arc/keymint/BUILD.gn - third_party/platform2 - Git at Google

 # Copyright 2023 The ChromiumOS Authors
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 # TODO(b/280102444): Disable default visibility.
 # gnlint: disable=GnLintVisibilityFlags

 import("//common-mk/install_seccomp_policy.gni")
 import("//common-mk/mojom_bindings_generator.gni")
 import("//common-mk/pkg_config.gni")
 import("//common-mk/proto_library.gni")

 keymint_src = "../../../aosp/system/keymint"
 libcppbor_src = "../../../aosp/system/libcppbor"
 libbase_src = "../../../aosp/system/libbase"
 liblog_src = "../../../aosp/system/logging/liblog"
 libcutils_src = "../../../aosp/system/core/libcutils"

 # TODO(b/285181248): When keymint is unconditionally building and deploying for
 # ARC T+, stop building arc-keymintd for ARC P/R.

 group("all") {
   deps = [ ":arc_keymint_feature_query" ]
   if (use.keymint) {
     deps += [
       ":arc-keymintd",
       ":install_arc_keymintd_policy",
       ":install_dbus_config",
       ":install_dbus_service",
       ":install_init",
     ]
   }
   if (use.test) {
     deps += [ ":arc-keymintd_testrunner" ]
   }
 }

 # Binary
 executable("arc-keymintd") {
   sources = [
     "cert_store_instance.cc",
     "conversion.cc",
     "daemon.cc",
     "keymint_logger.cc",
     "keymint_server.cc",
     "main.cc",
   ]
   libs = [ "arc-attestation" ]
   configs += [ ":boringssl_config" ]
   pkg_deps = [
     "libbrillo",
     "libchrome",
     "libmojo",
   ]
   deps = [
     ":keymint_mojo_bindings",
     ":libarckeymint_context",
     ":libcppbor_external",
     ":libkeymint",
     ":libkeymint-support",
     ":liblog",
   ]

   if (use.keymint) {
     install_path = "sbin"
   }
 }

 executable("arc_keymint_feature_query") {
   sources = [ "arc_keymint_feature_query.cc" ]
   pkg_deps = [
     "libchrome",
     "libfeatures",
   ]
   if (use.keymint) {
     install_path = "sbin"
   }
 }

 # Mojo bindings
 generate_mojom_bindings("keymint_mojo_bindings") {
   sources = [
     "mojo/cert_store.mojom",
     "mojo/keymint.mojom",
   ]
 }

 # LibKeyMint Support
 shared_library("libkeymint-support") {
   configs += [ ":support_config" ]
   deps = [
     ":libbase",
     ":libcppbor_external",
     ":libcutils",
     ":liblog",
   ]
   if (use.keymint) {
     install_path = "lib"
   }
 }

 # KeyMint Support Config
 config("support_config") {
   include_dirs = [
     "${libbase_src}/include",
     "${liblog_src}/include",
     "${libcutils_src}/include",
     "${libcppbor_src}/include/cppbor",
   ]
   cflags = [
     "-Wno-defaulted-function-deleted",
     "-Wno-format-nonliteral",
     "-Wno-implicit-fallthrough",
   ]
   defines = [
     "__ANDROID_API__=32",  # Android T
   ]
 }

