| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| # Stop linter from complaining XXX_unittest.cc naming. |
| # TODO(cylai): rename all the unittest files and enable this linting option. |
| # gnlint: disable=GnLintSourceFileNames |
| |
| import("//common-mk/pkg_config.gni") |
| import("//common-mk/proto_library.gni") |
| |
| group("all") { |
| deps = [ |
| ":cryptohome", |
| ":cryptohome-namespace-mounter", |
| ":cryptohome-path", |
| ":cryptohome-proxy", |
| ":cryptohomed", |
| ":encrypted-reboot-vault", |
| ":homedirs_initializer", |
| ":lockbox-cache", |
| ":mount-encrypted", |
| ":mount_encrypted_lib", |
| ":tpm-manager", |
| ] |
| if (use.cert_provision) { |
| deps += [ |
| ":cert_provision", |
| ":cert_provision-proto", |
| ":cert_provision-static", |
| ":cert_provision_client", |
| ] |
| } |
| if (use.test) { |
| deps += [ |
| ":boot_lockbox_unittests", |
| ":cryptohome_testrunner", |
| ":mount_encrypted_unittests", |
| ] |
| } |
| if (use.fuzzer) { |
| deps += [ |
| ":cryptohome_cryptolib_blob_to_hex_fuzzer", |
| ":cryptohome_cryptolib_rsa_oaep_decrypt_fuzzer", |
| ":cryptohome_tpm1_cmk_migration_parser_fuzzer", |
| ] |
| } |
| if (use.tpm2) { |
| deps += [ |
| ":bootlockboxd", |
| ":bootlockboxtool", |
| ] |
| } |
| } |
| |
| # Main programs. |
| executable("cryptohome") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ "cryptohome.cc" ] |
| libs = [ |
| "chaps", |
| "keyutils", |
| "policy", |
| "pthread", |
| "scrypt", |
| ] |
| deps = [ |
| "libs:cryptohome-dbus-client", |
| "libs:cryptohome-proto", |
| "libs:cryptohome-proto-external", |
| "libs:libcrostpm", |
| "libs:libcryptohome", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "dbus-1", |
| "dbus-glib-1", |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-glib", |
| "libchrome-${libbase_ver}", |
| "libecryptfs", |
| "libmetrics-${libbase_ver}", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| "vboot_host", |
| ] |
| } |
| |
| executable("cryptohome-path") { |
| sources = [ "cryptohome-path.cc" ] |
| deps = [ |
| "libs:libcrostpm", |
| "libs:libcryptohome", |
| ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| ] |
| } |
| |
| executable("cryptohomed") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ "cryptohomed.cc" ] |
| libs = [ |
| "chaps", |
| "keyutils", |
| "policy", |
| "pthread", |
| "scrypt", |
| ] |
| deps = [ |
| "libs:libcrostpm", |
| "libs:libcryptohome", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "dbus-1", |
| "dbus-glib-1", |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-glib", |
| "libchrome-${libbase_ver}", |
| "libecryptfs", |
| "libmetrics-${libbase_ver}", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| "vboot_host", |
| ] |
| } |
| |
| # This executable is used to mount cryptohomes. |
| executable("cryptohome-namespace-mounter") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ "cryptohome_namespace_mounter/cryptohome_namespace_mounter.cc" ] |
| deps = [ |
| "libs:libcryptohome", |
| "libs:namespace-mounter-ipc-proto", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| ] |
| } |
| |
| # This executable is used for the transition between old DBus interface |
| # and the new DBus interface. |
| executable("cryptohome-proxy") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ |
| "platform.cc", |
| "proxy/cryptohome_proxy.cc", |
| "proxy/dbus_proxy_service.cc", |
| "proxy/legacy_cryptohome_interface_adaptor.cc", |
| ] |
| deps = [ |
| "libs:cryptohome-proto-external", |
| "libs:cryptohome_adaptors", |
| "libs:libcryptohome", |
| "libs:userdataauth-client-headers", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "dbus-1", |
| "libattestation-client", |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "libmetrics-${libbase_ver}", |
| "libtpm_manager-client", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| ] |
| } |
| |
| executable("lockbox-cache") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ |
