| // Note that some host libraries have the same module name as the target |
| // libraries. This is currently needed to build, for example, adb. But it's |
| // probably something that should be changed. |
| |
| package { |
| default_visibility: ["//visibility:private"], |
| } |
| |
| // Pull in the autogenerated sources modules |
| build = ["sources.bp"] |
| |
| // Used by libcrypto, libssl, bssl tool, and native tests |
| cc_defaults { |
| name: "boringssl_flags", |
| vendor_available: true, |
| |
| cflags: [ |
| "-fvisibility=hidden", |
| "-DBORINGSSL_SHARED_LIBRARY", |
| "-DBORINGSSL_ANDROID_SYSTEM", |
| "-DOPENSSL_SMALL", |
| "-D_XOPEN_SOURCE=700", |
| "-Werror", |
| "-Wno-unused-parameter", |
| ], |
| |
| cppflags: [ |
| "-Wall", |
| "-Werror", |
| ], |
| |
| conlyflags: ["-std=c99"], |
| |
| // Build BoringSSL and its tests against the same STL. |
| sdk_version: "9", |
| target: { |
| android: { |
| stl: "libc++_static", |
| }, |
| }, |
| } |
| |
| // Used by libcrypto + libssl |
| cc_defaults { |
| name: "boringssl_defaults", |
| |
| local_include_dirs: ["src/include"], |
| export_include_dirs: ["src/include"], |
| cflags: ["-DBORINGSSL_IMPLEMENTATION"], |
| } |
| |
| //// libcrypto |
| cc_defaults { |
| name: "libcrypto_defaults", |
| host_supported: true, |
| |
| // Windows and Macs both have problems with assembly files |
| target: { |
| windows: { |
| enabled: true, |
| cflags: ["-DOPENSSL_NO_ASM"], |
| host_ldlibs: ["-lws2_32"], |
| }, |
| darwin: { |
| cflags: ["-DOPENSSL_NO_ASM"], |
| }, |
| host: { |
| host_ldlibs: ["-lpthread"], |
| }, |
| }, |
| |
| local_include_dirs: ["src/crypto"], |
| } |
| |
| cc_object { |
| name: "bcm_object", |
| device_supported: true, |
| recovery_available: true, |
| native_bridge_supported: true, |
| defaults: [ |
| "libcrypto_bcm_sources", |
| "libcrypto_defaults", |
| "boringssl_defaults", |
| "boringssl_flags", |
| ], |
| sanitize: { |
| address: false, |
| hwaddress: false, |
| fuzzer: false, |
| }, |
| target: { |
| android: { |
| cflags: [ |
| "-DBORINGSSL_FIPS", |
| "-fPIC", |
| // -fno[data|text]-sections required to ensure a |
| // single text and data section for FIPS integrity check |
| "-fno-data-sections", |
| "-fno-function-sections", |
| ], |
| linker_script: "src/crypto/fipsmodule/fips_shared.lds", |
| }, |
| // Temporary hack to let BoringSSL build with a new compiler. |
| // This doesn't enable HWASAN unconditionally, it just causes |
| // BoringSSL's asm code to unconditionally use a HWASAN-compatible |
| // global variable reference so that the non-HWASANified (because of |
| // sanitize: { hwaddress: false } above) code in the BCM can |
| // successfully link against the HWASANified code in the rest of |
| // BoringSSL in HWASAN builds. |
| android_arm64: { |
| asflags: [ |
| "-fsanitize=hwaddress", |
| ], |
| }, |
| }, |
| apex_available: [ |
| "//apex_available:platform", |
| "com.android.adbd", |
| "com.android.art.debug", |
| "com.android.art.release", |
| "com.android.art.testing", |
| "com.android.bluetooth.updatable", |
| "com.android.conscrypt", |
| "com.android.media", |
| "com.android.resolv", |
| ], |
| } |
| |
| bootstrap_go_package { |
| name: "bssl_ar", |