 shared_library("libkeymint") {
   sources = [
     "${keymint_src}/android_keymaster/android_keymaster.cpp",
     "${keymint_src}/android_keymaster/android_keymaster_messages.cpp",
     "${keymint_src}/android_keymaster/android_keymaster_utils.cpp",
     "${keymint_src}/android_keymaster/authorization_set.cpp",
     "${keymint_src}/android_keymaster/keymaster_enforcement.cpp",
     "${keymint_src}/android_keymaster/keymaster_tags.cpp",
     "${keymint_src}/android_keymaster/logger.cpp",
     "${keymint_src}/android_keymaster/operation.cpp",
     "${keymint_src}/android_keymaster/operation_table.cpp",
     "${keymint_src}/android_keymaster/pure_soft_secure_key_storage.cpp",
     "${keymint_src}/android_keymaster/remote_provisioning_utils.cpp",
     "${keymint_src}/android_keymaster/serializable.cpp",
     "${keymint_src}/cppcose/cppcose.cpp",
     "${keymint_src}/key_blob_utils/auth_encrypted_key_blob.cpp",
     "${keymint_src}/key_blob_utils/integrity_assured_key_blob.cpp",
     "${keymint_src}/key_blob_utils/ocb.c",
     "${keymint_src}/key_blob_utils/ocb_utils.cpp",
     "${keymint_src}/key_blob_utils/software_keyblobs.cpp",
     "${keymint_src}/km_openssl/aes_key.cpp",
     "${keymint_src}/km_openssl/aes_operation.cpp",
     "${keymint_src}/km_openssl/asymmetric_key.cpp",
     "${keymint_src}/km_openssl/asymmetric_key_factory.cpp",
     "${keymint_src}/km_openssl/attestation_record.cpp",
     "${keymint_src}/km_openssl/attestation_utils.cpp",
     "${keymint_src}/km_openssl/block_cipher_operation.cpp",
     "${keymint_src}/km_openssl/certificate_utils.cpp",
     "${keymint_src}/km_openssl/ckdf.cpp",
     "${keymint_src}/km_openssl/curve25519_key.cpp",
     "${keymint_src}/km_openssl/ec_key.cpp",
     "${keymint_src}/km_openssl/ec_key_factory.cpp",
     "${keymint_src}/km_openssl/ecdh_operation.cpp",
     "${keymint_src}/km_openssl/ecdsa_operation.cpp",
     "${keymint_src}/km_openssl/ecies_kem.cpp",
     "${keymint_src}/km_openssl/hkdf.cpp",
     "${keymint_src}/km_openssl/hmac.cpp",
     "${keymint_src}/km_openssl/hmac_key.cpp",
     "${keymint_src}/km_openssl/hmac_operation.cpp",
     "${keymint_src}/km_openssl/iso18033kdf.cpp",
     "${keymint_src}/km_openssl/kdf.cpp",
     "${keymint_src}/km_openssl/nist_curve_key_exchange.cpp",
     "${keymint_src}/km_openssl/openssl_err.cpp",
     "${keymint_src}/km_openssl/openssl_utils.cpp",
     "${keymint_src}/km_openssl/rsa_key.cpp",
     "${keymint_src}/km_openssl/rsa_key_factory.cpp",
     "${keymint_src}/km_openssl/rsa_operation.cpp",
     "${keymint_src}/km_openssl/software_random_source.cpp",
     "${keymint_src}/km_openssl/symmetric_key.cpp",
     "${keymint_src}/km_openssl/triple_des_key.cpp",
     "${keymint_src}/km_openssl/triple_des_operation.cpp",
     "${keymint_src}/km_openssl/wrapped_key.cpp",
   ]
   public_configs = [ ":libkeymint_config" ]
   configs += [
     #TODO(b/280102444): Disable default visibility.
     "//common-mk:visibility_default",
     ":boringssl_config",
   ]
   deps = [
     ":libcppbor_external",
     ":liblog",
   ]
   if (use.keymint) {
     install_path = "lib"
   }
 }

 # KeyMint Config
 config("libkeymint_config") {
   include_dirs = [
     "${keymint_src}/include",
     "${libcppbor_src}/include/cppbor",
   ]
   cflags = [
     "-Wno-defaulted-function-deleted",
     "-Wno-format-nonliteral",
     "-Wno-implicit-fallthrough",
     "-Wno-unqualified-std-cast-call",
   ]
 }

 # Keymint context
 pkg_config("libarckeymint_context_config") {
   pkg_deps = [ "libsession_manager-client" ]
   libs = [ "chaps" ]
 }