| "crc32.c", |
| "dircrypto_util.cc", |
| "lockbox-cache-main.cc", |
| "lockbox-cache.cc", |
| "lockbox.cc", |
| "platform.cc", |
| ] |
| libs = [ |
| "keyutils", |
| "secure_erase_file", |
| ] |
| deps = [ |
| "libs:cryptohome-proto", |
| "libs:libcrostpm", |
| ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "libecryptfs", |
| "libmetrics-${libbase_ver}", |
| "openssl", |
| "vboot_host", |
| ] |
| } |
| |
| static_library("mount_encrypted_lib") { |
| configs += [ |
| # for USE_TPM2 |
| "libs:target_defaults", |
| ] |
| sources = [ |
| "mount_encrypted/encrypted_fs.cc", |
| "mount_encrypted/encryption_key.cc", |
| "mount_encrypted/tpm.cc", |
| ] |
| defines = [ "CHROMEOS_ENVIRONMENT=1" ] |
| deps = [ "libs:cryptohome-proto" ] |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "openssl", |
| "vboot_host", |
| ] |
| |
| if (use.tpm2) { |
| sources += [ "mount_encrypted/tpm2.cc" ] |
| |
| # This selects TPM2 code in vboot_host headers. |
| defines += [ "TPM2_MODE=1" ] |
| } else { |
| sources += [ "mount_encrypted/tpm1.cc" ] |
| } |
| } |
| |
| executable("encrypted-reboot-vault") { |
| sources = [ |
| "encrypted_reboot_vault/encrypted_reboot_vault.cc", |
| "encrypted_reboot_vault/encrypted_reboot_vault_main.cc", |
| ] |
| deps = [ "libs:libcrostpm" ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| ] |
| } |
| |
| executable("mount-encrypted") { |
| sources = [ "mount_encrypted/mount_encrypted.cc" ] |
| deps = [ |
| ":mount_encrypted_lib", |
| "libs:libcrostpm", |
| ] |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "openssl", |
| "vboot_host", |
| ] |
| } |
| |
| executable("tpm-manager") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ "tpm_manager.cc" ] |
| deps = [ "libs:libcrostpm" ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-glib", |
| "libchrome-${libbase_ver}", |
| "libecryptfs", |
| "libmetrics-${libbase_ver}", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| ] |
| |
| libs = [ |
| "tpm_manager", |
| "attestation", |
| ] |
| |
| if (use.tpm2) { |
| libs += [ "trunks" ] |
| } else { |
| libs += [ |
| "chaps", |
| "scrypt", |
| ] |
| pkg_deps += [ "vboot_host" ] |
| } |
| } |
| |
| executable("homedirs_initializer") { |
| configs += [ "libs:target_defaults" ] |
| sources = [ "homedirs_initializer.cc" ] |
| deps = [ |
| "libs:libcrostpm", |
| "libs:libcryptohome", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| ] |
| } |
| |
| if (use.cert_provision) { |
| # TODO(hidehiko): Support pkg_deps in proto_library. |
| pkg_config("cert_provision-proto_config") { |
| pkg_deps = [ "protobuf" ] |
| } |
| |
| proto_library("cert_provision-proto") { |
| proto_in_dir = "./cert" |
| proto_out_dir = "include/cert" |
| use_pic = true |
| sources = [ "cert/cert_provision.proto" ] |
| |
| # libcert_provision-proto.a is used by a shared_libary |
| all_dependent_configs = [ ":cert_provision-proto_config" ] |
| } |
| |
| shared_library("cert_provision") { |
| deps = [ ":cert_provision-static" ] |
| } |
| |
| static_library("cert_provision-static") { |
| configs += [ ":cert_provision-proto_config" ] |
| sources = [ |
| "cert/cert_provision.cc", |
| "cert/cert_provision_cryptohome.cc", |
| "cert/cert_provision_keystore.cc", |
| "cert/cert_provision_pca.cc", |
| "cert/cert_provision_util.cc", |
| ] |
| |
| # libcert_provision-static.a is used by a shared_libary |
| # object, so we need to build it with '-fPIC' instead of '-fPIE'. |
| configs -= [ "//common-mk:pie" ] |
| configs += [ "//common-mk:pic" ] |
| libs = [ |
| "chaps", |
| "pthread", |
| ] |
| public_pkg_deps = [ |
| "dbus-glib-1", |
| "libbrillo", |
| "libbrillo-glib", |
| "libchrome-${libbase_ver}", |
| "openssl", |
| "protobuf", |
| ] |
| |
| deps = [ |
| ":cert_provision-proto", |
| "libs:cryptohome-dbus-client", |
| "libs:cryptohome-proto", |
| ] |
| } |
| |
| executable("cert_provision_client") { |
