// Note that some host libraries have the same module name as the target // libraries. This is currently needed to build, for example, adb. But it's // probably something that should be changed. package { default_visibility: ["//visibility:private"], } // Pull in the autogenerated sources modules build = ["sources.bp"] // Used by libcrypto, libssl, bssl tool, and native tests cc_defaults { name: "boringssl_flags", vendor_available: true, cflags: [ "-fvisibility=hidden", "-DBORINGSSL_SHARED_LIBRARY", "-DBORINGSSL_ANDROID_SYSTEM", "-DOPENSSL_SMALL", "-D_XOPEN_SOURCE=700", "-Werror", "-Wno-unused-parameter", ], cppflags: [ "-Wall", "-Werror", ], conlyflags: ["-std=c99"], // Build BoringSSL and its tests against the same STL. sdk_version: "9", target: { android: { stl: "libc++_static", }, }, } // Used by libcrypto + libssl cc_defaults { name: "boringssl_defaults", local_include_dirs: ["src/include"], export_include_dirs: ["src/include"], cflags: ["-DBORINGSSL_IMPLEMENTATION"], } //// libcrypto cc_defaults { name: "libcrypto_defaults", host_supported: true, // Windows and Macs both have problems with assembly files target: { windows: { enabled: true, cflags: ["-DOPENSSL_NO_ASM"], host_ldlibs: ["-lws2_32"], }, darwin: { cflags: ["-DOPENSSL_NO_ASM"], }, host: { host_ldlibs: ["-lpthread"], }, }, local_include_dirs: ["src/crypto"], } cc_object { name: "bcm_object", device_supported: true, recovery_available: true, native_bridge_supported: true, defaults: [ "libcrypto_bcm_sources", "libcrypto_defaults", "boringssl_defaults", "boringssl_flags", ], sanitize: { address: false, hwaddress: false, fuzzer: false, }, target: { android: { cflags: [ "-DBORINGSSL_FIPS", "-fPIC", // -fno[data|text]-sections required to ensure a // single text and data section for FIPS integrity check "-fno-data-sections", "-fno-function-sections", ], linker_script: "src/crypto/fipsmodule/fips_shared.lds", }, // Temporary hack to let BoringSSL build with a new compiler. // This doesn't enable HWASAN unconditionally, it just causes // BoringSSL's asm code to unconditionally use a HWASAN-compatible // global variable reference so that the non-HWASANified (because of // sanitize: { hwaddress: false } above) code in the BCM can // successfully link against the HWASANified code in the rest of // BoringSSL in HWASAN builds. android_arm64: { asflags: [ "-fsanitize=hwaddress", ], }, }, } bootstrap_go_package { name: "bssl_ar", pkgPath: "boringssl.googlesource.com/boringssl/util/ar", srcs: [ "src/util/ar/ar.go", ], testSrcs: [ "src/util/ar/ar_test.go", ], } bootstrap_go_package { name: "bssl_fipscommon", pkgPath: "boringssl.googlesource.com/boringssl/util/fipstools/fipscommon", srcs: [ "src/util/fipstools/fipscommon/const.go", ], } blueprint_go_binary { name: "bssl_inject_hash", srcs: [ "src/util/fipstools/inject_hash/inject_hash.go", ], deps: [ "bssl_ar", "bssl_fipscommon", ], } // Target and host library cc_library { name: "libcrypto", visibility: ["//visibility:public"], vendor_available: true, native_bridge_supported: true, vndk: { enabled: true, }, double_loadable: true, recovery_available: true, defaults: [ "libcrypto_sources", "libcrypto_defaults", "boringssl_defaults", "boringssl_flags", ], unique_host_soname: true, srcs: [ ":bcm_object", ], target: { android: { cflags: [ "-DBORINGSSL_FIPS", ], inject_bssl_hash: true, static: { // Disable the static version of libcrypto, as it causes // problems for FIPS certification. Use libcrypto_static for // modules that need static libcrypto but do not need FIPS self // testing, or use dynamic libcrypto. enabled: false, }, }, }, apex_available: [ "//apex_available:platform", "com.android.adbd", "test_com.android.adbd", ], } // Static library // This version of libcrypto will not have FIPS self tests enabled, so its // usage is protected through visibility to