 shared_library("libarckeymint_context") {
   sources = [
     # TODO(b/274723555): Add AOSP sources from KeyMint for KeyMint Context.
     "${keymint_src}/contexts/pure_soft_keymaster_context.cpp",
     "${keymint_src}/contexts/pure_soft_remote_provisioning_context.cpp",
     "${keymint_src}/contexts/soft_attestation_cert.cpp",
     "${keymint_src}/contexts/soft_attestation_context.cpp",
     "${keymint_src}/km_openssl/soft_keymaster_enforcement.cpp",
     "context/arc_keymint_context.cc",
     "context/arc_remote_provisioning_context.cc",
     "context/chaps_client.cc",
     "context/chaps_crypto_operation.cc",
     "context/context_adaptor.cc",
     "context/cros_key.cc",
     "context/crypto_operation.cc",
     "context/openssl_utils.cc",
   ]
   libs = [ "arc-attestation" ]
   public_configs = [ ":libarckeymint_context_config" ]
   configs += [
     # Needed since the keymint context doesn't follow CrOS's guidelines.
     # gnlint: disable=GnLintVisibilityFlags
     # TODO(b/280102444): Disable default visibility.
     "//common-mk:visibility_default",
     ":boringssl_config",
   ]

   # NOSORT
   pkg_deps = [
     # TODO(b/274723555): Add package dependencies for KeyMint Context.
     # system_api depends on protobuf. It must appear before protobuf here so the
     # linker flags are in the right order.
     "system_api",
     "protobuf",
   ]
   deps = [
     ":context_proto",
     ":keymint_mojo_bindings",
     ":libcppbor_external",
     ":libkeymint",
     ":liblog",
   ]
   if (use.keymint) {
     install_path = "lib"
   }
 }

 # Lib Base
 static_library("libbase") {
   sources = [
     "${libbase_src}/abi_compatibility.cpp",
     "${libbase_src}/chrono_utils.cpp",
     "${libbase_src}/cmsg.cpp",
     "${libbase_src}/errors_unix.cpp",
     "${libbase_src}/file.cpp",
     "${libbase_src}/hex.cpp",
     "${libbase_src}/logging.cpp",
     "${libbase_src}/mapped_file.cpp",
     "${libbase_src}/parsebool.cpp",
     "${libbase_src}/parsenetaddress.cpp",
     "${libbase_src}/posix_strerror_r.cpp",
     "${libbase_src}/process.cpp",
     "${libbase_src}/properties.cpp",
     "${libbase_src}/stringprintf.cpp",
     "${libbase_src}/strings.cpp",
     "${libbase_src}/test_utils.cpp",
     "${libbase_src}/threads.cpp",
   ]
   configs += [
     "//common-mk:pic",
     ":support_config",
   ]
 }

 # Liblog
 static_library("liblog") {
   sources = [
     "${liblog_src}/log_event_list.cpp",
     "${liblog_src}/log_event_write.cpp",
     "${liblog_src}/log_time.cpp",
     "${liblog_src}/logger_write.cpp",
     "${liblog_src}/logprint.cpp",
     "${liblog_src}/properties.cpp",
   ]
   configs += [
     "//common-mk:pic",
     ":support_config",
   ]
   include_dirs = [ "${liblog_src}/include" ]
   deps = [ ":libbase" ]
 }

 # LibCutils
 static_library("libcutils") {
   sources = [
     "${libcutils_src}/config_utils.cpp",
     "${libcutils_src}/hashmap.cpp",
     "${libcutils_src}/load_file.cpp",
     "${libcutils_src}/native_handle.cpp",
     "${libcutils_src}/threads.cpp",
     "${libcutils_src}/trace-host.cpp",
   ]
   configs += [
     "//common-mk:pic",
     ":support_config",
   ]
   include_dirs = [ "${libcutils_src}/include" ]
   libs = [ "rt" ]
   deps = [ ":liblog" ]
 }

 # Libcppbor
 static_library("libcppbor_external") {
   sources = [
     "${libcppbor_src}/src/cppbor.cpp",
     "${libcppbor_src}/src/cppbor_parse.cpp",
   ]
   configs += [
     "//common-mk:pic",
     ":support_config",
   ]
   include_dirs = [ "${libcppbor_src}/include/cppbor" ]
   deps = [ ":libbase" ]
 }

