xref: /aosp_15_r20/external/open-dice/BUILD.gn (revision 60b67249c2e226f42f35cc6cfe66c6048e0bae6b) 
1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may not
4# use this file except in compliance with the License. You may obtain a copy of
5# the License at
6#
7#     https://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations under
13# the License.
14
15import("//build_overrides/pigweed.gni")
16import("$dir_pw_bloat/bloat.gni")
17import("$dir_pw_build/python.gni")
18import("$dir_pw_build/python_dist.gni")
19import("$dir_pw_build/python_venv.gni")
20import("$dir_pw_build/target_types.gni")
21import("$dir_pw_unit_test/test.gni")
22
23group("default") {
24  deps = [
25    ":fuzzers(//toolchains:host_fuzz)",
26    ":optimized_libs(//toolchains:host_optimized)",
27    ":python.install",
28    ":tests.run(//toolchains:host_debug)",
29  ]
30}
31
32pw_source_set("cbor_writer") {
33  public = [ "include/dice/cbor_writer.h" ]
34  sources = [ "src/cbor_writer.c" ]
35}
36
37pw_source_set("cbor_reader") {
38  public = [ "include/dice/cbor_reader.h" ]
39  sources = [ "src/cbor_reader.c" ]
40}
41
42config("standalone_ops_config") {
43  include_dirs = [ "//include/dice/config/standalone" ]
44}
45
46pw_static_library("dice_standalone") {
47  public = [
48    "include/dice/dice.h",
49    "include/dice/utils.h",
50  ]
51  sources = [
52    "src/clear_memory.c",
53    "src/dice.c",
54  ]
55  all_dependent_configs = [ ":standalone_ops_config" ]
56}
57
58config("boringssl_ed25519_ops_config") {
59  include_dirs = [ "//include/dice/config/boringssl_ed25519" ]
60}
61
62config("boringssl_ecdsa_p256_ops_config") {
63  include_dirs = [ "//include/dice/config/boringssl_ecdsa_p256" ]
64}
65
66config("boringssl_ecdsa_p384_ops_config") {
67  include_dirs = [ "//include/dice/config/boringssl_ecdsa_p384" ]
68}
69
70config("boringssl_multialg_ops_config") {
71  include_dirs = [ "//include/dice/config/boringssl_multialg" ]
72}
73
74pw_static_library("dice_with_boringssl_ed25519_ops") {
75  public = [
76    "include/dice/dice.h",
77    "include/dice/utils.h",
78  ]
79  sources = [
80    "src/boringssl_cert_op.c",
81    "src/boringssl_ed25519_ops.c",
82    "src/boringssl_hash_kdf_ops.c",
83    "src/clear_memory.c",
84    "src/dice.c",
85    "src/utils.c",
86  ]
87  deps = [ "//third_party/boringssl:crypto" ]
88  all_dependent_configs = [ ":boringssl_ed25519_ops_config" ]
89}
90
91pw_static_library("dice_with_boringssl_p256_ops") {
92  public = [
93    "include/dice/dice.h",
94    "include/dice/utils.h",
95  ]
96  sources = [
97    "src/boringssl_cert_op.c",
98    "src/boringssl_hash_kdf_ops.c",
99    "src/boringssl_p256_ops.c",
100    "src/clear_memory.c",
101    "src/dice.c",
102    "src/utils.c",
103  ]
104  deps = [ "//third_party/boringssl:crypto" ]
105  all_dependent_configs = [ ":boringssl_ecdsa_p256_ops_config" ]
106}
107
108pw_static_library("dice_with_boringssl_p384_ops") {
109  public = [
110    "include/dice/dice.h",
111    "include/dice/utils.h",
112  ]
113  sources = [
114    "src/boringssl_cert_op.c",
115    "src/boringssl_hash_kdf_ops.c",
116    "src/boringssl_p384_ops.c",
117    "src/clear_memory.c",
118    "src/dice.c",
119    "src/utils.c",
120  ]
121  deps = [ "//third_party/boringssl:crypto" ]
122  all_dependent_configs = [ ":boringssl_ecdsa_p384_ops_config" ]
123}
124
125config("mbedtls_ops_config") {
126  include_dirs = [ "//include//dice/config/mbedtls_ecdsa_p256" ]
127  defines = [ "MBEDTLS_ALLOW_PRIVATE_ACCESS" ]
128}
129
130pw_static_library("dice_with_mbedtls_ops") {
131  public = [
132    "include/dice/dice.h",
133    "include/dice/utils.h",
134  ]
135  sources = [
136    "src/clear_memory.c",
137    "src/dice.c",
138    "src/mbedtls_ops.c",
139    "src/utils.c",
140  ]
141  deps = [ "//third_party/mbedtls:mbedcrypto" ]
142  all_dependent_configs = [ ":mbedtls_ops_config" ]