| sources = [ "cert/cert_provision_client.cc" ] |
| deps = [ ":cert_provision" ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| ] |
| } |
| } |
| |
| if (use.test) { |
| executable("cryptohome_testrunner") { |
| configs += [ |
| "//common-mk:test", |
| "libs:target_defaults", |
| ] |
| sources = [ |
| "arc_disk_quota_unittest.cc", |
| "auth_block_unittest.cc", |
| "boot_attributes_unittest.cc", |
| "bootlockbox/boot_lockbox_unittest.cc", |
| "challenge_credentials/challenge_credentials_helper_impl_unittest.cc", |
| "challenge_credentials/challenge_credentials_test_utils.cc", |
| "challenge_credentials/fido_utils_unittest.cc", |
| "credentials_unittest.cc", |
| "crypto_unittest.cc", |
| "cryptohome_event_source_unittest.cc", |
| "cryptolib_unittest.cc", |
| "dircrypto_data_migrator/migration_helper_unittest.cc", |
| "disk_cleanup_routines_unittest.cc", |
| "disk_cleanup_unittest.cc", |
| "fake_le_credential_backend.cc", |
| "fingerprint_manager_unittest.cc", |
| "firmware_management_parameters_unittest.cc", |
| "homedirs_unittest.cc", |
| "install_attributes_unittest.cc", |
| "le_credential_manager_impl_unittest.cc", |
| "lockbox-cache-unittest.cc", |
| "lockbox_unittest.cc", |
| "make_tests.cc", |
| "mock_chaps_client_factory.cc", |
| "mock_disk_cleanup.cc", |
| "mock_disk_cleanup_routines.cc", |
| "mock_firmware_management_parameters.cc", |
| "mock_homedirs.cc", |
| "mock_install_attributes.cc", |
| "mock_key_challenge_service.cc", |
| "mock_keystore.cc", |
| "mock_lockbox.cc", |
| "mock_mount.cc", |
| "mock_pkcs11_init.cc", |
| "mock_platform.cc", |
| "mock_signature_sealing_backend.cc", |
| "mock_tpm.cc", |
| "mock_tpm_init.cc", |
| "mock_user_session.cc", |
| "mock_vault_keyset.cc", |
| "mount_stack_unittest.cc", |
| "mount_task_unittest.cc", |
| "mount_unittest.cc", |
| "out_of_process_mount_helper_test.cc", |
| "persistent_lookup_table_unittest.cc", |
| "pkcs11_keystore_unittest.cc", |
| "platform_unittest.cc", |
| "proxy/legacy_cryptohome_interface_adaptor.cc", |
| "proxy/legacy_cryptohome_interface_adaptor_test.cc", |
| "service_unittest.cc", |
| "sign_in_hash_tree_unittest.cc", |
| "signature_sealing_backend_test_utils.cc", |
| "stateful_recovery_unittest.cc", |
| "tpm_init_unittest.cc", |
| "tpm_persistent_state_unittest.cc", |
| "user_oldest_activity_timestamp_cache_unittest.cc", |
| "user_session_unittest.cc", |
| "vault_keyset_unittest.cc", |
| ] |
| libs = [ |
| "chaps", |
| "keyutils", |
| "policy", |
| "pthread", |
| "scrypt", |
| ] |
| deps = [ |
| "libs:bootlockbox-client-headers", |
| "libs:cryptohome-proto", |
| "libs:libcrostpm", |
| "libs:libcryptohome", |
| "//common-mk/testrunner", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "dbus-1", |
| "dbus-glib-1", |
| "glib-2.0", |
| "libattestation-client", |
| "libattestation-client-test", |
| "libbrillo", |
| "libbrillo-glib", |
| "libbrillo-test", |
| "libchrome-${libbase_ver}", |
| "libchrome-test-${libbase_ver}", |
| "libecryptfs", |
| "libmetrics-${libbase_ver}", |
| "libtpm_manager-client", |
| "libtpm_manager-client-test", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| "vboot_host", |
| ] |
| |
| if (use.tpm2) { |
| sources += [ |
| "pinweaver_le_credential_backend_unittest.cc", |
| "tpm2_test.cc", |
| ] |
| libs += [ |
| "trunks_test", |
| "tpm_manager_test", |
| ] |
| } else { |
| libs += [ "hwsec_test" ] |
| sources += [ |
| "tpm1_static_utils_unittest.cc", |
| "tpm1_test.cc", |
| "tpm_new_impl_test.cc", |
| ] |
| } |
| |
| if (use.cert_provision) { |
| sources += [ |
| "cert/cert_provision_keystore_unittest.cc", |
| "cert/cert_provision_unittest.cc", |
| ] |
| deps += [ ":cert_provision-static" ] |
| } |
| |
| if (use.cryptohome_userdataauth_interface) { |
| sources += [ "userdataauth_unittest.cc" ] |
| } |
| |
| # TODO(crbug.com/1082873): Remove after fixing usage of deprecated |
| # declarations. |
| cflags_cc = [ "-Wno-error=deprecated-declarations" ] |
