| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| # This file defines library targets and other auxillary definitions that |
| # are used for the resulting executable targets. |
| |
| import("//common-mk/dbus_glib.gni") |
| import("//common-mk/generate-dbus-adaptors.gni") |
| import("//common-mk/generate-dbus-proxies.gni") |
| import("//common-mk/pkg_config.gni") |
| import("//common-mk/proto_library.gni") |
| |
| config("target_defaults") { |
| defines = [ |
| "USE_LVM_STATEFUL_PARTITION=${use.lvm_stateful_partition}", |
| "USE_PINWEAVER=${use.pinweaver}", |
| "USE_SELINUX=${use.selinux}", |
| "USE_TPM2=${use.tpm2}", |
| "USE_DOUBLE_EXTEND_PCR_ISSUE=${use.double_extend_pcr_issue}", |
| "USE_MOUNT_OOP=${use.mount_oop}", |
| "USE_USER_SESSION_ISOLATION=${use.user_session_isolation}", |
| ] |
| } |
| |
| # Protobufs. |
| action("cryptohome-proto-external") { |
| proto_out_dir = target_gen_dir |
| dbus_proto_path = "${sysroot}/usr/include/chromeos/dbus/cryptohome" |
| policy_proto_path = "${sysroot}/usr/include/proto" |
| script = "external_proto_generator.py" |
| inputs = [ |
| "${dbus_proto_path}/fido.proto", |
| "${dbus_proto_path}/key.proto", |
| "${dbus_proto_path}/rpc.proto", |
| "${dbus_proto_path}/signed_secret.proto", |
| "${dbus_proto_path}/UserDataAuth.proto", |
| "${policy_proto_path}/install_attributes.proto", |
| ] |
| outputs = |
| process_file_template(inputs, [ "${proto_out_dir}/{{source_file_part}}" ]) |
| args = [ |
| "-o", |
| "${target_gen_dir}", |
| ] + inputs |
| } |
| |
| pkg_config("cryptohome-proto_config") { |
| pkg_deps = [ "protobuf" ] |
| } |
| |
| proto_library("cryptohome-proto") { |
| proto_in_dir = ".." |
| proto_out_dir = "include/cryptohome" |
| proto_lib_dirs = [ target_gen_dir ] |
| |
| # libcryptohome-proto.a is used by a shared_libary |
| # object, so we need to build it with '-fPIC' instead of '-fPIE'. |
| use_pic = true |
| |
| sources = [ |
| "${proto_in_dir}/attestation.proto", |
| "${proto_in_dir}/boot_lockbox_key.proto", |
| "${proto_in_dir}/fake_le_credential_metadata.proto", |
| "${proto_in_dir}/hash_tree_leaf_data.proto", |
| "${proto_in_dir}/signature_sealed_data.proto", |
| "${proto_in_dir}/timestamp.proto", |
| "${proto_in_dir}/tpm_status.proto", |
| "${proto_in_dir}/vault_keyset.proto", |
| ] |
| all_dependent_configs = [ ":cryptohome-proto_config" ] |
| public_deps = [ ":cryptohome-generated-proto" ] |
| } |
| |
| # Files generated by cryptohome-proto-external. |
| # TODO(oka): merge this with cryptohome-proto allowing proto_library to take |
| # sources in different directories. |
| proto_library("cryptohome-generated-proto") { |
| proto_in_dir = target_gen_dir |
| proto_out_dir = "include/cryptohome" |
| |
| # libcryptohome-proto.a is used by a shared_libary |
| # object, so we need to build it with '-fPIC' instead of '-fPIE'. |
| use_pic = true |
| sources = get_target_outputs(":cryptohome-proto-external") |
| public_deps = [ ":cryptohome-proto-external" ] |
| } |
| |
| pkg_config("cryptohome-dbus-client_dependent_config") { |
| pkg_deps = [ |
| "dbus-glib-1", |
| "glib-2.0", |
| ] |
| } |
| |
| # D-Bus bindings. |
