Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 1 | // Note that some host libraries have the same module name as the target |
| 2 | // libraries. This is currently needed to build, for example, adb. But it's |
| 3 | // probably something that should be changed. |
| 4 | |
Paul Duffin | cb6fdd2 | 2019-06-04 13:24:44 +0100 | [diff] [blame] | 5 | package { |
| 6 | default_visibility: ["//visibility:private"], |
Bob Badour | b313bb5 | 2021-02-12 15:33:59 -0800 | [diff] [blame] | 7 | default_applicable_licenses: ["external_boringssl_license"], |
| 8 | } |
| 9 | |
| 10 | // Added automatically by a large-scale-change that took the approach of |
| 11 | // 'apply every license found to every target'. While this makes sure we respect |
| 12 | // every license restriction, it may not be entirely correct. |
| 13 | // |
| 14 | // e.g. GPL in an MIT project might only apply to the contrib/ directory. |
| 15 | // |
| 16 | // Please consider splitting the single license below into multiple licenses, |
| 17 | // taking care not to lose any license_kind information, and overriding the |
| 18 | // default license using the 'licenses: [...]' property on targets as needed. |
| 19 | // |
| 20 | // For unused files, consider creating a 'fileGroup' with "//visibility:private" |
| 21 | // to attach the license to, and including a comment whether the files may be |
| 22 | // used in the current project. |
| 23 | // See: http://go/android-license-faq |
| 24 | license { |
| 25 | name: "external_boringssl_license", |
| 26 | visibility: [":__subpackages__"], |
| 27 | license_kinds: [ |
| 28 | "SPDX-license-identifier-Apache-2.0", |
| 29 | "SPDX-license-identifier-BSD", |
| 30 | "SPDX-license-identifier-ISC", |
| 31 | "SPDX-license-identifier-MIT", |
| 32 | "SPDX-license-identifier-OpenSSL", |
| 33 | "legacy_unencumbered", |
| 34 | ], |
| 35 | license_text: [ |
| 36 | "NOTICE", |
| 37 | ], |
Paul Duffin | cb6fdd2 | 2019-06-04 13:24:44 +0100 | [diff] [blame] | 38 | } |
| 39 | |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 40 | // Pull in the autogenerated sources modules |
| 41 | build = ["sources.bp"] |
| 42 | |
| 43 | // Used by libcrypto, libssl, bssl tool, and native tests |
| 44 | cc_defaults { |
| 45 | name: "boringssl_flags", |
Steven Moreland | f593be8 | 2017-04-14 04:51:23 -0700 | [diff] [blame] | 46 | vendor_available: true, |
Justin Yun | 5608329 | 2020-11-11 15:43:11 +0900 | [diff] [blame] | 47 | product_available: true, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 48 | |
| 49 | cflags: [ |
| 50 | "-fvisibility=hidden", |
| 51 | "-DBORINGSSL_SHARED_LIBRARY", |
David Benjamin | fc8a786 | 2018-06-25 19:02:46 -0400 | [diff] [blame] | 52 | "-DBORINGSSL_ANDROID_SYSTEM", |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 53 | "-DOPENSSL_SMALL", |
Chih-Hung Hsieh | 9146d99 | 2017-09-27 10:26:03 -0700 | [diff] [blame] | 54 | "-Werror", |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 55 | "-Wno-unused-parameter", |
| 56 | ], |
| 57 | |
| 58 | cppflags: [ |
| 59 | "-Wall", |
| 60 | "-Werror", |
| 61 | ], |
| 62 | |
David Benjamin | eee229f | 2022-01-28 13:36:41 -0500 | [diff] [blame] | 63 | c_std: "gnu11", |
David Benjamin | fc8a786 | 2018-06-25 19:02:46 -0400 | [diff] [blame] | 64 | |
| 65 | // Build BoringSSL and its tests against the same STL. |
| 66 | sdk_version: "9", |
| 67 | target: { |
| 68 | android: { |
| 69 | stl: "libc++_static", |
| 70 | }, |
| 71 | }, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 72 | } |
| 73 | |
| 74 | // Used by libcrypto + libssl |
| 75 | cc_defaults { |
| 76 | name: "boringssl_defaults", |
| 77 | |
| 78 | local_include_dirs: ["src/include"], |
| 79 | export_include_dirs: ["src/include"], |
David Benjamin | fc8a786 | 2018-06-25 19:02:46 -0400 | [diff] [blame] | 80 | cflags: ["-DBORINGSSL_IMPLEMENTATION"], |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 81 | } |
| 82 | |
