1# Copyright (C) 2021-2022 Huawei Device Co., Ltd. 2# Licensed under the Apache License, Version 2.0 (the "License"); 3# you may not use this file except in compliance with the License. 4# You may obtain a copy of the License at 5# 6# http://www.apache.org/licenses/LICENSE-2.0 7# 8# Unless required by applicable law or agreed to in writing, software 9# distributed under the License is distributed on an "AS IS" BASIS, 10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11# See the License for the specific language governing permissions and 12# limitations under the License. 13 14import("//base/security/huks/build/config.gni") 15import("//base/security/huks/huks.gni") 16 17config("l2_standard_common_config") { 18 cflags = [] 19 if (enable_hks_coverage) { 20 cflags += [ "--coverage" ] 21 ldflags = [ "--coverage" ] 22 } 23 cflags += [ 24 "-DHKS_KEY_VERSION=${huks_key_version}", 25 "-Wall", 26 "-Werror", 27 "-fPIC", 28 ] 29 30 cflags += 31 [ "-DHKS_CONFIG_KEY_STORE_PATH=\"${huks_key_store_standard_path}\"" ] 32 33 defines = [ 34 "_HUKS_LOG_ENABLE_", 35 "L2_STANDARD", 36 "HKS_ENABLE_CLEAN_FILE", 37 "SUPPORT_STORAGE_BACKUP", 38 ] 39 if (!huks_use_rkc_in_standard) { 40 defines += [ "_HARDWARE_ROOT_KEY_" ] 41 } 42 if (huks_enable_upgrade_key) { 43 defines += [ "HKS_ENABLE_UPGRADE_KEY" ] 44 45 if (huks_enable_upgrade_derive_key_alg) { 46 # enable upgrade key derivation algorithm from PBKDF2 to HKDF 47 defines += [ "HKS_CHANGE_DERIVE_KEY_ALG_TO_HKDF" ] 48 } 49 } 50 if (enable_user_auth_framework) { 51 cflags += [ "-DHKS_SUPPORT_USER_AUTH_ACCESS_CONTROL" ] 52 } 53 if (enable_bundle_framework) { 54 cflags += [ "-DHKS_SUPPORT_GET_BUNDLE_INFO" ] 55 } 56 if (huks_use_rkc_in_standard) { 57 cflags += 58 [ "-DHKS_CONFIG_RKC_STORE_PATH=\"${huks_use_rkc_in_standard_path}\"" ] 59 defines += [ "HKS_USE_RKC_IN_STANDARD" ] 60 } 61 if (huks_enable_upgrade_key_storage_secure_level) { 62 defines += [ "HUKS_ENABLE_UPGRADE_KEY_STORAGE_SECURE_LEVEL" ] 63 cflags += [ 64 "-DHUKS_SA_UPGRADE_CONFIG=${huks_sa_upgrade_config}", 65 "-DHUKS_HAP_UPGRADE_CONFIG=${huks_hap_upgrade_config}", 66 "-DHUKS_SA_SKIP_UPGRADE_CONFIG=${huks_sa_skip_upgrade_config}", 67 "-DHUKS_HAP_SKIP_UPGRADE_CONFIG=${huks_hap_skip_upgrade_config}", 68 ] 69 if (huks_enable_skip_upgrade_key_storage_secure_level) { 70 defines += [ "HUKS_ENABLE_SKIP_UPGRADE_KEY_STORAGE_SECURE_LEVEL" ] 71 } 72 } 73} 74 75config("l1_small_common_config") { 76 cflags = [] 77 cflags += [ 78 "-DHKS_KEY_VERSION=${huks_key_version}", 79 "-Wall", 80 "-Werror", 81 "-fPIC", 82 ] 83 if (huks_use_hardware_root_key == true) { 84 cflags += [ "-D_HARDWARE_ROOT_KEY_" ] 85 } 86 if (huks_config_file != "") { 87 print(huks_config_file) 88 cflags += [ "-DHKS_CONFIG_FILE=\"${huks_config_file}\"" ] 89 } 90 91 cflags += [ "-DGET_DEV_UDID_ENABLE" ] 92 93 defines = [ 94 "_HUKS_LOG_ENABLE_", 95 "HKS_L1_SMALL", 96 ] 97 if (huks_enable_upgrade_key) { 98 defines += [ "HKS_ENABLE_UPGRADE_KEY" ] 99 100 if (huks_enable_upgrade_small_to_service) { 101 # enable upgrade key for huks transformed to service in small device 102 defines += [ "HKS_ENABLE_SMALL_TO_SERVICE" ] 103 104 if (!hks_enable_test) { 105 # enable if old path is empty stop upgrade operation for small_to_service 106 defines += [ "HKS_ENABLE_MARK_CLEARED_FOR_SMALL_TO_SERVICE" ] 107 } 108 } 109 110 if (huks_enable_upgrade_derive_key_alg) { 111 # enable upgrade key derivation algorithm from PBKDF2 to HKDF 112 defines += [ "HKS_CHANGE_DERIVE_KEY_ALG_TO_HKDF" ] 113 } 114 } 115} 116