| generate_dbus_glib("cryptohome-dbus-client") { |
| dbus_glib_out_dir = "include/bindings" |
| dbus_glib_prefix = "cryptohome" |
| dbus_glib_header_stem = "cryptohome" |
| dbus_glib_type = "client" |
| sources = [ "../dbus_bindings/org.chromium.CryptohomeInterface.xml" ] |
| all_dependent_configs = [ ":cryptohome-dbus-client_dependent_config" ] |
| } |
| |
| pkg_config("cryptohome-dbus-server_dependent_config") { |
| pkg_deps = [ |
| "dbus-glib-1", |
| "glib-2.0", |
| ] |
| } |
| |
| generate_dbus_glib("cryptohome-dbus-server") { |
| dbus_glib_out_dir = "include/bindings" |
| dbus_glib_prefix = "cryptohome" |
| dbus_glib_header_stem = "cryptohome" |
| dbus_glib_type = "server" |
| sources = [ "../dbus_bindings/org.chromium.CryptohomeInterface.xml" ] |
| all_dependent_configs = [ ":cryptohome-dbus-server_dependent_config" ] |
| } |
| |
| generate_dbus_proxies("cryptohome-key-delegate-proxies") { |
| proxy_output_file = "include/cryptohome_key_delegate/dbus-proxies.h" |
| sources = |
| [ "../dbus_bindings/org.chromium.CryptohomeKeyDelegateInterface.xml" ] |
| } |
| |
| pkg_config("libcrosplatform_dependent_config") { |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome", |
| "libecryptfs", |
| "libmetrics", |
| "openssl", |
| "vboot_host", |
| ] |
| } |
| |
| # Common objects. |
| static_library("libcrosplatform") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../cryptohome_metrics.cc", |
| "../cryptolib.cc", |
| "../dircrypto_util.cc", |
| "../libscrypt_compat.cc", |
| "../platform.cc", |
| "../storage/encrypted_container/backing_device.cc", |
| "../storage/encrypted_container/ecryptfs_container.cc", |
| "../storage/encrypted_container/encrypted_container.cc", |
| "../storage/encrypted_container/fscrypt_container.cc", |
| "../storage/encrypted_container/loopback_device.cc", |
| ] |
| libs = [ |
| "keyutils", |
| "secure_erase_file", |
| ] |
| if (use.selinux) { |
| libs += [ "selinux" ] |
| } |
| |
| defines = [ "USE_LVM_STATEFUL_PARTIITON=${use.lvm_stateful_partition}" ] |
| if (use.lvm_stateful_partition) { |
| sources += |
| [ "../storage/encrypted_container/logical_volume_backing_device.cc" ] |
| } |
| |
| all_dependent_configs = [ ":libcrosplatform_dependent_config" ] |
| |
| deps = [ ":cryptohome-proto" ] |
| } |
| |
| pkg_config("libcrostpm_dependent_config") { |
| pkg_deps = [ |
| "glib-2.0", |
| "libbrillo", |
| "libchrome", |
| "openssl", |
| ] |
| } |
| |
| static_library("libcrostpm") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../auth_session.cc", |
| "../bootlockbox/boot_lockbox.cc", |
| "../challenge_credential_auth_block.cc", |
| "../crc8.c", |
| "../crypto.cc", |
| "../crypto_error.cc", |
| "../double_wrapped_compat_auth_block.cc", |
| "../firmware_management_parameters.cc", |
| "../install_attributes.cc", |
| "../key_objects.cc", |
| "../le_credential_manager_impl.cc", |
| "../libscrypt_compat_auth_block.cc", |
| "../lockbox.cc", |
| "../persistent_lookup_table.cc", |
| "../pin_weaver_auth_block.cc", |
| "../pkcs11_init.cc", |
| "../pkcs11_keystore.cc", |
| "../sign_in_hash_tree.cc", |
| "../tpm.cc", |
| "../tpm_auth_block_utils.cc", |
