# Copyright 2018 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

# This file defines library targets and other auxillary definitions that
# are used for the resulting executable targets.

import("//common-mk/dbus_glib.gni")
import("//common-mk/generate-dbus-adaptors.gni")
import("//common-mk/generate-dbus-proxies.gni")
import("//common-mk/pkg_config.gni")
import("//common-mk/proto_library.gni")

config("target_defaults") {
  defines = [
    "USE_PINWEAVER=${use.pinweaver}",
    "USE_SELINUX=${use.selinux}",
    "USE_TPM2=${use.tpm2}",
  ]
}

# Protobufs.
action("cryptohome-proto-external") {
  proto_out_dir = target_gen_dir
  dbus_proto_path = "${sysroot}/usr/include/chromeos/dbus/cryptohome"
  policy_proto_path = "${sysroot}/usr/include/proto"
  script = "external_proto_generator.py"
  inputs = [
    "${dbus_proto_path}/key.proto",
    "${dbus_proto_path}/rpc.proto",
    "${dbus_proto_path}/signed_secret.proto",
    "${policy_proto_path}/install_attributes.proto",
  ]
  outputs =
      process_file_template(inputs, [ "${proto_out_dir}/{{source_file_part}}" ])
  args = [
           "-o",
           "${target_gen_dir}",
         ] + inputs
}

pkg_config("cryptohome-proto_config") {
  pkg_deps = [ "protobuf" ]
}

proto_library("cryptohome-proto") {
  proto_in_dir = ".."
  proto_out_dir = "include"
  proto_lib_dirs = [ target_gen_dir ]

  # libcryptohome-proto.a is used by a shared_libary
  # object, so we need to build it with '-fPIC' instead of '-fPIE'.
  use_pic = true

  sources = [
    "${proto_in_dir}/attestation.proto",
    "${proto_in_dir}/boot_lockbox_key.proto",
    "${proto_in_dir}/fake_le_credential_metadata.proto",
    "${proto_in_dir}/hash_tree_leaf_data.proto",
    "${proto_in_dir}/signature_sealed_data.proto",
    "${proto_in_dir}/tpm_status.proto",
    "${proto_in_dir}/vault_keyset.proto",
  ]
  all_dependent_configs = [ ":cryptohome-proto_config" ]
  public_deps = [
    ":cryptohome-generated-proto",
  ]
}

# Files generated by cryptohome-proto-external.
# TODO(oka): merge this with cryptohome-proto allowing proto_library to take
# sources in different directories.
proto_library("cryptohome-generated-proto") {
  proto_in_dir = target_gen_dir
  proto_out_dir = "include"

  # libcryptohome-proto.a is used by a shared_libary
  # object, so we need to build it with '-fPIC' instead of '-fPIE'.
  use_pic = true
  sources = get_target_outputs(":cryptohome-proto-external")
  public_deps = [
    ":cryptohome-proto-external",
  ]
}

pkg_config("cryptohome-dbus-client_dependent_config") {
  pkg_deps = [
    "dbus-glib-1",
    "glib-2.0",
  ]
}

# D-Bus bindings.
generate_dbus_glib("cryptohome-dbus-client") {
  dbus_glib_out_dir = "include/bindings"
  dbus_glib_prefix = "cryptohome"
  dbus_glib_header_stem = "cryptohome"
  dbus_glib_type = "client"
  sources = [
    "../dbus_bindings/org.chromium.CryptohomeInterface.xml",
  ]
  all_dependent_configs = [ ":cryptohome-dbus-client_dependent_config" ]
}

pkg_config("cryptohome-dbus-server_dependent_config") {
  pkg_deps = [
    "dbus-glib-1",
    "glib-2.0",
  ]
}

generate_dbus_glib("cryptohome-dbus-server") {
  dbus_glib_out_dir = "include/bindings"
  dbus_glib_prefix = "cryptohome"
  dbus_glib_header_stem = "cryptohome"
  dbus_glib_type = "server"
  sources = [
    "../dbus_bindings/org.chromium.CryptohomeInterface.xml",
  ]
  all_dependent_configs = [ ":cryptohome-dbus-server_dependent_config" ]
}

generate_dbus_proxies("cryptohome-key-delegate-proxies") {
  proxy_output_file = "include/cryptohome_key_delegate/dbus-proxies.h"
  sources = [
    "../dbus_bindings/org.chromium.CryptohomeKeyDelegateInterface.xml",
  ]
}

pkg_config("libcrosplatform_dependent_config") {
  pkg_deps = [
    "libbrillo-${libbase_ver}",
    "libchrome-${libbase_ver}",
    "libecryptfs",
    "libmetrics-${libbase_ver}",
    "openssl",
    "vboot_host",
  ]
}

