1# 2# Copyright (c) 2021-2024 Huawei Device Co., Ltd. 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14# 15 16import("//base/security/huks/build/config.gni") 17import("//base/security/huks/huks.gni") 18import("//build/lite/config/component/lite_component.gni") 19import("//build/ohos.gni") 20 21config("hilog_dir") { 22 include_dirs = 23 [ "//base/hiviewdfx/hilog_lite/interfaces/native/innerkits/hilog/" ] 24} 25config("hilog_lite_dir") { 26 include_dirs = 27 [ "//base/hiviewdfx/hilog_lite/interfaces/native/kits/hilog_lite/" ] 28} 29 30config("mbedtls_engine") { 31 include_dirs = 32 [ "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/include" ] 33} 34 35config("soft_huks_config") { 36 include_dirs = [ 37 "../../../frameworks/huks_standard/main/common/include", 38 "../../../frameworks/huks_standard/main/core/include", 39 "../../../frameworks/huks_standard/main/crypto_engine/crypto_common/include", 40 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/include", 41 "../../../frameworks/huks_standard/main/crypto_engine/openssl/include", 42 "../../../frameworks/huks_standard/main/crypto_engine/rkc/include", 43 "../../../frameworks/huks_standard/main/os_dependency/ipc/include", 44 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/include", 45 "../../../services/huks_standard/huks_engine/main/core/include", 46 "../../../services/huks_standard/huks_service/main/core/include", 47 "//base/security/huks/services/huks_standard/huks_engine/main/core/include", 48 "//base/security/huks/services/huks_standard/huks_engine/main/device_cert_manager/include", 49 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/passthrough", 50 "//base/security/huks/utils/crypto_adapter", 51 "//base/security/huks/utils/file_operator", 52 "//base/security/huks/utils/list", 53 "//base/security/huks/utils/mutex", 54 "//commonlibrary/utils_lite/memory/include", 55 ] 56 57 if (board_toolchain_type != "iccarm") { 58 defines = [ "_FORTIFY_SOURCE = 2" ] 59 } 60 if (board_toolchain_type == "iccarm") { 61 cflags = [ 62 "--diag_suppress", 63 "Pe370,Pe226", 64 ] 65 defines = [ "HKS_USE_OHOS_MEM" ] 66 } else { 67 cflags = [ 68 "-fvisibility=hidden", 69 "-Wall", 70 "-Werror", 71 ] 72 } 73 74 if (disable_authenticate == true) { 75 cflags += [ "-D_CUT_AUTHENTICATE_" ] 76 } 77 78 if (ohos_kernel_type != "liteos_m") { 79 cflags += [ "-flto" ] 80 } 81 82 if (huks_use_hardware_root_key == true) { 83 cflags += [ "-D_HARDWARE_ROOT_KEY_" ] 84 } 85 86 if (huks_use_lite_storage == true) { 87 cflags += [ "-D_STORAGE_LITE_" ] 88 } else { 89 if (ohos_kernel_type == "liteos_a") { 90 cflags += [ "-D_BSD_SOURCE" ] 91 } else { 92 cflags += [ "-D_DEFAULT_SOURCE" ] 93 } 94 } 95 96 if (ohos_kernel_type != "liteos_m" || huks_enable_log == true) { 97 cflags += [ "-D_HUKS_LOG_ENABLE_" ] 98 } 99 100 if (huks_config_file != "") { 101 print(huks_config_file) 102 cflags += [ "-DHKS_CONFIG_FILE=\"${huks_config_file}\"" ] 103 } 104 105 cflags += [ 106 "-DHKS_CONFIG_KEY_STORE_PATH=\"${huks_key_store_path}\"", 107 "-DHKS_KEY_VERSION=${huks_key_version}", 108 ] 109} 110 111config("public_huks_config") { 112 include_dirs = [ "../../../interfaces/inner_api/huks_standard/main/include" ] 113} 114 115#begin: add 116if (ohos_kernel_type == "liteos_m") { 117 ohos_static_library("huks_3.0_sdk") { 118 public_configs = [ ":public_huks_config" ] 119 configs = [ ":soft_huks_config" ] 120 121 sources = [] 122 123 cflags = [] 124 125 deps = [] 126 127 if (huks_use_mbedtls == true) { 128 sources += [ 129 "../../../frameworks/huks_standard/main/crypto_engine/crypto_common/src/hks_core_ability.c", 130 "../../../frameworks/huks_standard/main/crypto_engine/crypto_common/src/hks_core_get_main_key.c", 131 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_crypto_ed25519.c", 132 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ability.c", 133 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_aes.c", 134 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_bn.c", 135 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_common.c", 136 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecc.c", 137 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecdh.c", 138 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_ecdsa.c", 139 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_engine.c", 140 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_hash.c", 141 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_hmac.c", 142 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_kdf.c", 143 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_rsa.c", 144 "../../../frameworks/huks_standard/main/crypto_engine/mbedtls/src/hks_mbedtls_x25519.c", 145 "../../../frameworks/huks_standard/main/crypto_engine/rkc/src/hks_rkc.c", 146 "../../../frameworks/huks_standard/main/crypto_engine/rkc/src/hks_rkc_rw.c", 147 ] 148 149 if (huks_dependency_mbedtls_path != "") { 150 deps += [ huks_dependency_mbedtls_path ] 151 } else { 152 deps += [ "//third_party/mbedtls" ] 153 } 154 } 155 156 sources += [ 157 "../../../frameworks/huks_standard/main/common/src/hks_ability.c", 158 "../../../frameworks/huks_standard/main/common/src/hks_base_check.c", 159 "../../../frameworks/huks_standard/main/common/src/hks_check_paramset.c", 160 "../../../frameworks/huks_standard/main/common/src/hks_common_check.c", 161 "../../../frameworks/huks_standard/main/common/src/hks_crypto_adapter.c", 162 "../../../frameworks/huks_standard/main/common/src/hks_param.c", 163 "../../../frameworks/huks_standard/main/common/src/hks_tags_type_manager.c", 164 "../../../frameworks/huks_standard/main/core/src/hks_local_engine.c", 165 "../../../frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_passthrough.c", 166 "../../../frameworks/huks_standard/main/os_dependency/posix/hks_mem.c", 167 "../../../frameworks/huks_standard/main/os_dependency/posix/hks_util.c", 168 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/src/hks_get_process_info_passthrough.c", 169 "../../../frameworks/huks_standard/main/os_dependency/sysinfo/src/hks_get_udid.c", 170 "../../../interfaces/inner_api/huks_standard/source/hks_api.c", 171 "../../../interfaces/inner_api/huks_standard/source/hks_api_adapter.c", 172 "../../../services/huks_standard/huks_engine/main/core/src/hks_auth.c", 173 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_interfaces.c", 174 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_attest.c", 175 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_chipset_platform_derive.c", 176 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_generate.c", 177 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_operate_one_stage.c", 178 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_operate_three_stage.c", 179 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_key_other.c", 180 "../../../services/huks_standard/huks_engine/main/core/src/hks_core_service_three_stage.c", 181 "../../../services/huks_standard/huks_engine/main/core/src/hks_keyblob.c", 182 "../../../services/huks_standard/huks_engine/main/core/src/hks_keynode.c", 183 "../../../services/huks_standard/huks_engine/main/core/src/hks_secure_access.c", 184 "../../../services/huks_standard/huks_engine/main/core/src/hks_sm_import_wrap_key.c", 185 "../../../services/huks_standard/huks_service/main/core/src/hks_client_check.c", 186 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service.c", 187 "../../../services/huks_standard/huks_service/main/core/src/hks_client_service_util.c", 188 "../../../services/huks_standard/huks_service/main/core/src/hks_hitrace.c", 189 "../../../services/huks_standard/huks_service/main/core/src/hks_report.c", 190 "../../../services/huks_standard/huks_service/main/core/src/hks_session_manager.c", 191 "../../../services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_access.c", 192 "../../../services/huks_standard/huks_service/main/os_dependency/idl/passthrough/huks_core_static_hal.c", 193 "../../../services/huks_standard/huks_service/main/plugin_proxy/src/hks_plugin_adapter_mock.c", 194 "../../../utils/crypto_adapter/hks_client_service_adapter_common.c", 195 "../../../utils/crypto_adapter/hks_client_service_adapter_lite.c", 196 "../../../utils/file_operator/hks_file_operator_lite.c", 197 "../../../utils/list/hks_double_list.c", 198 "../../../utils/mutex/hks_mutex.c", 199 "//base/security/huks/services/huks_standard/huks_engine/main/core/src/hks_upgrade_key.c", 200 "//base/security/huks/services/huks_standard/huks_service/main/core/src/hks_upgrade_helper.c", 201 "//base/security/huks/services/huks_standard/huks_service/main/core/src/hks_upgrade_key_accesser.c", 202 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_permission_check.cpp", 203 ] 204 sources += [ "hks_tmp_client.c" ] 205 206 if (huks_use_lite_storage == true) { 207 sources += [ 208 "../../../services/huks_standard/huks_engine/main/core/src/hks_keyblob_lite.c", 209 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_adapter.c", 210 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_lite.c", 211 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c", 212 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_utils.c", 213 ] 214 } else { 215 sources += [ 216 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage.c", 217 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_manager.c", 218 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/src/hks_storage_utils.c", 219 ] 220 } 221 222 include_dirs = [ 223 "//base/security/huks/frameworks/huks_standard/main/common/include", 224 "//base/security/huks/services/huks_standard/huks_engine/main/core/include", 225 "//base/security/huks/services/huks_standard/huks_service/main/hks_storage/include", 226 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc", 227 "//base/security/huks/services/huks_standard/huks_service/main/plugin_proxy/include", 228 ] 229 230 defines = [ 231 "LOG_ENGINE_HILOG_MODULE_SCY", 