| "../tpm_bound_to_pcr_auth_block.cc", |
| "../tpm_init.cc", |
| "../tpm_not_bound_to_pcr_auth_block.cc", |
| "../tpm_persistent_state.cc", |
| "../vault_keyset.cc", |
| ] |
| libs = [ |
| "chaps", |
| "tpm_manager", |
| ] |
| all_dependent_configs = [ ":libcrostpm_dependent_config" ] |
| |
| deps = [ ":libcrosplatform" ] |
| public_deps = [ ":cryptohome-proto" ] |
| |
| if (use.tpm2) { |
| sources += [ |
| "../pinweaver_le_credential_backend.cc", |
| "../signature_sealing_backend_tpm2_impl.cc", |
| "../tpm2_impl.cc", |
| "../tpm2_metrics.cc", |
| ] |
| libs += [ "trunks" ] |
| } |
| |
| if (!use.tpm2) { |
| sources += [ |
| "../signature_sealing_backend_tpm1_impl.cc", |
| "../tpm1_static_utils.cc", |
| "../tpm_impl.cc", |
| "../tpm_metrics.cc", |
| "../tpm_new_impl.cc", |
| ] |
| libs += [ |
| "hwsec", |
| "tspi", |
| ] |
| } |
| |
| # TODO(crbug.com/1082873): Remove after fixing usage of protobuf |
| # deprecated declarations. |
| cflags_cc = [ "-Wno-error=deprecated-declarations" ] |
| } |
| |
| generate_dbus_adaptors("userdataauth_adaptors") { |
| dbus_adaptors_out_dir = "include/dbus_adaptors" |
| dbus_service_config = "../dbus_bindings/dbus-service-config-UserDataAuth.json" |
| sources = [ "../dbus_bindings/org.chromium.UserDataAuth.xml" ] |
| } |
| |
| generate_dbus_proxies("userdataauth-client-headers") { |
| dbus_service_config = "../dbus_bindings/dbus-service-config-UserDataAuth.json" |
| proxy_output_file = "include/user_data_auth/dbus-proxies.h" |
| mock_output_file = "include/user_data_auth/dbus-proxy-mocks.h" |
| proxy_path_in_mocks = "user_data_auth/dbus-proxies.h" |
| sources = [ "../dbus_bindings/org.chromium.UserDataAuth.xml" ] |
| } |
| |
| generate_dbus_adaptors("cryptohome_adaptors") { |
| dbus_adaptors_out_dir = "include/dbus_adaptors" |
| dbus_service_config = "../dbus_bindings/dbus-service-config.json" |
| sources = [ "../dbus_bindings/org.chromium.CryptohomeInterface.xml" ] |
| } |
| |
| pkg_config("libcryptohome_dependent_config") { |
| pkg_deps = [ |
| "dbus-glib-1", |
| "glib-2.0", |
| "libbrillo", |
| "libbrillo-glib", |
| "libchrome", |
| ] |
| if (use.tpm2) { |
| pkg_deps += [ "libbootlockbox-client" ] |
| } |
| } |
| |
| static_library("libcryptohome") { |
| configs += [ |
| ":cryptohome-proto_config", |
| ":target_defaults", |
| ] |
| sources = [ |
| "../aes_deprecated_password_verifier.cc", |
| "../bootlockbox/boot_attributes.cc", |
| "../challenge_credentials/challenge_credentials_constants.cc", |
| "../challenge_credentials/challenge_credentials_decrypt_operation.cc", |
| "../challenge_credentials/challenge_credentials_generate_new_operation.cc", |
| "../challenge_credentials/challenge_credentials_helper_impl.cc", |
| "../challenge_credentials/challenge_credentials_operation.cc", |
| "../challenge_credentials/challenge_credentials_verify_key_operation.cc", |
| "../challenge_credentials/fido_utils.cc", |
| "../chaps_client_factory.cc", |
| "../credentials.cc", |
| "../cryptohome_event_source.cc", |
| "../dbus_transition.cc", |
| "../dircrypto_data_migrator/atomic_flag.cc", |
| "../dircrypto_data_migrator/migration_helper.cc", |