| 83 | //// libcrypto |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 84 | cc_defaults { |
| 85 | name: "libcrypto_defaults", |
| 86 | host_supported: true, |
Yifan Hong | ca6b4e8 | 2020-10-21 18:11:12 -0700 | [diff] [blame] | 87 | ramdisk_available: true, |
| 88 | vendor_ramdisk_available: true, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 89 | |
| 90 | // Windows and Macs both have problems with assembly files |
| 91 | target: { |
| 92 | windows: { |
| 93 | enabled: true, |
| 94 | cflags: ["-DOPENSSL_NO_ASM"], |
| 95 | host_ldlibs: ["-lws2_32"], |
| 96 | }, |
| 97 | darwin: { |
| 98 | cflags: ["-DOPENSSL_NO_ASM"], |
| 99 | }, |
Kenny Root | 7b550be | 2016-09-20 15:25:24 -0700 | [diff] [blame] | 100 | host: { |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 101 | host_ldlibs: ["-lpthread"], |
| 102 | }, |
Pete Bentley | 1e9e585 | 2020-06-30 16:45:33 +0100 | [diff] [blame] | 103 | android: { |
| 104 | // On FIPS builds (i.e. Android only) prevent other libraries |
| 105 | // from pre-empting symbols in libcrypto which could affect FIPS |
| 106 | // compliance and cause integrity checks to fail. See b/160231064. |
| 107 | ldflags: ["-Wl,-Bsymbolic"], |
| 108 | }, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 109 | }, |
| 110 | |
| 111 | local_include_dirs: ["src/crypto"], |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 112 | } |
| 113 | |
| 114 | cc_object { |
| 115 | name: "bcm_object", |
| 116 | device_supported: true, |
| 117 | recovery_available: true, |
| 118 | native_bridge_supported: true, |
| 119 | defaults: [ |
| 120 | "libcrypto_bcm_sources", |
| 121 | "libcrypto_defaults", |
| 122 | "boringssl_defaults", |
| 123 | "boringssl_flags", |
| 124 | ], |
Peter Collingbourne | 22f5f87 | 2019-09-27 15:32:38 -0700 | [diff] [blame] | 125 | sanitize: { |
| 126 | address: false, |
Tobias Thierer | 6204b54 | 2019-10-18 21:55:05 +0100 | [diff] [blame] | 127 | hwaddress: false, |
Mitch Phillips | f5a6078 | 2019-12-10 08:47:30 -0800 | [diff] [blame] | 128 | fuzzer: false, |
Peter Collingbourne | 22f5f87 | 2019-09-27 15:32:38 -0700 | [diff] [blame] | 129 | }, |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 130 | target: { |
| 131 | android: { |
| 132 | cflags: [ |
| 133 | "-DBORINGSSL_FIPS", |
| 134 | "-fPIC", |
Pete Bentley | 1d07cf8 | 2019-10-18 12:49:31 +0100 | [diff] [blame] | 135 | // -fno[data|text]-sections required to ensure a |
| 136 | // single text and data section for FIPS integrity check |
| 137 | "-fno-data-sections", |
| 138 | "-fno-function-sections", |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 139 | ], |
| 140 | linker_script: "src/crypto/fipsmodule/fips_shared.lds", |
| 141 | }, |
Peter Collingbourne | 0560ada | 2019-11-22 13:50:29 -0800 | [diff] [blame] | 142 | // Temporary hack to let BoringSSL build with a new compiler. |
| 143 | // This doesn't enable HWASAN unconditionally, it just causes |
| 144 | // BoringSSL's asm code to unconditionally use a HWASAN-compatible |
| 145 | // global variable reference so that the non-HWASANified (because of |
| 146 | // sanitize: { hwaddress: false } above) code in the BCM can |
| 147 | // successfully link against the HWASANified code in the rest of |
| 148 | // BoringSSL in HWASAN builds. |
| 149 | android_arm64: { |
| 150 | asflags: [ |
| 151 | "-fsanitize=hwaddress", |
| 152 | ], |
| 153 | }, |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 154 | }, |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 155 | apex_available: [ |
| 156 | "//apex_available:platform", |
| 157 | "com.android.adbd", |
Martin Stjernholm | 98b0362 | 2020-10-12 15:10:40 +0100 | [diff] [blame] | 158 | "com.android.art", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 159 | "com.android.art.debug", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 160 | "com.android.art.testing", |
Etienne Ruffieux | 49791bd | 2021-12-15 16:21:34 +0000 | [diff] [blame] | 161 | "com.android.bluetooth", |