232 "HUKS_LOG_MINI_EXT_ENABLED", 233 ] 234 if (product_name == "wifiiot_hispark_pegasus") { 235 defines += [ "USE_HISI_MBED" ] 236 } 237 238 if (huks_enable_upgrade_key && !huks_use_lite_storage) { 239 defines += [ "HKS_ENABLE_UPGRADE_KEY" ] 240 } 241 242 if (enable_huks_lite_hap) { 243 defines += [ "HKS_ENABLE_LITE_HAP" ] 244 cflags += 245 [ "-DHKS_CONFIG_LITE_HAP_STORE_PATH=\"${huks_lite_hap_store_path}\"" ] 246 } 247 248 configs += [ ":hilog_lite_dir" ] 249 deps += [ "//base/hiviewdfx/hilog_lite/frameworks/mini:hilog_lite" ] 250 251 if (huks_enable_upgrade_rkc_v1tov2) { 252 # enable upgrade rkc derivation algorithm from PBKDF2 to HKDF 253 defines += [ "HKS_ENABLE_UPGRADE_RKC_DERIVE_ALG" ] 254 255 # compile code of old version 256 sources += [ "../../../frameworks/huks_standard/main/crypto_engine/rkc/src/hks_rkc_v1.c" ] 257 } 258 259 if (huks_enable_upgrade_derive_key_alg) { 260 # enable upgrade key derivation algorithm from PBKDF2 to HKDF 261 defines += [ "HKS_CHANGE_DERIVE_KEY_ALG_TO_HKDF" ] 262 } 263 264 cflags += [ "-DHKS_ENABLE_CLEAN_FILE" ] 265 } 266} else { 267 ohos_shared_library("huks_3.0_sdk") { 268 public_configs = [ ":public_huks_config" ] 269 270 configs = [] 271 configs += [ 272 "//base/security/huks/frameworks/config/build:l1_small_common_config", 273 ] 274 configs += [ ":soft_huks_config" ] 275 276 cflags = [] 277 278 deps = [] 279 deps += [ 280 "//base/security/huks/frameworks/huks_standard/main:huks_small_frameworks", 281 "//base/security/huks/utils/crypto_adapter:libhuks_utils_client_service_adapter_static", 282 "//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single", 283 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 284 ] 285 286 include_dirs = [] 287 include_dirs += [ 288 "//foundation/systemabilitymgr/samgr_lite/interfaces/kits/registry", 289 "//foundation/systemabilitymgr/samgr_lite/samgr_endpoint/source", 290 291 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc", 292 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr", 293 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include", 294 ] 295 296 sources = [] 297 298 sources = [ 299 "//base/security/huks/interfaces/inner_api/huks_standard/source/hks_api.c", 300 "//base/security/huks/interfaces/inner_api/huks_standard/source/hks_api_adapter.c", 301 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_permission_check.cpp", 302 ] 303 304 sources += [ 305 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_ipc_serialization.c", 306 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_client_service_ipc.c", 307 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_check.c", 308 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_ipc_slice.c", 309 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/src/hks_samgr_client_proxy.c", 310 ] 311 312 configs += [ ":hilog_dir" ] 313 deps += [ 314 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 315 "//third_party/bounds_checking_function:libsec_shared", 316 ] 317 318 external_deps = [ 319 "hilog_lite:hilog_shared", 320 "init:libbegetutil", 321 ] 322 323 defines = [ "LOG_ENGINE_HILOG_MODULE_SCY" ] 324 } 325 326 ohos_executable("huks_server") { 327 configs = [] 328 configs += [ 329 "//base/security/huks/frameworks/config/build:l1_small_common_config", 330 ] 331 configs += [ ":soft_huks_config" ] 332 333 sources = [] 334 sources += [ "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/service_pro_main.c" ] 335 336 sources += [ 337 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc/hks_permission_check.cpp", 338 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/hks_samgr_service.c", 339 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa/sa_mgr/hks_samgr_service_feature.c", 340 ] 341 342 include_dirs = [] 343 344 include_dirs += [ 345 "//base/security/huks/frameworks/huks_standard/main/os_dependency/ipc/include", 346 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/idl/ipc", 347 "//base/security/huks/services/huks_standard/huks_service/main/os_dependency/sa", 348 ] 349 350 deps = [] 351 deps += [ 352 "//foundation/communication/ipc/interfaces/innerkits/c/ipc:ipc_single", 353 "//foundation/systemabilitymgr/samgr_lite/samgr:samgr", 354 ] 355 356 configs += [ ":hilog_dir" ] 357 deps += [ "//third_party/bounds_checking_function:libsec_shared" ] 358 359 deps += [ 360 "//base/security/huks/frameworks/huks_standard/main:huks_small_frameworks", 361 "//base/security/huks/services/huks_standard/huks_service/main:libhuks_service_small_static", 362 ] 363 external_deps = [ "hilog_lite:hilog_shared" ] 364 } 365 366 if (ohos_build_type == "debug") { 367 group("huks_3.0_test") { 368 deps = [ "//base/security/huks/test:unittest" ] 369 } 370 } 371 372 ohos_executable("hks_compatibility_bin") { 373 sources = [ 374 "//base/security/huks/utils/compatibility_bin/compatibility_small_bin.c", 375 ] 376 deps = [ "//third_party/bounds_checking_function:libsec_shared" ] 377 } 378} 379