") { 237 defines += [ "USE_HISI_MBED" ] 238 } 239 240 if (huks_enable_upgrade_key && !huks_use_lite_storage) { 241 defines += [ "HKS_ENABLE_UPGRADE_KEY" ] 242 } 243 244 if (enable_huks_lite_hap) { 245 defines += [ "HKS_ENABLE_LITE_HAP" ] 246 cflags += 247 [ "-DHKS_CONFIG_LITE_HAP_STORE_PATH=\"${huks_lite_hap_store_path}\"" ] 248 } 249 250 configs += [ ":hilog_lite_dir" ] 251 deps += [ "//base/hiviewdfx/hilog_lite/frameworks/mini:hilog_lite" ] 252 253 if (huks_enable_upgrade_rkc_v1tov2) { 254 # enable upgrade rkc derivation algorithm from PBKDF2 to HKDF 255 defines += [ "HKS_ENABLE_UPGRADE_RKC_DERIVE_ALG" ] 256 257 # compile code of old version 258 sources += [ "../../../frameworks/huks_standard/main/crypto_engine/rkc/src/hks_rkc_v1.c" ] 259 } 260 261 if (huks_enable_upgrade_derive_key_alg) { 262 # enable upgrade key derivation algorithm from PBKDF2 to HKDF 263 defines += [ "HKS_CHANGE_DERIVE_KEY_ALG_TO_HKDF" ] 264 } 265 266 cflags += [ "-DHKS_ENABLE_CLEAN_FILE" ] 267 } 268} else { 269 ohos_shared_library("huks_3.0_sdk") { 270 public_configs = [ ":public_huks_config" ] 271 272 configs = [] 273 configs += [ 274 "//base/security/huks/frameworks/config/build:l1_small_common_config", 275 ] 276 configs += [ ":soft_huks_config" ] 277 278 cflags = [] 279 280 deps = [] 281 deps += [ 282 "//base/security/huks/frameworks/huks_standard/main:huks_small_frameworks", 283 "//base/security/huks/utils/crypto_adapter:libhuks_utils_client_service_adapter_static", 284 "//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single", 285 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 286 ] 287 288 include_dirs = [] 289 include_dirs += [ 290 "//foundation/systemabilitymgr/samgr_lite/interfaces/kits/registry", 291 "//foundation/systemabilitymgr/samgr_lite/samgr_endpoint/source", 292 293 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc", 294 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr", 295 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include", 296 ] 297 298 sources = [] 299 300 sources = [ 301 "//base/security/huks/interfaces/inner_api/huks_standard/source/hks_api.c", 302 "//base/security/huks/interfaces/inner_api/huks_standard/source/hks_api_adapter.c", 303 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_permission_check.cpp", 304 ] 305 306 sources += [ 307 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_ipc_serialization.c", 308 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c", 309 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c", 310 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_slice.c", 311 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_samgr_client_proxy.c", 312 ] 313 314 configs += [ ":hilog_dir" ] 315 deps += [ 316 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 317 "//third_party/bounds_checking_function:libsec_shared", 318 ] 319 320 external_deps = [ 321 "hilog_lite:hilog_shared", 322 "init:libbegetutil", 323 ] 324 325 defines = [ "LOG_ENGINE_HILOG_MODULE_SCY" ] 326 } 327 328 ohos_executable("huks_server") { 329 configs = [] 330 configs += [ 331 "//base/security/huks/frameworks/config/build:l1_small_common_config", 332 ] 333 configs += [ ":soft_huks_config" ] 334 335 sources = [] 336 sources += [ "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/service_pro_main.c" ] 337 338 sources += [ 339 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_permission_check.cpp", 340 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/hks_samgr_service.c", 341 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/hks_samgr_service_feature.c", 342 ] 343 344 include_dirs = [] 345 346 include_dirs += [ 347 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include", 348 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc", 349 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa", 350 ] 351 352 deps = [] 353 deps += [ 354 "//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single", 355 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 356 ] 357 358 configs += [ ":hilog_dir" ] 359 deps += [ "//third_party/bounds_checking_function:libsec_shared" ] 360 361 deps += [ 362 "//base/security/huks/frameworks/huks_standard/main:huks_small_frameworks", 363 "//base/security/huks/services/huks_standard/huks_service/main:libhuks_service_small_static", 364 ] 365 external_deps = [ "hilog_lite:hilog_shared" ] 366 } 367 368 if (ohos_build_type == "debug") { 369 group("huks_3.0_test") { 370 deps = [ "//base/security/huks/test:unittest" ] 371 } 372 } 373 374 ohos_executable("hks_compatibility_bin") { 375 sources = [ 376 "//base/security/huks/utils/compatibility_bin/compatibility_small_bin.c", 377 ] 378 deps = [ "//third_party/bounds_checking_function:libsec_shared" ] 379 } 380} 381