blob: a8c06cf06dd70051c2517b07e83288fd73765297 [file] [log] [blame]
# Copyright 2018 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Stop linter from complaining XXX_unittest.cc naming.
# TODO(cylai): rename all the unittest files and enable this linting option.
# gnlint: disable=GnLintSourceFileNames
import("//common-mk/pkg_config.gni")
import("//common-mk/proto_library.gni")
group("all") {
deps = [
":cryptohome",
":cryptohome-namespace-mounter",
":cryptohome-path",
":cryptohome-proxy",
":cryptohomed",
":encrypted-reboot-vault",
":homedirs_initializer",
":lockbox-cache",
":mount-encrypted",
":mount_encrypted_lib",
":tpm-manager",
]
if (use.cert_provision) {
deps += [
":cert_provision",
":cert_provision-proto",
":cert_provision-static",
":cert_provision_client",
]
}
if (use.test) {
deps += [
":boot_lockbox_unittests",
":cryptohome_testrunner",
":mount_encrypted_unittests",
]
}
if (use.fuzzer) {
deps += [
":cryptohome_cryptolib_blob_to_hex_fuzzer",
":cryptohome_cryptolib_rsa_oaep_decrypt_fuzzer",
":cryptohome_tpm1_cmk_migration_parser_fuzzer",
]
}
if (use.tpm2) {
deps += [
":bootlockboxd",
":bootlockboxtool",
]
}
}
# Main programs.
executable("cryptohome") {
configs += [ "libs:target_defaults" ]
sources = [ "cryptohome.cc" ]
libs = [
"chaps",
"keyutils",
"policy",
"pthread",
]
deps = [
"libs:cryptohome-dbus-client",
"libs:cryptohome-proto",
"libs:cryptohome-proto-external",
"libs:libcrostpm",
"libs:libcryptohome",
]
# NOSORT
pkg_deps = [
"dbus-1",
"dbus-glib-1",
"glib-2.0",
"libbrillo",
"libbrillo-glib",
"libchrome",
"libecryptfs",
"libmetrics",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
"vboot_host",
]
}
executable("cryptohome-path") {
sources = [ "cryptohome-path.cc" ]
deps = [
"libs:libcrostpm",
"libs:libcryptohome",
]
# NOSORT
pkg_deps = [
"libbrillo",
"libchrome",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
}
executable("cryptohomed") {
configs += [ "libs:target_defaults" ]
sources = [ "cryptohomed.cc" ]
libs = [
"chaps",
"keyutils",
"policy",
"pthread",
]
deps = [
"libs:libcrostpm",
"libs:libcryptohome",
]
# NOSORT
pkg_deps = [
"dbus-1",
"dbus-glib-1",
"glib-2.0",
"libbootlockbox-client",
"libbrillo",
"libbrillo-glib",
"libchrome",
"libecryptfs",
"libmetrics",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
"vboot_host",
]
}
# This executable is used to mount cryptohomes.
executable("cryptohome-namespace-mounter") {
configs += [ "libs:target_defaults" ]
sources = [ "cryptohome_namespace_mounter/cryptohome_namespace_mounter.cc" ]
deps = [
"libs:libcryptohome",
"libs:namespace-mounter-ipc-proto",
]
# NOSORT
pkg_deps = [
"libbrillo",
"libchrome",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
}
# This executable is used for the transition between old DBus interface
# and the new DBus interface.
executable("cryptohome-proxy") {
configs += [ "libs:target_defaults" ]
sources = [
"platform.cc",
"proxy/cryptohome_proxy.cc",
"proxy/dbus_proxy_service.cc",
"proxy/legacy_cryptohome_interface_adaptor.cc",
]
deps = [
"libs:cryptohome-proto-external",
"libs:cryptohome_adaptors",
"libs:libcryptohome",
"libs:userdataauth-client-headers",
]
# NOSORT
pkg_deps = [
"dbus-1",
"libattestation-client",
"libbrillo",
"libchrome",
"libmetrics",
"libtpm_manager-client",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
}
executable("lockbox-cache") {
configs += [ "libs:target_defaults" ]
sources = [
"dircrypto_util.cc",
"lockbox-cache-main.cc",
"lockbox-cache.cc",
"lockbox.cc",
"platform.cc",
]
libs = [
"keyutils",
"secure_erase_file",
]
deps = [
"libs:cryptohome-proto",
"libs:libcrostpm",
]
pkg_deps = [
"libbrillo",
"libchrome",
"libecryptfs",
"libmetrics",
"openssl",
"vboot_host",
]
}
static_library("mount_encrypted_lib") {
configs += [
# for USE_TPM2
"libs:target_defaults",
]
sources = [
"mount_encrypted/encrypted_fs.cc",
"mount_encrypted/encryption_key.cc",
"mount_encrypted/tpm.cc",
]
defines = [ "CHROMEOS_ENVIRONMENT=1" ]
deps = [ "libs:cryptohome-proto" ]
pkg_deps = [
"glib-2.0",
"libbrillo",
"libchrome",
"openssl",
"vboot_host",
]
if (use.tpm2) {
sources += [ "mount_encrypted/tpm2.cc" ]