Alan Stokes | 53cbde7 | 2021-07-06 17:46:00 +0100 | [diff] [blame] | 162 | "com.android.compos", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 163 | "com.android.conscrypt", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 164 | "com.android.resolv", |
Jiyong Park | 16f7c57 | 2021-01-05 14:41:56 +0900 | [diff] [blame] | 165 | "com.android.virt", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 166 | ], |
Jooyung Han | 856ad1d | 2020-04-16 18:48:25 +0900 | [diff] [blame] | 167 | min_sdk_version: "29", |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 168 | } |
| 169 | |
| 170 | bootstrap_go_package { |
| 171 | name: "bssl_ar", |
| 172 | pkgPath: "boringssl.googlesource.com/boringssl/util/ar", |
| 173 | srcs: [ |
| 174 | "src/util/ar/ar.go", |
| 175 | ], |
| 176 | testSrcs: [ |
| 177 | "src/util/ar/ar_test.go", |
| 178 | ], |
| 179 | } |
| 180 | |
| 181 | bootstrap_go_package { |
| 182 | name: "bssl_fipscommon", |
| 183 | pkgPath: "boringssl.googlesource.com/boringssl/util/fipstools/fipscommon", |
| 184 | srcs: [ |
| 185 | "src/util/fipstools/fipscommon/const.go", |
| 186 | ], |
| 187 | } |
| 188 | |
| 189 | blueprint_go_binary { |
| 190 | name: "bssl_inject_hash", |
| 191 | srcs: [ |
| 192 | "src/util/fipstools/inject_hash/inject_hash.go", |
| 193 | ], |
| 194 | deps: [ |
| 195 | "bssl_ar", |
| 196 | "bssl_fipscommon", |
| 197 | ], |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 198 | } |
| 199 | |
| 200 | // Target and host library |
| 201 | cc_library { |
| 202 | name: "libcrypto", |
Paul Duffin | cb6fdd2 | 2019-06-04 13:24:44 +0100 | [diff] [blame] | 203 | visibility: ["//visibility:public"], |
Vijay Venkatraman | 3caad95 | 2017-05-16 12:00:57 -0700 | [diff] [blame] | 204 | vendor_available: true, |
Justin Yun | 5608329 | 2020-11-11 15:43:11 +0900 | [diff] [blame] | 205 | product_available: true, |
dimitry | 09dd3be | 2019-05-09 16:42:01 +0200 | [diff] [blame] | 206 | native_bridge_supported: true, |
Justin Yun | 47949c5 | 2017-07-24 15:19:43 +0900 | [diff] [blame] | 207 | vndk: { |
| 208 | enabled: true, |
| 209 | }, |
Jooyung Han | b6b07c3 | 2019-01-18 15:31:20 +0900 | [diff] [blame] | 210 | double_loadable: true, |
Jiyong Park | c346395 | 2018-04-27 21:44:32 +0900 | [diff] [blame] | 211 | recovery_available: true, |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 212 | defaults: [ |
| 213 | "libcrypto_sources", |
| 214 | "libcrypto_defaults", |
| 215 | "boringssl_defaults", |
| 216 | "boringssl_flags", |
| 217 | ], |
Dan Willemsen | 2b2c24b | 2016-07-21 11:03:36 -0700 | [diff] [blame] | 218 | unique_host_soname: true, |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 219 | srcs: [ |
| 220 | ":bcm_object", |
| 221 | ], |
| 222 | target: { |
| 223 | android: { |
| 224 | cflags: [ |
| 225 | "-DBORINGSSL_FIPS", |
| 226 | ], |
Pete Bentley | e0c3f63 | 2020-05-06 19:52:29 +0100 | [diff] [blame] | 227 | sanitize: { |
| 228 | // Disable address sanitizing otherwise libcrypto will not report |
| 229 | // itself as being in FIPS mode, which causes boringssl_self_test |
| 230 | // to fail. |
| 231 | address: false, |
| 232 | }, |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 233 | inject_bssl_hash: true, |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 234 | static: { |
| 235 | // Disable the static version of libcrypto, as it causes |
| 236 | // problems for FIPS certification. Use libcrypto_static for |
| 237 | // modules that need static libcrypto but do not need FIPS self |
| 238 | // testing, or use dynamic libcrypto. |
| 239 | enabled: false, |
| 240 | }, |
Pete Bentley | e6a478a | 2019-08-19 22:20:24 +0100 | [diff] [blame] | 241 | }, |
| 242 | }, |
Joshua Duong | 26b57e2 | 2020-02-10 16:04:44 -0800 | [diff] [blame] | 243 | apex_available: [ |
| 244 | "//apex_available:platform", |
| 245 | "com.android.adbd", |
