1# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14import("//build/ohos.gni")
15import("//build/ohos/sa_profile/sa_profile.gni")
16import("../../code_signature.gni")
17
18ohos_shared_library("liblocal_code_sign") {
19  sanitize = {
20    cfi = true
21    cfi_cross_dso = true
22    debug = false
23  }
24  branch_protector_ret = "pac_ret"
25  sources = [
26    "${code_signature_root_dir}/utils/src/cert_utils.cpp",
27    "src/local_code_sign_service.cpp",
28    "src/local_code_sign_stub.cpp",
29    "src/local_sign_key.cpp",
30    "src/permission_utils.cpp",
31  ]
32  include_dirs = [
33    "include",
34    "${code_signature_root_dir}/interfaces/innerkits/local_code_sign/include",
35    "${code_signature_root_dir}/utils/include",
36  ]
37  shlib_type = "sa"
38  public_configs = [ "${code_signature_root_dir}:common_public_config" ]
39  configs = [ "${code_signature_root_dir}:common_utils_config" ]
40  deps = [ "${code_signature_root_dir}/utils:fsverity_sign_src_set" ]
41  external_deps = [
42    "access_token:libaccesstoken_sdk",
43    "access_token:libtokenid_sdk",
44    "c_utils:utils",
45    "eventhandler:libeventhandler",
46    "fsverity-utils:libfsverity_utils",
47    "hilog:libhilog",
48    "hisysevent:libhisysevent",
49    "hitrace:hitrace_meter",
50    "huks:libhukssdk",
51    "init:libbegetutil",
52    "ipc:ipc_core",
53    "openssl:libcrypto_shared",
54    "safwk:system_ability_fwk",
55    "samgr:samgr_proxy",
56  ]
57
58  part_name = "code_signature"
59  subsystem_name = "security"
60
61  install_images = [ "system" ]
62  install_enable = true
63}
64
65group("local_code_sign_configs") {
66  deps = [
67    ":local_code_sign.cfg",
68    ":local_code_sign_sa_profile",
69    ":trusted_attest_root_ca",
70  ]
71}
72
73ohos_prebuilt_etc("local_code_sign.cfg") {
74  source = "local_code_sign.cfg"
75  relative_install_dir = "init"
76  subsystem_name = "security"
77  part_name = "code_signature"
78}
79
80ohos_sa_profile("local_code_sign_sa_profile") {
81  sources = [ "sa_profile/3507.json" ]
82  part_name = "code_signature"
83}
84
85ohos_prebuilt_etc("trusted_attest_root_ca") {
86  if (!code_signature_support_oh_code_sign) {
87    source = "config/OpenHarmony/trusted_attest_root_ca.cer"
88  } else {
89    source = "config/trusted_attest_root_ca.cer"
90  }
91  part_name = "code_signature"
92  subsystem_name = "security"
93  relative_install_dir = "security"
94}
95