# This selects TPM2 code in vboot_host headers.
defines += [ "TPM2_MODE=1" ]
} else {
sources += [ "mount_encrypted/tpm1.cc" ]
}
}
executable("encrypted-reboot-vault") {
sources = [
"encrypted_reboot_vault/encrypted_reboot_vault.cc",
"encrypted_reboot_vault/encrypted_reboot_vault_main.cc",
]
deps = [ "libs:libcrostpm" ]
pkg_deps = [
"libbrillo",
"libchrome",
]
}
executable("mount-encrypted") {
sources = [ "mount_encrypted/mount_encrypted.cc" ]
deps = [
":mount_encrypted_lib",
"libs:libcrostpm",
]
pkg_deps = [
"glib-2.0",
"libbrillo",
"libchrome",
"openssl",
"vboot_host",
]
}
executable("tpm-manager") {
configs += [ "libs:target_defaults" ]
sources = [ "tpm_manager.cc" ]
deps = [ "libs:libcrostpm" ]
# NOSORT
pkg_deps = [
"glib-2.0",
"libbrillo",
"libbrillo-glib",
"libchrome",
"libecryptfs",
"libmetrics",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
libs = [
"tpm_manager",
"attestation",
]
if (use.tpm2) {
libs += [ "trunks" ]
} else {
libs += [ "chaps" ]
pkg_deps += [ "vboot_host" ]
}
}
executable("homedirs_initializer") {
configs += [ "libs:target_defaults" ]
sources = [ "homedirs_initializer.cc" ]
deps = [
"libs:libcrostpm",
"libs:libcryptohome",
]
# NOSORT
pkg_deps = [
"libbrillo",
"libchrome",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
}
if (use.cert_provision) {
# TODO(hidehiko): Support pkg_deps in proto_library.
pkg_config("cert_provision-proto_config") {
pkg_deps = [ "protobuf" ]
}
proto_library("cert_provision-proto") {
proto_in_dir = "./cert"
proto_out_dir = "include/cert"
use_pic = true
sources = [ "cert/cert_provision.proto" ]
# libcert_provision-proto.a is used by a shared_libary
all_dependent_configs = [ ":cert_provision-proto_config" ]
}
shared_library("cert_provision") {
deps = [ ":cert_provision-static" ]
}
static_library("cert_provision-static") {
configs += [ ":cert_provision-proto_config" ]
sources = [
"cert/cert_provision.cc",
"cert/cert_provision_keystore.cc",
"cert/cert_provision_util.cc",
]