Martin Stjernholm | 98b0362 | 2020-10-12 15:10:40 +0100 | [diff] [blame] | 246 | "com.android.art", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 247 | "com.android.art.debug", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 248 | "com.android.art.testing", |
Etienne Ruffieux | 49791bd | 2021-12-15 16:21:34 +0000 | [diff] [blame] | 249 | "com.android.bluetooth", |
Alan Stokes | 53cbde7 | 2021-07-06 17:46:00 +0100 | [diff] [blame] | 250 | "com.android.compos", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 251 | "com.android.conscrypt", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 252 | "com.android.resolv", |
Jiyong Park | 16f7c57 | 2021-01-05 14:41:56 +0900 | [diff] [blame] | 253 | "com.android.virt", |
Joshua Duong | 26b57e2 | 2020-02-10 16:04:44 -0800 | [diff] [blame] | 254 | ], |
Jooyung Han | 856ad1d | 2020-04-16 18:48:25 +0900 | [diff] [blame] | 255 | min_sdk_version: "29", |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 256 | } |
| 257 | |
| 258 | // Static library |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 259 | // This version of libcrypto will not have FIPS self tests enabled, so its |
| 260 | // usage is protected through visibility to ensure it doesn't end up used |
| 261 | // somewhere that needs the FIPS version. |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 262 | cc_library_static { |
| 263 | name: "libcrypto_static", |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 264 | visibility: [ |
Paul Duffin | ebdc406 | 2020-01-22 14:29:01 +0000 | [diff] [blame] | 265 | "//art/build/sdk", |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 266 | "//bootable/recovery/updater", |
| 267 | "//external/conscrypt", |
| 268 | "//external/python/cpython2", |
Luke Huang | f695bbb | 2021-04-23 15:38:04 +0800 | [diff] [blame] | 269 | "//external/rust/crates/quiche", |
Elliott Hughes | 77319d0 | 2020-05-14 15:51:34 -0700 | [diff] [blame] | 270 | // Strictly, only the *static* toybox for legacy devices should have |
| 271 | // access to libcrypto_static, but we can't express that. |
| 272 | "//external/toybox", |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 273 | "//hardware/interfaces/confirmationui/1.0/vts/functional", |
| 274 | "//hardware/interfaces/drm/1.0/vts/functional", |
| 275 | "//hardware/interfaces/drm/1.2/vts/functional", |
Robert Shih | 6526b5c | 2020-01-21 11:03:32 -0800 | [diff] [blame] | 276 | "//hardware/interfaces/drm/1.3/vts/functional", |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 277 | "//hardware/interfaces/keymaster/3.0/vts/functional", |
| 278 | "//hardware/interfaces/keymaster/4.0/vts/functional", |
Shawn Willden | 1ff77d0 | 2020-01-16 23:52:56 -0700 | [diff] [blame] | 279 | "//hardware/interfaces/keymaster/4.1/vts/functional", |
Josh Gao | e49f0ff | 2021-04-14 15:41:00 -0700 | [diff] [blame] | 280 | "//packages/modules/adb", |
Luke Huang | 16a30fc | 2019-11-22 11:44:50 +0800 | [diff] [blame] | 281 | "//packages/modules/DnsResolver/tests:__subpackages__", |
Baligh Uddin | f58f870 | 2020-11-24 05:58:10 +0000 | [diff] [blame] | 282 | "//packages/modules/NeuralNetworks:__subpackages__", |
Colin Cross | 4b979db | 2019-09-18 11:20:16 -0700 | [diff] [blame] | 283 | "//system/core/init", |
| 284 | "//system/core/fs_mgr/liblp", |
| 285 | "//system/core/fs_mgr/liblp/vts_core", |
| 286 | "//system/core/fs_mgr/libsnapshot", |
| 287 | "//system/libvintf/test", |
| 288 | "//system/security/keystore/tests", |
| 289 | "//test/vts-testcase/security/avb", |
| 290 | ], |
Przemyslaw Szczepaniak | dab438a | 2020-02-05 17:33:41 +0000 | [diff] [blame] | 291 | apex_available: [ |
| 292 | "//apex_available:platform", |
| 293 | "com.android.neuralnetworks", |
Przemyslaw Szczepaniak | dab438a | 2020-02-05 17:33:41 +0000 | [diff] [blame] | 294 | ], |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 295 | defaults: [ |
Pete Bentley | 4763734 | 2019-08-19 12:22:49 +0100 | [diff] [blame] | 296 | "libcrypto_bcm_sources", |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 297 | "libcrypto_sources", |