| pkgPath: "boringssl.googlesource.com/boringssl/util/ar", |
| srcs: [ |
| "src/util/ar/ar.go", |
| ], |
| testSrcs: [ |
| "src/util/ar/ar_test.go", |
| ], |
| } |
| |
| bootstrap_go_package { |
| name: "bssl_fipscommon", |
| pkgPath: "boringssl.googlesource.com/boringssl/util/fipstools/fipscommon", |
| srcs: [ |
| "src/util/fipstools/fipscommon/const.go", |
| ], |
| } |
| |
| blueprint_go_binary { |
| name: "bssl_inject_hash", |
| srcs: [ |
| "src/util/fipstools/inject_hash/inject_hash.go", |
| ], |
| deps: [ |
| "bssl_ar", |
| "bssl_fipscommon", |
| ], |
| } |
| |
| // Target and host library |
| cc_library { |
| name: "libcrypto", |
| visibility: ["//visibility:public"], |
| vendor_available: true, |
| native_bridge_supported: true, |
| vndk: { |
| enabled: true, |
| }, |
| double_loadable: true, |
| recovery_available: true, |
| defaults: [ |
| "libcrypto_sources", |
| "libcrypto_defaults", |
| "boringssl_defaults", |
| "boringssl_flags", |
| ], |
| unique_host_soname: true, |
| srcs: [ |
| ":bcm_object", |
| ], |
| target: { |
| android: { |
| cflags: [ |
| "-DBORINGSSL_FIPS", |
| ], |
| inject_bssl_hash: true, |
| static: { |
| // Disable the static version of libcrypto, as it causes |
| // problems for FIPS certification. Use libcrypto_static for |
| // modules that need static libcrypto but do not need FIPS self |
| // testing, or use dynamic libcrypto. |
| enabled: false, |
| }, |
| }, |
| }, |
| apex_available: [ |
| "//apex_available:platform", |
| "com.android.adbd", |
| "com.android.art.debug", |
| "com.android.art.release", |
| "com.android.art.testing", |
| "com.android.bluetooth.updatable", |
| "com.android.conscrypt", |
| "com.android.media", |
| "com.android.resolv", |
| ], |
| } |
| |
| // Static library |
| // This version of libcrypto will not have FIPS self tests enabled, so its |
| // usage is protected through visibility to ensure it doesn't end up used |
| // somewhere that needs the FIPS version. |
| cc_library_static { |
| name: "libcrypto_static", |
| visibility: [ |
| "//art/build/sdk", |
| "//bootable/recovery/updater", |
| "//external/conscrypt", |
| "//external/python/cpython2", |
| "//frameworks/ml/nn:__subpackages__", |
| "//hardware/interfaces/confirmationui/1.0/vts/functional", |
| "//hardware/interfaces/drm/1.0/vts/functional", |
| "//hardware/interfaces/drm/1.2/vts/functional", |
| "//hardware/interfaces/keymaster/3.0/vts/functional", |
| "//hardware/interfaces/keymaster/4.0/vts/functional", |
| "//hardware/interfaces/keymaster/4.1/vts/functional", |
| "//packages/modules/DnsResolver/tests:__subpackages__", |
| "//system/core/adb", |
| "//system/core/init", |
| "//system/core/fs_mgr/liblp", |
| "//system/core/fs_mgr/liblp/vts_core", |
| "//system/core/fs_mgr/libsnapshot", |
| "//system/libvintf/test", |
| "//system/security/keystore/tests", |
| "//test/vts-testcase/security/avb", |
| ], |
| apex_available: [ |
| "//apex_available:platform", |
| "com.android.neuralnetworks", |
| ], |
| defaults: [ |
| "libcrypto_bcm_sources", |
| "libcrypto_sources", |
| "libcrypto_defaults", |
| "boringssl_defaults", |
| "boringssl_flags", |
| ], |
| } |
| |
| //// libssl |
| |
| // Target static library |
| |
| // Static and Shared library |
| cc_library { |
| name: "libssl", |