 # BoringSSL
 config("boringssl_config") {
   libs = [
     "boringcrypto",
     "pthread",
   ]
 }

 # Key data protobuf
 pkg_config("context_proto_config") {
   pkg_deps = [ "protobuf" ]
 }

 proto_library("context_proto") {
   proto_in_dir = "proto"
   proto_out_dir = "include/arc/keymint"
   use_pic = true
   standalone = true
   sources = [ "proto/key_data.proto" ]

   all_dependent_configs = [ ":context_proto_config" ]
 }

 # Test target
 if (use.test) {
   pkg_config("arc-keymintd_testrunner_config") {
     pkg_deps = [
       "libbrillo",
       "libchrome",
       "libchrome-test",
     ]
   }
   executable("arc-keymintd_testrunner") {
     sources = [
       "context/arc_keymint_context_test.cc",
       "context/arc_remote_provisioning_context_test.cc",
       "context/chaps_client_test.cc",
       "context/chaps_crypto_operation_test.cc",
       "context/cros_key_test.cc",
       "context/crypto_operation_test.cc",
       "context/openssl_utils_test.cc",
       "conversion.cc",
       "conversion_test.cc",
     ]
     configs += [
       "//common-mk:test",
       ":arc-keymintd_testrunner_config",
       ":boringssl_config",
     ]
     libs = [ "arc-attestation" ]
     deps = [
       ":keymint_mojo_bindings",
       ":libarckeymint_context",
       ":libcppbor_external",
       ":libkeymint",
       ":liblog",
       "//common-mk/testrunner:testrunner",
     ]
   }
 }

 # Install arc-keymintd.conf file.
 install_config("install_init") {
   sources = [ "init/arc-keymintd.conf" ]
   install_path = "upstart"
 }

 # Install dbus configuration file.
 install_config("install_dbus_config") {
   sources = [ "dbus_permissions/org.chromium.ArcKeyMint.conf" ]
   install_path = "dbus_system_d"
 }

 # Install dbus service file.
 install_config("install_dbus_service") {
   sources = [ "dbus_permissions/org.chromium.ArcKeyMint.service" ]
   install_path = "dbus_system_services"
 }

 install_seccomp_policy("install_arc_keymintd_policy") {
   arch = getenv("ARCH")
   sources = [ "seccomp/arc-keymintd-seccomp-${arch}.policy" ]
   outputs = [ "arc-keymintd-seccomp.policy" ]
   install_path = "seccomp_policy"
 }
	# Copyright 2023 The ChromiumOS Authors
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	# TODO(b/280102444): Disable default visibility.
	# gnlint: disable=GnLintVisibilityFlags

	import("//common-mk/install_seccomp_policy.gni")
	import("//common-mk/mojom_bindings_generator.gni")
	import("//common-mk/pkg_config.gni")
	import("//common-mk/proto_library.gni")

	keymint_src = "../../../aosp/system/keymint"
	libcppbor_src = "../../../aosp/system/libcppbor"
	libbase_src = "../../../aosp/system/libbase"
	liblog_src = "../../../aosp/system/logging/liblog"
	libcutils_src = "../../../aosp/system/core/libcutils"

	# TODO(b/285181248): When keymint is unconditionally building and deploying for
	# ARC T+, stop building arc-keymintd for ARC P/R.

	group("all") {
	deps = [ ":arc_keymint_feature_query" ]
	if (use.keymint) {
	deps += [
	":arc-keymintd",
	":install_arc_keymintd_policy",
	":install_dbus_config",
	":install_dbus_service",
	":install_init",
	]
	}
	if (use.test) {
	deps += [ ":arc-keymintd_testrunner" ]
	}
	}

	# Binary
	executable("arc-keymintd") {
	sources = [
	"cert_store_instance.cc",
	"conversion.cc",
	"daemon.cc",
	"keymint_logger.cc",
	"keymint_server.cc",
	"main.cc",
	]
	libs = [ "arc-attestation" ]
	configs += [ ":boringssl_config" ]
	pkg_deps = [
	"libbrillo",
	"libchrome",
	"libmojo",
	]
	deps = [
	":keymint_mojo_bindings",
	":libarckeymint_context",
	":libcppbor_external",
	":libkeymint",
	":libkeymint-support",
	":liblog",
	]

	if (use.keymint) {
	install_path = "sbin"
	}
	}

	executable("arc_keymint_feature_query") {
	sources = [ "arc_keymint_feature_query.cc" ]
	pkg_deps = [
	"libchrome",
	"libfeatures",
	]
	if (use.keymint) {
	install_path = "sbin"
	}
	}