| 298 | "libcrypto_defaults", |
| 299 | "boringssl_defaults", |
| 300 | "boringssl_flags", |
| 301 | ], |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 302 | } |
| 303 | |
Yifan Hong | a11a41e | 2021-09-28 17:18:45 -0700 | [diff] [blame] | 304 | // Common defaults for lib*_fuzz_unsafe. These are unsafe and deterministic |
| 305 | // libraries for testing and fuzzing only. See src/FUZZING.md. |
| 306 | cc_defaults { |
| 307 | name: "boringssl_fuzz_unsafe_defaults", |
| 308 | host_supported: true, |
| 309 | cflags: [ |
| 310 | "-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE", |
| 311 | "-DBORINGSSL_UNSAFE_FUZZER_MODE", |
| 312 | ], |
| 313 | visibility: [ |
| 314 | "//frameworks/native/libs/binder/tests:__subpackages__", |
| 315 | ], |
| 316 | } |
| 317 | |
| 318 | // Unsafe and deterministic version of libcrypto. For testing and fuzzing only. |
| 319 | // See src/FUZZING.md. |
| 320 | cc_test_library { |
| 321 | name: "libcrypto_fuzz_unsafe", |
| 322 | ramdisk_available: false, |
| 323 | vendor_ramdisk_available: false, |
| 324 | defaults: [ |
| 325 | "libcrypto_bcm_sources", |
| 326 | "libcrypto_sources", |
| 327 | "libcrypto_defaults", |
| 328 | "boringssl_defaults", |
| 329 | "boringssl_flags", |
| 330 | "boringssl_fuzz_unsafe_defaults", |
| 331 | ], |
| 332 | } |
| 333 | |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 334 | //// libssl |
| 335 | |
| 336 | // Target static library |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 337 | |
| 338 | // Static and Shared library |
| 339 | cc_library { |
| 340 | name: "libssl", |
Paul Duffin | cb6fdd2 | 2019-06-04 13:24:44 +0100 | [diff] [blame] | 341 | visibility: ["//visibility:public"], |
Dan Willemsen | ea55e18 | 2018-10-23 13:41:19 -0700 | [diff] [blame] | 342 | recovery_available: true, |
Justin Yun | 47949c5 | 2017-07-24 15:19:43 +0900 | [diff] [blame] | 343 | vendor_available: true, |
Justin Yun | 5608329 | 2020-11-11 15:43:11 +0900 | [diff] [blame] | 344 | product_available: true, |
dimitry | 09dd3be | 2019-05-09 16:42:01 +0200 | [diff] [blame] | 345 | native_bridge_supported: true, |
Justin Yun | 47949c5 | 2017-07-24 15:19:43 +0900 | [diff] [blame] | 346 | vndk: { |
| 347 | enabled: true, |
| 348 | }, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 349 | host_supported: true, |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 350 | defaults: [ |
| 351 | "libssl_sources", |
| 352 | "boringssl_defaults", |
| 353 | "boringssl_flags", |
| 354 | ], |
Joshua Duong | 81ce7a5 | 2019-10-31 12:44:47 -0700 | [diff] [blame] | 355 | target: { |
| 356 | windows: { |
| 357 | enabled: true, |
| 358 | }, |
| 359 | }, |
Dan Willemsen | 2b2c24b | 2016-07-21 11:03:36 -0700 | [diff] [blame] | 360 | unique_host_soname: true, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 361 | |
Dan Willemsen | 2b2c24b | 2016-07-21 11:03:36 -0700 | [diff] [blame] | 362 | shared_libs: ["libcrypto"], |
Joshua Duong | 26b57e2 | 2020-02-10 16:04:44 -0800 | [diff] [blame] | 363 | |
| 364 | apex_available: [ |
| 365 | "//apex_available:platform", |
Roopa Sattiraju | 517dcb0 | 2021-12-22 14:04:18 -0800 | [diff] [blame] | 366 | "com.android.bluetooth", |
Joshua Duong | 26b57e2 | 2020-02-10 16:04:44 -0800 | [diff] [blame] | 367 | "com.android.adbd", |
Jiyong Park | 0dcd4e8 | 2020-03-09 15:23:05 +0900 | [diff] [blame] | 368 | "com.android.conscrypt", |
| 369 | "com.android.resolv", |
Joshua Duong | 26b57e2 | 2020-02-10 16:04:44 -0800 | [diff] [blame] | 370 | ], |
Jooyung Han | 856ad1d | 2020-04-16 18:48:25 +0900 | [diff] [blame] | 371 | min_sdk_version: "29", |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 372 | } |
| 373 | |
Yifan Hong | a11a41e | 2021-09-28 17:18:45 -0700 | [diff] [blame] | 374 | // Unsafe and deterministic version of libssl. For testing and fuzzing only. |
| 375 | // See src/FUZZING.md. |
| 376 | cc_test_library { |
| 377 | name: "libssl_fuzz_unsafe", |