| visibility: ["//visibility:public"], |
| recovery_available: true, |
| vendor_available: true, |
| native_bridge_supported: true, |
| vndk: { |
| enabled: true, |
| }, |
| host_supported: true, |
| defaults: [ |
| "libssl_sources", |
| "boringssl_defaults", |
| "boringssl_flags", |
| ], |
| target: { |
| windows: { |
| enabled: true, |
| }, |
| }, |
| unique_host_soname: true, |
| |
| shared_libs: ["libcrypto"], |
| |
| apex_available: [ |
| "//apex_available:platform", |
| "com.android.adbd", |
| "com.android.conscrypt", |
| "com.android.resolv", |
| ], |
| } |
| |
| // Tool |
| cc_binary { |
| name: "bssl", |
| host_supported: true, |
| defaults: [ |
| "bssl_sources", |
| "boringssl_flags", |
| ], |
| |
| shared_libs: [ |
| "libcrypto", |
| "libssl", |
| ], |
| target: { |
| darwin: { |
| enabled: false, |
| }, |
| }, |
| } |
| |
| cc_binary { |
| name: "cavp", |
| host_supported: true, |
| srcs: [ |
| "src/util/fipstools/cavp/cavp_aes_gcm_test.cc", |
| "src/util/fipstools/cavp/cavp_aes_test.cc", |
| "src/util/fipstools/cavp/cavp_ctr_drbg_test.cc", |
| "src/util/fipstools/cavp/cavp_ecdsa2_keypair_test.cc", |
| "src/util/fipstools/cavp/cavp_ecdsa2_pkv_test.cc", |
| "src/util/fipstools/cavp/cavp_ecdsa2_siggen_test.cc", |
| "src/util/fipstools/cavp/cavp_ecdsa2_sigver_test.cc", |
| "src/util/fipstools/cavp/cavp_hmac_test.cc", |
| "src/util/fipstools/cavp/cavp_kas_test.cc", |
| "src/util/fipstools/cavp/cavp_keywrap_test.cc", |
| "src/util/fipstools/cavp/cavp_main.cc", |
| "src/util/fipstools/cavp/cavp_rsa2_keygen_test.cc", |
| "src/util/fipstools/cavp/cavp_rsa2_siggen_test.cc", |
| "src/util/fipstools/cavp/cavp_rsa2_sigver_test.cc", |
| "src/util/fipstools/cavp/cavp_sha_monte_test.cc", |
| "src/util/fipstools/cavp/cavp_sha_test.cc", |
| "src/util/fipstools/cavp/cavp_tdes_test.cc", |
| "src/util/fipstools/cavp/cavp_test_util.cc", |
| "src/util/fipstools/cavp/cavp_tlskdf_test.cc", |
| ], |
| |
| shared_libs: [ |
| "libcrypto", |
| ], |
| |
| defaults: [ |
| "boringssl_test_support_sources", |
| "boringssl_flags", |
| ], |
| } |
| |
| // Test support library |
| cc_library_static { |
| name: "boringssl_test_support", |
| host_supported: true, |
| defaults: [ |
| "boringssl_test_support_sources", |
| "boringssl_flags", |
| ], |
| |
| shared_libs: [ |
| "libcrypto", |
| "libssl", |
| ], |
| } |
| |
| // Tests |
| cc_test { |
| name: "boringssl_crypto_test", |
| test_suites: ["device-tests"], |
| host_supported: true, |
| defaults: [ |
| "boringssl_crypto_test_sources", |
| "boringssl_flags", |
| ], |
| whole_static_libs: ["boringssl_test_support"], |
| |
| shared_libs: ["libcrypto"], |
| } |
| |
| cc_test { |
| name: "boringssl_ssl_test", |
| test_suites: ["device-tests"], |
| host_supported: true, |
| defaults: [ |
| "boringssl_ssl_test_sources", |
| "boringssl_flags", |
| ], |
| whole_static_libs: ["boringssl_test_support"], |
| |
| shared_libs: [ |
| "libcrypto", |
| "libssl", |
| ], |
| } |
| |
| // Utility binary for CMVP on-site testing. |
| cc_binary { |
| name: "test_fips", |
| host_supported: false, |
| defaults: [ |
| "boringssl_flags", |
| ], |
| shared_libs: [ |
| "libcrypto", |
| ], |
| srcs: [ |
| "src/util/fipstools/cavp/test_fips.c", |
| ], |
| } |