# libcert_provision-static.a is used by a shared_libary
# object, so we need to build it with '-fPIC' instead of '-fPIE'.
configs -= [ "//common-mk:pie" ]
configs += [ "//common-mk:pic" ]
libs = [
"chaps",
"pthread",
]
# NOSORT
public_pkg_deps = [
"dbus-glib-1",
"libattestation-client",
"libbrillo",
"libbrillo-glib",
"libchrome",
"openssl",
"protobuf",
]
deps = [
":cert_provision-proto",
"libs:cryptohome-dbus-client",
"libs:cryptohome-proto",
]
}
executable("cert_provision_client") {
sources = [ "cert/cert_provision_client.cc" ]
deps = [ ":cert_provision" ]
public_pkg_deps = [ "system_api" ]
pkg_deps = [
"libbrillo",
"libchrome",
]
}
}
if (use.test) {
executable("cryptohome_testrunner") {
configs += [
"//common-mk:test",
"libs:target_defaults",
]
sources = [
"auth_block_unittest.cc",
"auth_session_unittest.cc",
"boot_attributes_unittest.cc",
"bootlockbox/boot_lockbox_unittest.cc",
"challenge_credentials/challenge_credentials_helper_impl_unittest.cc",
"challenge_credentials/challenge_credentials_test_utils.cc",
"challenge_credentials/fido_utils_unittest.cc",
"crc32_unittest.cc",
"credentials_unittest.cc",
"crypto_unittest.cc",
"cryptohome_event_source_unittest.cc",
"cryptolib_unittest.cc",
"dircrypto_data_migrator/migration_helper_unittest.cc",
"fake_le_credential_backend.cc",
"fake_platform.cc",
"fido/make_credential_response_test.cc",
"fingerprint_manager_unittest.cc",
"firmware_management_parameters_unittest.cc",
"install_attributes_unittest.cc",
"keyset_management_unittest.cc",
"le_credential_manager_impl_unittest.cc",
"lockbox-cache-unittest.cc",
"lockbox_unittest.cc",
"make_tests.cc",
"mock_chaps_client_factory.cc",
"mock_firmware_management_parameters.cc",
"mock_install_attributes.cc",
"mock_key_challenge_service.cc",
"mock_keystore.cc",
"mock_lockbox.cc",
"mock_pkcs11_init.cc",
"mock_platform.cc",
"mock_signature_sealing_backend.cc",
"mock_tpm.cc",
"mock_tpm_init.cc",
"mock_vault_keyset.cc",
"password_verifier_unittest.cc",
"persistent_lookup_table_unittest.cc",
"pkcs11_keystore_unittest.cc",
"platform_unittest.cc",
"proxy/legacy_cryptohome_interface_adaptor.cc",
"proxy/legacy_cryptohome_interface_adaptor_test.cc",
"service_unittest.cc",
"sign_in_hash_tree_unittest.cc",
"signature_sealing_backend_test_utils.cc",
"stateful_recovery_unittest.cc",
"storage/arc_disk_quota_unittest.cc",
"storage/disk_cleanup_routines_unittest.cc",
"storage/disk_cleanup_unittest.cc",
"storage/encrypted_container/ecryptfs_container_test.cc",
"storage/encrypted_container/fscrypt_container_test.cc",
"storage/encrypted_container/loopback_device_test.cc",
"storage/homedirs_unittest.cc",
"storage/mock_disk_cleanup.cc",
"storage/mock_disk_cleanup_routines.cc",
"storage/mock_mount.cc",
"storage/mount_stack_unittest.cc",
"storage/mount_task_unittest.cc",
"storage/mount_unittest.cc",
"storage/out_of_process_mount_helper_test.cc",
"storage/user_oldest_activity_timestamp_cache_unittest.cc",
"tpm_init_unittest.cc",
"tpm_persistent_state_unittest.cc",
"user_session_unittest.cc",
"userdataauth_unittest.cc",
"vault_keyset_unittest.cc",
]
libs = [
"chaps",
"keyutils",
"policy",
"pthread",
]
deps = [
"libs:cryptohome-proto",
"libs:libcrostpm",
"libs:libcryptohome",
"libs:libfido",
"//common-mk/testrunner",
]
# NOSORT
pkg_deps = [
"dbus-1",
"dbus-glib-1",
"glib-2.0",
"libattestation-client",
"libattestation-client-test",
"libbrillo",
"libbrillo-glib",
"libbrillo-test",
"libchrome",
"libchrome-test",
"libecryptfs",
"libmetrics",
"libtpm_manager-client",
"libtpm_manager-client-test",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
"vboot_host",
]
if (use.tpm2) {
sources += [
"pinweaver_le_credential_backend_unittest.cc",
"tpm2_test.cc",
]
libs += [
"trunks_test",
"tpm_manager_test",
]
} else {
libs += [ "hwsec_test" ]
sources += [
"tpm1_static_utils_unittest.cc",
"tpm1_test.cc",
"tpm_new_impl_test.cc",
]
}
if (use.cert_provision) {
sources += [
"cert/cert_provision_keystore_unittest.cc",
"cert/cert_provision_unittest.cc",
]
deps += [ ":cert_provision-static" ]
}
if (use.lvm_stateful_partition) {
sources += [
"storage/encrypted_container/logical_volume_backing_device_test.cc",
]