| 378 | host_supported: true, |
| 379 | defaults: [ |
| 380 | "libssl_sources", |
| 381 | "boringssl_defaults", |
| 382 | "boringssl_flags", |
| 383 | "boringssl_fuzz_unsafe_defaults", |
| 384 | ], |
| 385 | static_libs: [ |
| 386 | "libcrypto_fuzz_unsafe", |
| 387 | ], |
| 388 | } |
| 389 | |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 390 | // Tool |
| 391 | cc_binary { |
| 392 | name: "bssl", |
| 393 | host_supported: true, |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 394 | defaults: [ |
| 395 | "bssl_sources", |
| 396 | "boringssl_flags", |
| 397 | ], |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 398 | |
Dan Willemsen | 2b2c24b | 2016-07-21 11:03:36 -0700 | [diff] [blame] | 399 | shared_libs: [ |
| 400 | "libcrypto", |
| 401 | "libssl", |
| 402 | ], |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 403 | target: { |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 404 | darwin: { |
| 405 | enabled: false, |
| 406 | }, |
Pete Bentley | d716553 | 2020-05-14 12:01:03 +0100 | [diff] [blame] | 407 | android: { |
| 408 | compile_multilib: "both", |
| 409 | }, |
| 410 | }, |
| 411 | multilib: { |
| 412 | lib32: { |
| 413 | suffix: "32", |
| 414 | }, |
Dan Willemsen | 21986fb | 2016-07-14 15:23:56 -0700 | [diff] [blame] | 415 | }, |
| 416 | } |
Dan Willemsen | 2458a41 | 2016-07-15 09:28:31 -0700 | [diff] [blame] | 417 | |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 418 | // Used for ACVP testing for FIPS certification. |
| 419 | // Not installed on devices by default. |
| 420 | cc_binary { |
| 421 | name: "acvp_modulewrapper", |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 422 | srcs: [ |
Stephen Crane | d457399 | 2021-02-25 10:52:24 -0800 | [diff] [blame] | 423 | "src/util/fipstools/acvp/modulewrapper/main.cc", |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 424 | ], |
| 425 | target: { |
Pete Bentley | 7f684a4 | 2021-07-21 13:52:17 +0100 | [diff] [blame] | 426 | android_x86: { |
| 427 | enabled: false, |
| 428 | }, |
| 429 | android_x86_64: { |
| 430 | enabled: false, |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 431 | }, |
| 432 | }, |
| 433 | stem: "modulewrapper", |
Pete Bentley | 7f684a4 | 2021-07-21 13:52:17 +0100 | [diff] [blame] | 434 | compile_multilib: "both", |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 435 | multilib: { |
| 436 | lib32: { |
| 437 | suffix: "32", |
| 438 | }, |
| 439 | }, |
| 440 | |
Stephen Crane | d457399 | 2021-02-25 10:52:24 -0800 | [diff] [blame] | 441 | static_libs: [ |
| 442 | "libacvp_modulewrapper", |
| 443 | ], |
| 444 | shared_libs: [ |
| 445 | "libcrypto", |
| 446 | ], |
| 447 | |
| 448 | defaults: [ |
| 449 | "boringssl_flags", |
| 450 | ], |
| 451 | } |
| 452 | |
| 453 | // ACVP wrapper implementation shared between Android and Trusty |
| 454 | cc_library_static { |
| 455 | name: "libacvp_modulewrapper", |
| 456 | host_supported: true, |
| 457 | vendor_available: true, |
| 458 | srcs: [ |
| 459 | "src/util/fipstools/acvp/modulewrapper/modulewrapper.cc", |
| 460 | ], |
| 461 | target: { |
| 462 | android: { |
| 463 | compile_multilib: "both", |
| 464 | }, |
| 465 | }, |
| 466 | export_include_dirs: ["src/util/fipstools/acvp/modulewrapper/"], |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 467 | shared_libs: [ |
| 468 | "libcrypto", |
| 469 | ], |
| 470 | |
| 471 | defaults: [ |
| 472 | "boringssl_flags", |
| 473 | ], |
Stephen Crane | 859a48d | 2021-03-10 18:01:35 -0800 | [diff] [blame] | 474 | |
| 475 | visibility: ["//system/core/trusty/utils/acvp"], |
Pete Bentley | 390f587 | 2020-12-10 11:19:10 +0000 | [diff] [blame] | 476 | } |
| 477 | |
Dan Willemsen | 2458a41 | 2016-07-15 09:28:31 -0700 | [diff] [blame] | 478 | // Test support library |
| 479 | cc_library_static { |
| 480 | name: "boringssl_test_support", |
| 481 | host_supported: true, |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 482 | defaults: [ |