	# Mojo bindings
	generate_mojom_bindings("keymint_mojo_bindings") {
	sources = [
	"mojo/cert_store.mojom",
	"mojo/keymint.mojom",
	]
	}

	# LibKeyMint Support
	shared_library("libkeymint-support") {
	configs += [ ":support_config" ]
	deps = [
	":libbase",
	":libcppbor_external",
	":libcutils",
	":liblog",
	]
	if (use.keymint) {
	install_path = "lib"
	}
	}

	# KeyMint Support Config
	config("support_config") {
	include_dirs = [
	"${libbase_src}/include",
	"${liblog_src}/include",
	"${libcutils_src}/include",
	"${libcppbor_src}/include/cppbor",
	]
	cflags = [
	"-Wno-defaulted-function-deleted",
	"-Wno-format-nonliteral",
	"-Wno-implicit-fallthrough",
	]
	defines = [
	"__ANDROID_API__=32", # Android T
	]
	}

	shared_library("libkeymint") {
	sources = [
	"${keymint_src}/android_keymaster/android_keymaster.cpp",
	"${keymint_src}/android_keymaster/android_keymaster_messages.cpp",
	"${keymint_src}/android_keymaster/android_keymaster_utils.cpp",
	"${keymint_src}/android_keymaster/authorization_set.cpp",
	"${keymint_src}/android_keymaster/keymaster_enforcement.cpp",
	"${keymint_src}/android_keymaster/keymaster_tags.cpp",
	"${keymint_src}/android_keymaster/logger.cpp",
	"${keymint_src}/android_keymaster/operation.cpp",
	"${keymint_src}/android_keymaster/operation_table.cpp",
	"${keymint_src}/android_keymaster/pure_soft_secure_key_storage.cpp",
	"${keymint_src}/android_keymaster/remote_provisioning_utils.cpp",
	"${keymint_src}/android_keymaster/serializable.cpp",
	"${keymint_src}/cppcose/cppcose.cpp",
	"${keymint_src}/key_blob_utils/auth_encrypted_key_blob.cpp",
	"${keymint_src}/key_blob_utils/integrity_assured_key_blob.cpp",
	"${keymint_src}/key_blob_utils/ocb.c",
	"${keymint_src}/key_blob_utils/ocb_utils.cpp",
	"${keymint_src}/key_blob_utils/software_keyblobs.cpp",
	"${keymint_src}/km_openssl/aes_key.cpp",
	"${keymint_src}/km_openssl/aes_operation.cpp",
	"${keymint_src}/km_openssl/asymmetric_key.cpp",
	"${keymint_src}/km_openssl/asymmetric_key_factory.cpp",
	"${keymint_src}/km_openssl/attestation_record.cpp",
	"${keymint_src}/km_openssl/attestation_utils.cpp",
	"${keymint_src}/km_openssl/block_cipher_operation.cpp",
	"${keymint_src}/km_openssl/certificate_utils.cpp",
	"${keymint_src}/km_openssl/ckdf.cpp",
	"${keymint_src}/km_openssl/curve25519_key.cpp",
	"${keymint_src}/km_openssl/ec_key.cpp",
	"${keymint_src}/km_openssl/ec_key_factory.cpp",
	"${keymint_src}/km_openssl/ecdh_operation.cpp",
	"${keymint_src}/km_openssl/ecdsa_operation.cpp",
	"${keymint_src}/km_openssl/ecies_kem.cpp",
	"${keymint_src}/km_openssl/hkdf.cpp",
	"${keymint_src}/km_openssl/hmac.cpp",
	"${keymint_src}/km_openssl/hmac_key.cpp",
	"${keymint_src}/km_openssl/hmac_operation.cpp",
	"${keymint_src}/km_openssl/iso18033kdf.cpp",
	"${keymint_src}/km_openssl/kdf.cpp",
	"${keymint_src}/km_openssl/nist_curve_key_exchange.cpp",
	"${keymint_src}/km_openssl/openssl_err.cpp",
	"${keymint_src}/km_openssl/openssl_utils.cpp",
	"${keymint_src}/km_openssl/rsa_key.cpp",
	"${keymint_src}/km_openssl/rsa_key_factory.cpp",
	"${keymint_src}/km_openssl/rsa_operation.cpp",
	"${keymint_src}/km_openssl/software_random_source.cpp",
	"${keymint_src}/km_openssl/symmetric_key.cpp",
	"${keymint_src}/km_openssl/triple_des_key.cpp",
	"${keymint_src}/km_openssl/triple_des_operation.cpp",
	"${keymint_src}/km_openssl/wrapped_key.cpp",
	]
	public_configs = [ ":libkeymint_config" ]
	configs += [
	#TODO(b/280102444): Disable default visibility.
	"//common-mk:visibility_default",
	":boringssl_config",
	]
	deps = [
	":libcppbor_external",
	":liblog",
	]
	if (use.keymint) {
	install_path = "lib"
	}
	}