}
# TODO(crbug.com/1082873): Remove after fixing usage of deprecated
# declarations.
cflags_cc = [ "-Wno-error=deprecated-declarations" ]
}
executable("mount_encrypted_unittests") {
configs += [
"//common-mk:test",
"libs:target_defaults",
]
sources = [
"fake_platform.cc",
"mock_platform.cc",
"mount_encrypted/encrypted_fs_unittest.cc",
"mount_encrypted/encryption_key_unittest.cc",
"mount_encrypted/tlcl_stub.cc",
]
deps = [
":mount_encrypted_lib",
"libs:libcrostpm",
"//common-mk/testrunner",
]
pkg_deps = [
"glib-2.0",
"libbrillo",
"libbrillo-test",
"libchrome",
"libchrome-test",
]
if (use.tpm2) {
defines = [ "TPM2_MODE=1" ]
}
}
executable("boot_lockbox_unittests") {
configs += [
"//common-mk:test",
"libs:target_defaults",
]
deps = [ "//common-mk/testrunner" ]
# NOSORT
pkg_deps = [
"glib-2.0",
"libbrillo",
"libbrillo-test",
"libchrome",
"libchrome-test",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
if (use.tpm2) {
sources = [
"bootlockbox/boot_lockbox_dbus_adaptor.cc",
"bootlockbox/boot_lockbox_service_unittest.cc",
"bootlockbox/fake_tpm_nvspace_utility.cc",
"bootlockbox/nvram_boot_lockbox_unittest.cc",
"bootlockbox/tpm2_nvspace_utility_unittest.cc",
"mock_tpm_init.cc",
]
defines = [ "TPM2_MODE=1" ]
libs = [
"tpm_manager",
"tpm_manager_test",
"trunks",
"trunks_test",
]
deps += [
":tpm-manager",
"libs:libcrostpm",
"libs:libnvram-boot-lockbox",
]
}
}
}
if (use.tpm2) {
executable("bootlockboxtool") {
defines = [ "USE_TPM2=${use.tpm2}" ]
deps = [ "libs:libnvram-boot-lockbox" ]
sources = [ "bootlockbox/boot_lockbox_tool.cc" ]
# NOSORT
pkg_deps = [
"libbootlockbox-client",
"libbrillo",
"libchrome",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
]
}
executable("bootlockboxd") {
deps = [
"libs:bootlockbox-adaptors",
"libs:libcrostpm",
"libs:libnvram-boot-lockbox",
]
defines = [ "USE_TPM2=${use.tpm2}" ]
libs = [
"chaps",
"keyutils",
"tpm_manager",
"trunks",
]
sources = [
"bootlockbox/boot_lockbox_dbus_adaptor.cc",
"bootlockbox/boot_lockbox_service.cc",
"bootlockbox/boot_lockboxd.cc",
]
# NOSORT
pkg_deps = [
"libbrillo",
"libchrome",
"libmetrics",
"libecryptfs",
"openssl",
# system_api depends on protobuf (or protobuf-lite). It must appear
# before protobuf here or the linker flags won't be in the right
# order.
"system_api",
"protobuf",
"vboot_host",
]
}
}
if (use.fuzzer) {
executable("cryptohome_cryptolib_rsa_oaep_decrypt_fuzzer") {
configs += [ "//common-mk/common_fuzzer" ]
sources = [
"fuzzers/blob_mutator.cc",
"fuzzers/cryptolib_rsa_oaep_decrypt_fuzzer.cc",
]
deps = [ "libs:libcrosplatform" ]
pkg_deps = [
"libbrillo",
"libchrome",
"libchrome-test",
"openssl",
]
}
executable("cryptohome_tpm1_cmk_migration_parser_fuzzer") {
configs += [ "//common-mk/common_fuzzer" ]
sources = [
"fuzzers/blob_mutator.cc",
"fuzzers/tpm1_cmk_migration_parser_fuzzer.cc",
]
deps = [
"libs:libcrosplatform",
"libs:libcrostpm",
]
pkg_deps = [
"libbrillo",
"libchrome",
"libchrome-test",
"openssl",
"system_api",
]
# TODO(crbug/1144974): This is a workaround to let the fuzzer can build on TPM2 devices.
if (use.tpm2) {
sources += [
"signature_sealing_backend_tpm1_impl.cc",
"tpm1_static_utils.cc",
"tpm_impl.cc",
"tpm_metrics.cc",
"tpm_new_impl.cc",
]
deps += [ "//libhwsec:overalls_library" ]
libs = [
"hwsec",
"tspi",
]
}
}
executable("cryptohome_cryptolib_blob_to_hex_fuzzer") {
configs += [ "//common-mk/common_fuzzer" ]
sources = [ "fuzzers/cryptolib_blob_to_hex_fuzzer.cc" ]
deps = [ "libs:libcrosplatform" ]
}
}