| 483 | "boringssl_test_support_sources", |
| 484 | "boringssl_flags", |
| 485 | ], |
Dan Willemsen | 2458a41 | 2016-07-15 09:28:31 -0700 | [diff] [blame] | 486 | |
Dan Willemsen | 2b2c24b | 2016-07-21 11:03:36 -0700 | [diff] [blame] | 487 | shared_libs: [ |
| 488 | "libcrypto", |
| 489 | "libssl", |
| 490 | ], |
Dan Willemsen | 2458a41 | 2016-07-15 09:28:31 -0700 | [diff] [blame] | 491 | } |
| 492 | |
| 493 | // Tests |
| 494 | cc_test { |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 495 | name: "boringssl_crypto_test", |
Pete Bentley | fe406ed | 2021-06-29 13:22:21 +0100 | [diff] [blame] | 496 | test_config: "NativeTests.xml", |
| 497 | host_supported: false, |
| 498 | per_testcase_directory: true, |
| 499 | compile_multilib: "both", |
| 500 | multilib: { |
| 501 | lib32: { |
| 502 | suffix: "32", |
| 503 | }, |
| 504 | lib64: { |
| 505 | suffix: "64", |
| 506 | }, |
| 507 | }, |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 508 | defaults: [ |
| 509 | "boringssl_crypto_test_sources", |
| 510 | "boringssl_flags", |
| 511 | ], |
| 512 | whole_static_libs: ["boringssl_test_support"], |
Pete Bentley | 00087b4 | 2022-04-11 12:43:46 +0100 | [diff] [blame] | 513 | // Statically link the library to test to ensure we always pick up the |
| 514 | // correct version regardless of device linker configuration. |
| 515 | static_libs: ["libcrypto_static"], |
Pete Bentley | fe406ed | 2021-06-29 13:22:21 +0100 | [diff] [blame] | 516 | target: { |
| 517 | android: { |
| 518 | test_suites: ["mts-conscrypt"], |
| 519 | }, |
| 520 | }, |
David Benjamin | f31229b | 2017-01-25 14:08:15 -0500 | [diff] [blame] | 521 | } |
| 522 | |
| 523 | cc_test { |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 524 | name: "boringssl_ssl_test", |
Pete Bentley | fe406ed | 2021-06-29 13:22:21 +0100 | [diff] [blame] | 525 | test_config: "NativeTests.xml", |
| 526 | host_supported: false, |
| 527 | per_testcase_directory: true, |
| 528 | compile_multilib: "both", |
| 529 | multilib: { |
| 530 | lib32: { |
| 531 | suffix: "32", |
| 532 | }, |
| 533 | lib64: { |
| 534 | suffix: "64", |
| 535 | }, |
| 536 | }, |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 537 | defaults: [ |
| 538 | "boringssl_ssl_test_sources", |
| 539 | "boringssl_flags", |
| 540 | ], |
| 541 | whole_static_libs: ["boringssl_test_support"], |
Pete Bentley | 00087b4 | 2022-04-11 12:43:46 +0100 | [diff] [blame] | 542 | // Statically link the libraries to test to ensure we always pick up the |
| 543 | // correct version regardless of device linker configuration. |
| 544 | static_libs: [ |
| 545 | "libcrypto_static", |
Paul Duffin | f6a61fd | 2019-06-25 12:06:25 +0100 | [diff] [blame] | 546 | "libssl", |
| 547 | ], |
Pete Bentley | fe406ed | 2021-06-29 13:22:21 +0100 | [diff] [blame] | 548 | target: { |
| 549 | android: { |
| 550 | test_suites: ["mts-conscrypt"], |
| 551 | }, |
| 552 | }, |
David Benjamin | f31229b | 2017-01-25 14:08:15 -0500 | [diff] [blame] | 553 | } |
Adam Langley | b6f7515 | 2019-10-18 12:20:11 -0700 | [diff] [blame] | 554 | |
| 555 | // Utility binary for CMVP on-site testing. |
| 556 | cc_binary { |
Tobias Thierer | 6204b54 | 2019-10-18 21:55:05 +0100 | [diff] [blame] | 557 | name: "test_fips", |
| 558 | host_supported: false, |
| 559 | defaults: [ |
| 560 | "boringssl_flags", |
| 561 | ], |
| 562 | shared_libs: [ |
| 563 | "libcrypto", |
| 564 | ], |
| 565 | srcs: [ |
Pete Bentley | 83b8e97 | 2022-02-28 19:23:25 +0000 | [diff] [blame] | 566 | "src/util/fipstools/test_fips.c", |
Tobias Thierer | 6204b54 | 2019-10-18 21:55:05 +0100 | [diff] [blame] | 567 | ], |
Adam Langley | b6f7515 | 2019-10-18 12:20:11 -0700 | [diff] [blame] | 568 | } |
Matthew Maurer | 5e4a5b3 | 2022-04-27 14:18:37 -0700 | [diff] [blame] | 569 | |
| 570 | // Rust bindings |
| 571 | rust_bindgen { |
| 572 | name: "libbssl_sys_raw", |
| 573 | source_stem: "bindings", |
| 574 | crate_name: "bssl_sys_raw", |