# Common objects.
static_library("libcrosplatform") {
  configs += [ ":target_defaults" ]
  sources = [
    "../cryptohome_metrics.cc",
    "../cryptolib.cc",
    "../dircrypto_util.cc",
    "../platform.cc",
  ]
  libs = [
    "keyutils",
    "secure_erase_file",
  ]
  if (use.selinux) {
    libs += [ "selinux" ]
  }
  all_dependent_configs = [ ":libcrosplatform_dependent_config" ]

  deps = [
    ":cryptohome-proto",
  ]
}

pkg_config("libcrostpm_dependent_config") {
  pkg_deps = [
    "glib-2.0",
    "libbrillo-${libbase_ver}",
    "libchrome-${libbase_ver}",
    "openssl",
  ]
}

static_library("libcrostpm") {
  configs += [ ":target_defaults" ]
  sources = [
    "../attestation.cc",
    "../bootlockbox/boot_lockbox.cc",
    "../crc32.c",
    "../crc8.c",
    "../crypto.cc",
    "../firmware_management_parameters.cc",
    "../install_attributes.cc",
    "../le_credential_manager.cc",
    "../lockbox.cc",
    "../persistent_lookup_table.cc",
    "../pkcs11_init.cc",
    "../pkcs11_keystore.cc",
    "../sign_in_hash_tree.cc",
    "../tpm.cc",
    "../tpm_init.cc",
    "../tpm_persistent_state.cc",
  ]
  libs = [
    "chaps",
    "scrypt",
  ]
  all_dependent_configs = [ ":libcrostpm_dependent_config" ]

  deps = [
    ":libcrosplatform",
  ]
  public_deps = [
    ":cryptohome-proto",
  ]

  if (use.tpm2) {
    sources += [
      "../pinweaver_le_credential_backend.cc",
      "../signature_sealing_backend_tpm2_impl.cc",
      "../tpm2_impl.cc",
      "../tpm2_metrics.cc",
    ]
    libs += [
      "trunks",
      "tpm_manager",
    ]
    deps += [ ":pinweaver-proto-external" ]
  }

  if (!use.tpm2) {
    sources += [
      "../signature_sealing_backend_tpm1_impl.cc",
      "../tpm_impl.cc",
      "../tpm_metrics.cc",
    ]
    libs += [ "tspi" ]
  }
}

pkg_config("libcryptohome_dependent_config") {
  pkg_deps = [
    "dbus-glib-1",
    "glib-2.0",
    "libbrillo-${libbase_ver}",
    "libbrillo-glib-${libbase_ver}",
    "libchrome-${libbase_ver}",
  ]
}

static_library("libcryptohome") {
  configs += [
    ":cryptohome-proto_config",
    ":target_defaults",
  ]
  sources = [
    "../arc_disk_quota.cc",
    "../attestation_task.cc",
    "../bootlockbox/boot_attributes.cc",
    "../challenge_credentials/challenge_credentials_decrypt_operation.cc",
    "../challenge_credentials/challenge_credentials_helper.cc",
    "../challenge_credentials/challenge_credentials_operation.cc",
    "../chaps_client_factory.cc",
    "../crypto.cc",
    "../cryptohome_event_source.cc",
    "../dbus_transition.cc",
    "../dircrypto_data_migrator/atomic_flag.cc",
    "../dircrypto_data_migrator/migration_helper.cc",
    "../homedirs.cc",
    "../interface.cc",
    "../key_challenge_service_impl.cc",
    "../le_credential_manager.cc",
    "../lockbox-cache.cc",
    "../mount.cc",
    "../mount_factory.cc",
    "../mount_stack.cc",
    "../mount_task.cc",
    "../obfuscated_username.cc",
    "../persistent_lookup_table.cc",
    "../service.cc",
    "../service_monolithic.cc",
    "../sign_in_hash_tree.cc",
    "../stateful_recovery.cc",
    "../user_oldest_activity_timestamp_cache.cc",
    "../user_session.cc",
    "../username_passkey.cc",
    "../vault_keyset.cc",
    "../vault_keyset_factory.cc",
  ]