| "../filesystem_layout.cc", |
| "../fingerprint_manager.cc", |
| "../interface.cc", |
| "../key_challenge_service_factory_impl.cc", |
| "../key_challenge_service_impl.cc", |
| "../keyset_management.cc", |
| "../lockbox-cache.cc", |
| "../service.cc", |
| "../service_distributed.cc", |
| "../service_userdataauth.cc", |
| "../stateful_recovery.cc", |
| "../storage/arc_disk_quota.cc", |
| "../storage/disk_cleanup.cc", |
| "../storage/disk_cleanup_routines.cc", |
| "../storage/file_system_keyset.cc", |
| "../storage/homedirs.cc", |
| "../storage/mount.cc", |
| "../storage/mount_constants.cc", |
| "../storage/mount_factory.cc", |
| "../storage/mount_helper.cc", |
| "../storage/mount_namespace.cc", |
| "../storage/mount_stack.cc", |
| "../storage/mount_task.cc", |
| "../storage/mount_utils.cc", |
| "../storage/out_of_process_mount_helper.cc", |
| "../storage/user_oldest_activity_timestamp_cache.cc", |
| "../user_session.cc", |
| "../userdataauth.cc", |
| "../vault_keyset_factory.cc", |
| ] |
| |
| # The generated dbus headers use "register". |
| cflags = [ "-Wno-deprecated-register" ] |
| libs = [ |
| "attestation", |
| "biod_proxy", |
| "chaps", |
| "hwsec", |
| "policy", |
| "tpm_manager", |
| ] |
| all_dependent_configs = [ ":libcryptohome_dependent_config" ] |
| |
| deps = [ |
| ":cryptohome-dbus-server", |
| ":cryptohome-key-delegate-proxies", |
| ":cryptohome-proto", |
| ":libcrosplatform", |
| ":libcrostpm", |
| ":namespace-mounter-ipc-proto", |
| ":userdataauth_adaptors", |
| ] |
| } |
| |
| generate_dbus_adaptors("bootlockbox-adaptors") { |
| dbus_service_config = "../dbus_adaptors/dbus-service-config.json" |
| dbus_adaptors_out_dir = "include/dbus_adaptors" |
| sources = [ "../dbus_adaptors/org.chromium.BootLockboxInterface.xml" ] |
| } |
| |
| if (use.tpm2) { |
| pkg_config("libnvram-boot-lockbox_dependent_config") { |
| pkg_deps = [ |
| "libbootlockbox-client", |
| "libbrillo", |
| "libchrome", |
| ] |
| } |
| |
| static_library("libnvram-boot-lockbox") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../bootlockbox/nvram_boot_lockbox.cc", |
| "../bootlockbox/tpm2_nvspace_utility.cc", |
| ] |
| all_dependent_configs = [ ":libnvram-boot-lockbox_dependent_config" ] |
| |
| deps = [ |
| ":cryptohome-proto", |
| ":libcrosplatform", |
| ] |
| } |
| } |
| |
| # cryptohome <-> cryptohome-namespace-mounter IPC proto. |
| proto_library("namespace-mounter-ipc-proto") { |
| proto_in_dir = "../cryptohome_namespace_mounter" |
| proto_out_dir = "include/cryptohome" |
| |
| sources = [ "${proto_in_dir}/namespace_mounter_ipc.proto" ] |
| configs = [ ":cryptohome-proto_config" ] |
| } |
| |
| pkg_config("libfido_config") { |
| pkg_deps = [ |
| "libbrillo", |
| "libchrome", |
| "openssl", |
| ] |
| } |
| |
| static_library("libfido") { |
| configs += [ ":target_defaults" ] |
| sources = [ |
| "../fido/attested_credential_data.cc", |
| "../fido/authenticator_data.cc", |
| "../fido/ec_public_key.cc", |
| "../fido/fido_constants.cc", |
| "../fido/fido_parsing_utils.cc", |
| "../fido/public_key.cc", |
| ] |
| libs = [ "cbor" ] |
| all_dependent_configs = [ ":libfido_config" ] |
| } |