	# KeyMint Config
	config("libkeymint_config") {
	include_dirs = [
	"${keymint_src}/include",
	"${libcppbor_src}/include/cppbor",
	]
	cflags = [
	"-Wno-defaulted-function-deleted",
	"-Wno-format-nonliteral",
	"-Wno-implicit-fallthrough",
	"-Wno-unqualified-std-cast-call",
	]
	}

	# Keymint context
	pkg_config("libarckeymint_context_config") {
	pkg_deps = [ "libsession_manager-client" ]
	libs = [ "chaps" ]
	}

	shared_library("libarckeymint_context") {
	sources = [
	# TODO(b/274723555): Add AOSP sources from KeyMint for KeyMint Context.
	"${keymint_src}/contexts/pure_soft_keymaster_context.cpp",
	"${keymint_src}/contexts/pure_soft_remote_provisioning_context.cpp",
	"${keymint_src}/contexts/soft_attestation_cert.cpp",
	"${keymint_src}/contexts/soft_attestation_context.cpp",
	"${keymint_src}/km_openssl/soft_keymaster_enforcement.cpp",
	"context/arc_keymint_context.cc",
	"context/arc_remote_provisioning_context.cc",
	"context/chaps_client.cc",
	"context/chaps_crypto_operation.cc",
	"context/context_adaptor.cc",
	"context/cros_key.cc",
	"context/crypto_operation.cc",
	"context/openssl_utils.cc",
	]
	libs = [ "arc-attestation" ]
	public_configs = [ ":libarckeymint_context_config" ]
	configs += [
	# Needed since the keymint context doesn't follow CrOS's guidelines.
	# gnlint: disable=GnLintVisibilityFlags
	# TODO(b/280102444): Disable default visibility.
	"//common-mk:visibility_default",
	":boringssl_config",
	]

	# NOSORT
	pkg_deps = [
	# TODO(b/274723555): Add package dependencies for KeyMint Context.
	# system_api depends on protobuf. It must appear before protobuf here so the
	# linker flags are in the right order.
	"system_api",
	"protobuf",
	]
	deps = [
	":context_proto",
	":keymint_mojo_bindings",
	":libcppbor_external",
	":libkeymint",
	":liblog",
	]
	if (use.keymint) {
	install_path = "lib"
	}
	}

	# Lib Base
	static_library("libbase") {
	sources = [
	"${libbase_src}/abi_compatibility.cpp",
	"${libbase_src}/chrono_utils.cpp",
	"${libbase_src}/cmsg.cpp",
	"${libbase_src}/errors_unix.cpp",
	"${libbase_src}/file.cpp",
	"${libbase_src}/hex.cpp",
	"${libbase_src}/logging.cpp",
	"${libbase_src}/mapped_file.cpp",
	"${libbase_src}/parsebool.cpp",
	"${libbase_src}/parsenetaddress.cpp",
	"${libbase_src}/posix_strerror_r.cpp",
	"${libbase_src}/process.cpp",
	"${libbase_src}/properties.cpp",
	"${libbase_src}/stringprintf.cpp",
	"${libbase_src}/strings.cpp",
	"${libbase_src}/test_utils.cpp",
	"${libbase_src}/threads.cpp",
	]
	configs += [
	"//common-mk:pic",
	":support_config",
	]
	}