  # The generated dbus headers use "register".
  cflags = [ "-Wno-deprecated-register" ]
  libs = [
    "chaps",
    "policy-${libbase_ver}",
  ]
  all_dependent_configs = [ ":libcryptohome_dependent_config" ]

  deps = [
    ":cryptohome-dbus-server",
    ":cryptohome-key-delegate-proxies",
    ":cryptohome-proto",
    ":libcrosplatform",
    ":libcrostpm",
  ]

  if (use.tpm2) {
    sources += [ "../service_distributed.cc" ]
    libs += [ "attestation" ]
    deps += [ ":libnvram-boot-lockbox-client" ]
  }
}

# Copy boot_lockbox_rpc.proto from /usr/include/chromeos/dbus.
action("bootlockbox-proto-external") {
  proto_out_dir = "${target_gen_dir}/bootlockbox"
  shared_proto_path = "${sysroot}/usr/include/chromeos/dbus/bootlockbox"
  inputs = [
    "${shared_proto_path}/boot_lockbox_rpc.proto",
  ]
  outputs =
      process_file_template(inputs, [ "${proto_out_dir}/{{source_file_part}}" ])

  script = "external_proto_generator.py"
  args = [
           "-o",
           "${proto_out_dir}",
         ] + inputs
}

pkg_config("bootlockbox-proto_config") {
  pkg_deps = [ "protobuf" ]
}

# BootLockbox rpc.proto.
proto_library("bootlockbox-proto") {
  proto_in_dir = "../bootlockbox"
  proto_lib_dirs = [ target_gen_dir ]
  proto_out_dir = "include"

  # shared_libary.
  use_pic = true
  sources = [
    "${proto_in_dir}/key_value_map.proto",
  ]
  all_dependent_configs = [ ":cryptohome-proto_config" ]
  deps = [
    ":bootlockbox-generated-proto",
  ]
}

# Files generated by bootlockbox-proto-external.
# TODO(oka): merge this with bootlockbox-proto allowing proto_library to take
# sources in different directories.
proto_library("bootlockbox-generated-proto") {
  proto_in_dir = "${target_gen_dir}/bootlockbox"
  proto_out_dir = "include"

  # shared_libary.
  use_pic = true
  sources = [
    "${target_gen_dir}/bootlockbox/boot_lockbox_rpc.proto",
  ]
  all_dependent_configs = [ ":cryptohome-proto_config" ]
  deps = [
    ":bootlockbox-proto-external",
  ]
}

generate_dbus_adaptors("bootlockbox-adaptors") {
  dbus_service_config = "../dbus_adaptors/dbus-service-config.json"
  dbus_adaptors_out_dir = "include/dbus_adaptors"
  sources = [
    "../dbus_adaptors/org.chromium.BootLockboxInterface.xml",
  ]
}

generate_dbus_proxies("bootlockbox-client-headers") {
  dbus_service_config = "../dbus_adaptors/dbus-service-config.json"
  proxy_output_file = "include/bootlockbox/dbus-proxies.h"
  mock_output_file = "include/bootlockbox/dbus-proxy-mocks.h"
  proxy_path_in_mocks = "bootlockbox/dbus-proxies.h"
  sources = [
    "../dbus_adaptors/org.chromium.BootLockboxInterface.xml",
  ]
}

if (use.tpm2) {
  proto_library("pinweaver-proto-external") {
    proto_in_dir = "${sysroot}/usr/include/proto"
    proto_out_dir = "include"
    sources = [
      "${proto_in_dir}/pinweaver.proto",
    ]
    configs = [ ":cryptohome-proto_config" ]
  }

  pkg_config("libnvram-boot-lockbox_dependent_config") {
    pkg_deps = [
      "libbrillo-${libbase_ver}",
      "libchrome-${libbase_ver}",
    ]
  }

  static_library("libnvram-boot-lockbox-client") {
    configs += [ ":target_defaults" ]
    sources = [
      "../bootlockbox/boot_lockbox_client.cc",
    ]
    all_dependent_configs = [ ":libnvram-boot-lockbox_dependent_config" ]

    deps = [
      ":bootlockbox-client-headers",
      ":bootlockbox-proto",
    ]
  }

  static_library("libnvram-boot-lockbox") {
    configs += [ ":target_defaults" ]
    sources = [
      "../bootlockbox/nvram_boot_lockbox.cc",
      "../bootlockbox/tpm2_nvspace_utility.cc",
    ]
    all_dependent_configs = [ ":libnvram-boot-lockbox_dependent_config" ]

    deps = [
      ":bootlockbox-proto",
      ":cryptohome-proto",
      ":libcrosplatform",
    ]
  }
}