ensure it doesn't end up used // somewhere that needs the FIPS version. cc_library_static { name: "libcrypto_static", visibility: [ "//bootable/recovery/updater", "//external/conscrypt", "//external/python/cpython2", "//frameworks/ml/nn:__subpackages__", "//hardware/interfaces/confirmationui/1.0/vts/functional", "//hardware/interfaces/drm/1.0/vts/functional", "//hardware/interfaces/drm/1.2/vts/functional", "//hardware/interfaces/keymaster/3.0/vts/functional", "//hardware/interfaces/keymaster/4.0/vts/functional", "//hardware/interfaces/keymaster/4.1/vts/functional", "//packages/modules/DnsResolver/tests:__subpackages__", "//system/core/adb", "//system/core/init", "//system/core/fs_mgr/liblp", "//system/core/fs_mgr/liblp/vts_core", "//system/core/fs_mgr/libsnapshot", "//system/libvintf/test", "//system/security/keystore/tests", "//test/vts-testcase/security/avb", ], apex_available: [ "//apex_available:platform", "com.android.neuralnetworks", "test_com.android.neuralnetworks", ], defaults: [ "libcrypto_bcm_sources", "libcrypto_sources", "libcrypto_defaults", "boringssl_defaults", "boringssl_flags", ], } //// libssl // Target static library // Static and Shared library cc_library { name: "libssl", visibility: ["//visibility:public"], recovery_available: true, vendor_available: true, native_bridge_supported: true, vndk: { enabled: true, }, host_supported: true, defaults: [ "libssl_sources", "boringssl_defaults", "boringssl_flags", ], target: { windows: { enabled: true, }, }, unique_host_soname: true, shared_libs: ["libcrypto"], apex_available: [ "//apex_available:platform", "com.android.adbd", "test_com.android.adbd", ], } // Tool cc_binary { name: "bssl", host_supported: true, defaults: [ "bssl_sources", "boringssl_flags", ], shared_libs: [ "libcrypto", "libssl", ], target: { darwin: { enabled: false, }, }, } cc_binary { name: "cavp", host_supported: true, srcs: [ "src/util/fipstools/cavp/cavp_aes_gcm_test.cc", "src/util/fipstools/cavp/cavp_aes_test.cc", "src/util/fipstools/cavp/cavp_ctr_drbg_test.cc", "src/util/fipstools/cavp/cavp_ecdsa2_keypair_test.cc", "src/util/fipstools/cavp/cavp_ecdsa2_pkv_test.cc", "src/util/fipstools/cavp/cavp_ecdsa2_siggen_test.cc", "src/util/fipstools/cavp/cavp_ecdsa2_sigver_test.cc", "src/util/fipstools/cavp/cavp_hmac_test.cc", "src/util/fipstools/cavp/cavp_kas_test.cc", "src/util/fipstools/cavp/cavp_keywrap_test.cc", "src/util/fipstools/cavp/cavp_main.cc", "src/util/fipstools/cavp/cavp_rsa2_keygen_test.cc", "src/util/fipstools/cavp/cavp_rsa2_siggen_test.cc", "src/util/fipstools/cavp/cavp_rsa2_sigver_test.cc", "src/util/fipstools/cavp/cavp_sha_monte_test.cc", "src/util/fipstools/cavp/cavp_sha_test.cc", "src/util/fipstools/cavp/cavp_tdes_test.cc", "src/util/fipstools/cavp/cavp_test_util.cc", "src/util/fipstools/cavp/cavp_tlskdf_test.cc", ], shared_libs: [ "libcrypto", ], defaults: [ "boringssl_test_support_sources", "boringssl_flags", ], } // Test support library cc_library_static { name: "boringssl_test_support", host_supported: true, defaults: [ "boringssl_test_support_sources", "boringssl_flags", ], shared_libs: [ "libcrypto", "libssl", ], } // Tests cc_test { name: "boringssl_crypto_test", test_suites: ["device-tests"], host_supported: true, defaults: [ "boringssl_crypto_test_sources", "boringssl_flags", ], whole_static_libs: ["boringssl_test_support"], shared_libs: ["libcrypto"], } cc_test { name: "boringssl_ssl_test", test_suites: ["device-tests"], host_supported: true, defaults: [ "boringssl_ssl_test_sources", "boringssl_flags", ], whole_static_libs: ["boringssl_test_support"], shared_libs: [ "libcrypto", "libssl", ], } // Utility binary for CMVP on-site testing. cc_binary { name: "test_fips", host_supported: false, defaults: [ "boringssl_flags", ], shared_libs: [ "libcrypto", ], srcs: [ "src/util/fipstools/cavp/test_fips.c", ], }