	# Liblog
	static_library("liblog") {
	sources = [
	"${liblog_src}/log_event_list.cpp",
	"${liblog_src}/log_event_write.cpp",
	"${liblog_src}/log_time.cpp",
	"${liblog_src}/logger_write.cpp",
	"${liblog_src}/logprint.cpp",
	"${liblog_src}/properties.cpp",
	]
	configs += [
	"//common-mk:pic",
	":support_config",
	]
	include_dirs = [ "${liblog_src}/include" ]
	deps = [ ":libbase" ]
	}

	# LibCutils
	static_library("libcutils") {
	sources = [
	"${libcutils_src}/config_utils.cpp",
	"${libcutils_src}/hashmap.cpp",
	"${libcutils_src}/load_file.cpp",
	"${libcutils_src}/native_handle.cpp",
	"${libcutils_src}/threads.cpp",
	"${libcutils_src}/trace-host.cpp",
	]
	configs += [
	"//common-mk:pic",
	":support_config",
	]
	include_dirs = [ "${libcutils_src}/include" ]
	libs = [ "rt" ]
	deps = [ ":liblog" ]
	}

	# Libcppbor
	static_library("libcppbor_external") {
	sources = [
	"${libcppbor_src}/src/cppbor.cpp",
	"${libcppbor_src}/src/cppbor_parse.cpp",
	]
	configs += [
	"//common-mk:pic",
	":support_config",
	]
	include_dirs = [ "${libcppbor_src}/include/cppbor" ]
	deps = [ ":libbase" ]
	}

	# BoringSSL
	config("boringssl_config") {
	libs = [
	"boringcrypto",
	"pthread",
	]
	}

	# Key data protobuf
	pkg_config("context_proto_config") {
	pkg_deps = [ "protobuf" ]
	}

	proto_library("context_proto") {
	proto_in_dir = "proto"
	proto_out_dir = "include/arc/keymint"
	use_pic = true
	standalone = true
	sources = [ "proto/key_data.proto" ]

	all_dependent_configs = [ ":context_proto_config" ]
	}

	# Test target
	if (use.test) {
	pkg_config("arc-keymintd_testrunner_config") {
	pkg_deps = [
	"libbrillo",
	"libchrome",
	"libchrome-test",
	]
	}
	executable("arc-keymintd_testrunner") {
	sources = [
	"context/arc_keymint_context_test.cc",
	"context/arc_remote_provisioning_context_test.cc",
	"context/chaps_client_test.cc",
	"context/chaps_crypto_operation_test.cc",
	"context/cros_key_test.cc",
	"context/crypto_operation_test.cc",
	"context/openssl_utils_test.cc",
	"conversion.cc",
	"conversion_test.cc",
	]
	configs += [
	"//common-mk:test",
	":arc-keymintd_testrunner_config",
	":boringssl_config",
	]
	libs = [ "arc-attestation" ]
	deps = [
	":keymint_mojo_bindings",
	":libarckeymint_context",
	":libcppbor_external",
	":libkeymint",
	":liblog",
	"//common-mk/testrunner:testrunner",
	]
	}
	}

	# Install arc-keymintd.conf file.
	install_config("install_init") {
	sources = [ "init/arc-keymintd.conf" ]
	install_path = "upstart"
	}

	# Install dbus configuration file.
	install_config("install_dbus_config") {
	sources = [ "dbus_permissions/org.chromium.ArcKeyMint.conf" ]
	install_path = "dbus_system_d"
	}

	# Install dbus service file.
	install_config("install_dbus_service") {
	sources = [ "dbus_permissions/org.chromium.ArcKeyMint.service" ]
	install_path = "dbus_system_services"
	}

	install_seccomp_policy("install_arc_keymintd_policy") {
	arch = getenv("ARCH")
	sources = [ "seccomp/arc-keymintd-seccomp-${arch}.policy" ]
	outputs = [ "arc-keymintd-seccomp.policy" ]
	install_path = "seccomp_policy"
	}