143}
144
145pw_static_library("dice_with_cbor_ed25519_cert") {
146  public = [
147    "include/dice/dice.h",
148    "include/dice/utils.h",
149  ]
150  sources = [
151    "src/boringssl_ed25519_ops.c",
152    "src/boringssl_hash_kdf_ops.c",
153    "src/cbor_cert_op.c",
154    "src/clear_memory.c",
155    "src/dice.c",
156    "src/utils.c",
157  ]
158  deps = [
159    ":cbor_writer",
160    "//third_party/boringssl:crypto",
161  ]
162  all_dependent_configs = [ ":boringssl_ed25519_ops_config" ]
163}
164
165pw_static_library("boringssl_ecdsa_utils") {
166  public = [
167    "include/dice/boringssl_ecdsa_utils.h",
168    "include/dice/dice.h",
169    "include/dice/utils.h",
170  ]
171  sources = [ "src/boringssl_ecdsa_utils.c" ]
172  deps = [ "//third_party/boringssl:crypto" ]
173}
174
175pw_static_library("dice_with_cbor_p256_cert") {
176  public = [
177    "include/dice/dice.h",
178    "include/dice/utils.h",
179  ]
180  sources = [
181    "src/boringssl_hash_kdf_ops.c",
182    "src/boringssl_p256_ops.c",
183    "src/cbor_cert_op.c",
184    "src/clear_memory.c",
185    "src/dice.c",
186    "src/utils.c",
187  ]
188  deps = [
189    ":boringssl_ecdsa_utils",
190    ":cbor_writer",
191    "//third_party/boringssl:crypto",
192  ]
193  all_dependent_configs = [ ":boringssl_ecdsa_p256_ops_config" ]
194}
195
196pw_static_library("dice_with_cbor_p384_cert") {
197  public = [
198    "include/dice/dice.h",
199    "include/dice/utils.h",
200  ]
201  sources = [
202    "src/boringssl_hash_kdf_ops.c",
203    "src/boringssl_p384_ops.c",
204    "src/cbor_cert_op.c",
205    "src/clear_memory.c",
206    "src/dice.c",
207    "src/utils.c",
208  ]
209  deps = [
210    ":boringssl_ecdsa_utils",
211    ":cbor_writer",
212    "//third_party/boringssl:crypto",
213  ]
214  all_dependent_configs = [ ":boringssl_ecdsa_p384_ops_config" ]
215}
216
217pw_static_library("dice_with_cbor_multialg") {
218  public = [
219    "include/dice/dice.h",
220    "include/dice/utils.h",
221  ]
222  sources = [
223    "src/boringssl_hash_kdf_ops.c",
224    "src/boringssl_multialg_ops.c",
225    "src/cbor_cert_op.c",
226    "src/clear_memory.c",
227    "src/dice.c",
228    "src/utils.c",
229  ]
230  deps = [
231    ":boringssl_ecdsa_utils",
232    ":cbor_writer",
233    "//third_party/boringssl:crypto",
234  ]
235  all_dependent_configs = [ ":boringssl_multialg_ops_config" ]
236}
237
238pw_static_library("dice_with_cbor_template_ed25519_cert") {
239  public = [
240    "include/dice/dice.h",
241    "include/dice/utils.h",
242  ]
243  sources = [
244    "src/boringssl_ed25519_ops.c",
245    "src/boringssl_hash_kdf_ops.c",
246    "src/clear_memory.c",
247    "src/dice.c",
248    "src/template_cbor_cert_op.c",
249    "src/utils.c",
250  ]
251  deps = [ "//third_party/boringssl:crypto" ]
252  all_dependent_configs = [ ":boringssl_ed25519_ops_config" ]
253}
254
255pw_static_library("dice_with_x509_template_cert") {
256  public = [
257    "include/dice/dice.h",
258    "include/dice/utils.h",
259  ]
260  sources = [
261    "src/boringssl_ed25519_ops.c",
262    "src/boringssl_hash_kdf_ops.c",
263    "src/clear_memory.c",
264    "src/dice.c",
265    "src/template_cert_op.c",
266    "src/utils.c",
267  ]
268  deps = [ "//third_party/boringssl:crypto" ]
269  all_dependent_configs = [ ":boringssl_ed25519_ops_config" ]
270}
271
272pw_source_set("fuzzer") {
273  public = [
274    "include/dice/dice.h",
275    "include/dice/utils.h",
276  ]
277  sources = [ "src/fuzzer.cc" ]
278}
279
280pw_test("cbor_writer_test") {
281  sources = [ "src/cbor_writer_test.cc" ]
282  deps = [ ":cbor_writer" ]
283}
284
285pw_test("cbor_reader_test") {
286  sources = [ "src/cbor_reader_test.cc" ]
287  deps = [ ":cbor_reader" ]
288}
289
290pw_executable("cbor_writer_fuzzer") {
291  sources = [ "src/cbor_writer_fuzzer.cc" ]