| } |
| |
| executable("mount_encrypted_unittests") { |
| configs += [ |
| "//common-mk:test", |
| "libs:target_defaults", |
| ] |
| sources = [ |
| "mock_platform.cc", |
| "mount_encrypted/encrypted_fs_unittest.cc", |
| "mount_encrypted/encryption_key_unittest.cc", |
| "mount_encrypted/tlcl_stub.cc", |
| ] |
| deps = [ |
| ":mount_encrypted_lib", |
| "libs:libcrostpm", |
| "//common-mk/testrunner", |
| ] |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-test", |
| "libchrome-${libbase_ver}", |
| "libchrome-test-${libbase_ver}", |
| ] |
| |
| if (use.tpm2) { |
| defines = [ "TPM2_MODE=1" ] |
| } |
| } |
| |
| executable("boot_lockbox_unittests") { |
| configs += [ |
| "//common-mk:test", |
| "libs:target_defaults", |
| ] |
| deps = [ "//common-mk/testrunner" ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-test", |
| "libchrome-${libbase_ver}", |
| "libchrome-test-${libbase_ver}", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| ] |
| |
| if (use.tpm2) { |
| sources = [ |
| "bootlockbox/boot_lockbox_dbus_adaptor.cc", |
| "bootlockbox/boot_lockbox_service_unittest.cc", |
| "bootlockbox/fake_tpm_nvspace_utility.cc", |
| "bootlockbox/nvram_boot_lockbox_unittest.cc", |
| "bootlockbox/tpm2_nvspace_utility_unittest.cc", |
| "mock_tpm_init.cc", |
| ] |
| defines = [ "TPM2_MODE=1" ] |
| libs = [ |
| "tpm_manager", |
| "tpm_manager_test", |
| "trunks", |
| "trunks_test", |
| ] |
| deps += [ |
| ":tpm-manager", |
| "libs:bootlockbox-proto", |
| "libs:libcrostpm", |
| "libs:libnvram-boot-lockbox", |
| ] |
| } |
| } |
| } |
| |
| if (use.tpm2) { |
| executable("bootlockboxtool") { |
| defines = [ "USE_TPM2=${use.tpm2}" ] |
| deps = [ |
| "libs:bootlockbox-client-headers", |
| "libs:bootlockbox-proto", |
| "libs:libnvram-boot-lockbox", |
| "libs:libnvram-boot-lockbox-client", |
| ] |
| sources = [ "bootlockbox/boot_lockbox_tool.cc" ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "protobuf", |
| ] |
| } |
| |
| executable("bootlockboxd") { |
| deps = [ |
| "libs:bootlockbox-adaptors", |
| "libs:bootlockbox-proto", |
| "libs:libcrostpm", |
| "libs:libnvram-boot-lockbox", |
| ] |
| defines = [ "USE_TPM2=${use.tpm2}" ] |
| libs = [ |
| "scrypt", |
| "chaps", |
| "keyutils", |
| "tpm_manager", |
| "trunks", |
| ] |
| sources = [ |
| "bootlockbox/boot_lockbox_dbus_adaptor.cc", |
| "bootlockbox/boot_lockbox_service.cc", |
| "bootlockbox/boot_lockboxd.cc", |
| ] |
| |
| # NOSORT |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "libmetrics-${libbase_ver}", |
| "libecryptfs", |
| "openssl", |
| |
| # system_api depends on protobuf (or protobuf-lite). It must appear |
| # before protobuf here or the linker flags won't be in the right |
| # order. |
| "system_api", |
| "protobuf", |
| "vboot_host", |
| ] |
| } |
| } |
| |
| if (use.fuzzer) { |
| executable("cryptohome_cryptolib_rsa_oaep_decrypt_fuzzer") { |
| configs += [ "//common-mk/common_fuzzer" ] |
| sources = [ |
| "fuzzers/blob_mutator.cc", |
| "fuzzers/cryptolib_rsa_oaep_decrypt_fuzzer.cc", |
| ] |
| deps = [ "libs:libcrosplatform" ] |
| libs = [ "scrypt" ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "libchrome-test-${libbase_ver}", |
| "openssl", |
| ] |
| } |
| |
| executable("cryptohome_tpm1_cmk_migration_parser_fuzzer") { |
| configs += [ "//common-mk/common_fuzzer" ] |
| sources = [ |
| "fuzzers/blob_mutator.cc", |
| "fuzzers/tpm1_cmk_migration_parser_fuzzer.cc", |
| ] |
| deps = [ |
| "libs:libcrosplatform", |
| "libs:libcrostpm", |
| ] |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome-${libbase_ver}", |
| "libchrome-test-${libbase_ver}", |
| "openssl", |
| "system_api", |
| ] |
| } |
| |
| executable("cryptohome_cryptolib_blob_to_hex_fuzzer") { |
| configs += [ "//common-mk/common_fuzzer" ] |
| sources = [ "fuzzers/cryptolib_blob_to_hex_fuzzer.cc" ] |
| deps = [ "libs:libcrosplatform" ] |
| libs = [ "scrypt" ] |
| } |
| } |