| 575 | host_supported: true, |
| 576 | wrapper_src: "src/rust/wrapper.h", |
David Drysdale | 4f45dac | 2022-05-09 13:07:42 +0100 | [diff] [blame] | 577 | vendor_available: true, |
Matthew Maurer | 5e4a5b3 | 2022-04-27 14:18:37 -0700 | [diff] [blame] | 578 | bindgen_flags: [ |
David Drysdale | c022f1c | 2022-02-02 17:04:17 +0000 | [diff] [blame] | 579 | // Adapted from upstream the src/rust/CMakeLists.txt file at: |
| 580 | // https://boringssl.googlesource.com/boringssl/+/refs/heads/master/rust/CMakeLists.txt |
Matthew Maurer | 5e4a5b3 | 2022-04-27 14:18:37 -0700 | [diff] [blame] | 581 | "--no-derive-default", |
| 582 | "--enable-function-attribute-detection", |
| 583 | "--use-core", |
| 584 | "--size_t-is-usize", |
| 585 | "--default-macro-constant-type=signed", |
| 586 | "--rustified-enum=point_conversion_form_t", |
| 587 | // These are not BoringSSL symbols, they are from glibc |
| 588 | // and are not relevant to the build besides throwing warnings |
| 589 | // about their 'long double' (aka u128) not being FFI safe. |
| 590 | // We block those functions so that the build doesn't |
| 591 | // spam warnings. |
| 592 | // |
| 593 | // https://github.com/rust-lang/rust-bindgen/issues/1549 describes the current problem |
| 594 | // and other folks' solutions. |
| 595 | "--blocklist-function=strtold", |
| 596 | "--blocklist-function=qecvt", |
| 597 | "--blocklist-function=qecvt_r", |
| 598 | "--blocklist-function=qgcvt", |
| 599 | "--blocklist-function=qfcvt", |
| 600 | "--blocklist-function=qfcvt_r", |
| 601 | ], |
| 602 | shared_libs: [ |
| 603 | "libcrypto", |
| 604 | "libssl", |
| 605 | ], |
| 606 | } |
| 607 | |
David Drysdale | c022f1c | 2022-02-02 17:04:17 +0000 | [diff] [blame] | 608 | // Encapsulate the bindgen-generated layout tests as a test target. |
| 609 | rust_test { |
| 610 | name: "libbssl_sys_raw_test", |
| 611 | srcs: [ |
| 612 | ":libbssl_sys_raw", |
| 613 | ], |
| 614 | crate_name: "bssl_sys_raw_test", |
| 615 | test_suites: ["general-tests"], |
| 616 | auto_gen_config: true, |
| 617 | clippy_lints: "none", |
| 618 | lints: "none", |
| 619 | } |
| 620 | |
| 621 | // Rust's bindgen doesn't cope with macros, so this target includes C functions that |
| 622 | // do the same thing as macros defined in BoringSSL header files. |
Matthew Maurer | 5e4a5b3 | 2022-04-27 14:18:37 -0700 | [diff] [blame] | 623 | cc_library_static { |
| 624 | name: "libbssl_rust_support", |
| 625 | host_supported: true, |
| 626 | defaults: ["boringssl_flags"], |
| 627 | srcs: ["src/rust/rust_wrapper.c"], |
| 628 | shared_libs: [ |
| 629 | "libcrypto", |
| 630 | "libssl", |
| 631 | ], |
| 632 | } |
| 633 | |
David Drysdale | c022f1c | 2022-02-02 17:04:17 +0000 | [diff] [blame] | 634 | // Replace the upstream CMake placeholder with a re-export of all of the local bindgen output. |
| 635 | gensrcs { |
| 636 | name: "libbssl_sys_src", |
| 637 | srcs: ["src/rust/src/lib.rs"], |
| 638 | cmd: "sed 's@^.{INCLUDES}@pub use bssl_sys_raw::*;@' $(in) > $(out)", |
| 639 | } |
| 640 | |
Matthew Maurer | 5e4a5b3 | 2022-04-27 14:18:37 -0700 | [diff] [blame] | 641 | rust_library { |
| 642 | name: "libbssl_ffi", |
| 643 | host_supported: true, |
| 644 | crate_name: "bssl_ffi", |
Paul Crowley | edd35e7 | 2022-05-16 21:46:39 +0000 | [diff] [blame] | 645 | visibility: [ |
| 646 | "//external/rust/crates/openssl", |
| 647 | "//system/keymint/boringssl", |
| 648 | "//system/security/prng_seeder", |
| 649 | ], |
| 650 | // Use the modified source with placeholder replaced. |
| 651 | srcs: [":libbssl_sys_src"], |
| 652 | vendor_available: true, |
Matthew Maurer | 5e4a5b3 | 2022-04-27 14:18:37 -0700 | [diff] [blame] | 653 | // Since libbssl_sys_raw is not publically visible, we can't |
| 654 | // accidentally force a double-link by linking statically, so do so. |
| 655 | rlibs: ["libbssl_sys_raw"], |
| 656 | static_libs: [ |
| 657 | "libbssl_rust_support", |
| 658 | ], |
| 659 | } |