292  deps = [ ":cbor_writer" ]
293}
294
295pw_executable("cbor_reader_fuzzer") {
296  sources = [ "src/cbor_reader_fuzzer.cc" ]
297  deps = [ ":cbor_reader" ]
298}
299
300pw_test("dice_test") {
301  sources = [ "src/dice_test.cc" ]
302  deps = [
303    ":dice_standalone",
304    "//third_party/boringssl:crypto",
305  ]
306}
307
308pw_test("boringssl_ed25519_ops_test") {
309  sources = [
310    "src/boringssl_ed25519_ops_test.cc",
311    "src/test_utils.cc",
312  ]
313  deps = [
314    ":boringssl_ecdsa_utils",
315    ":dice_with_boringssl_ed25519_ops",
316    "$dir_pw_string:pw_string",
317    "//third_party/boringssl:crypto",
318    "//third_party/cose-c:cose-c_ed25519",
319  ]
320}
321
322pw_executable("boringssl_ed25519_ops_fuzzer") {
323  deps = [
324    ":dice_with_boringssl_ed25519_ops",
325    ":fuzzer",
326  ]
327}
328
329pw_executable("boringssl_p256_ops_fuzzer") {
330  deps = [
331    ":dice_with_boringssl_p256_ops",
332    ":fuzzer",
333  ]
334}
335
336pw_executable("boringssl_p384_ops_fuzzer") {
337  deps = [
338    ":dice_with_boringssl_p384_ops",
339    ":fuzzer",
340  ]
341}
342
343pw_test("template_cert_op_test") {
344  sources = [
345    "src/template_cert_op_test.cc",
346    "src/test_utils.cc",
347  ]
348  deps = [
349    ":boringssl_ecdsa_utils",
350    ":dice_with_x509_template_cert",
351    "$dir_pw_string:pw_string",
352    "//third_party/boringssl:crypto",
353    "//third_party/cose-c:cose-c_ed25519",
354  ]
355}
356
357pw_executable("template_cert_op_fuzzer") {
358  deps = [
359    ":dice_with_x509_template_cert",
360    ":fuzzer",
361  ]
362}
363
364pw_test("cbor_ed25519_cert_op_test") {
365  sources = [
366    "src/cbor_cert_op_test.cc",
367    "src/test_utils.cc",
368  ]
369  deps = [
370    ":boringssl_ecdsa_utils",
371    ":dice_with_cbor_ed25519_cert",
372    "$dir_pw_string:pw_string",
373    "//third_party/boringssl:crypto",
374    "//third_party/cose-c:cose-c_ed25519",
375  ]
376}
377
378pw_test("cbor_p256_cert_op_test") {
379  sources = [
380    "src/cbor_p256_cert_op_test.cc",
381    "src/test_utils.cc",
382  ]
383  deps = [
384    ":boringssl_ecdsa_utils",
385    ":dice_with_cbor_p256_cert",
386    "$dir_pw_string:pw_string",
387    "//third_party/boringssl:crypto",
388    "//third_party/cose-c:cose-c_p256",
389  ]
390}
391
392pw_test("cbor_p384_cert_op_test") {
393  sources = [
394    "src/cbor_p384_cert_op_test.cc",
395    "src/test_utils.cc",
396  ]
397  deps = [
398    ":boringssl_ecdsa_utils",
399    ":dice_with_cbor_p384_cert",
400    "$dir_pw_string:pw_string",
401    "//third_party/boringssl:crypto",
402    "//third_party/cose-c:cose-c_p384",
403  ]
404}
405
406pw_test("cbor_multialg_op_test") {
407  sources = [
408    "src/cbor_multialg_op_test.cc",
409    "src/test_utils.cc",
410  ]
411  deps = [
412    ":boringssl_ecdsa_utils",
413    ":dice_with_cbor_multialg",
414    "$dir_pw_string:pw_string",
415    "//third_party/boringssl:crypto",
416    "//third_party/cose-c:cose-c_multialg",
417  ]
418}
419
420pw_executable("cbor_ed25519_cert_op_fuzzer") {
421  deps = [
422    ":dice_with_cbor_ed25519_cert",
423    ":fuzzer",
424  ]
425}
426
427pw_test("template_cbor_ed25519_cert_op_test") {
428  sources = [
429    "src/template_cbor_cert_op_test.cc",
430    "src/test_utils.cc",
431  ]
432  deps = [
433    ":boringssl_ecdsa_utils",
434    ":dice_with_cbor_template_ed25519_cert",
435    "$dir_pw_string:pw_string",
436    "//third_party/boringssl:crypto",
437    "//third_party/cose-c:cose-c_ed25519",
438  ]
439}
440
441pw_executable("template_cbor_ed25519_cert_op_fuzzer") {
442  deps = [
443    ":dice_with_cbor_template_ed25519_cert",
444    ":fuzzer",
445  ]
446}
447
448pw_test("mbedtls_ops_test") {
449  sources = [
450    "src/mbedtls_ops_test.cc",
451    "src/test_utils.cc",
452  ]
453  deps = [
454    ":boringssl_ecdsa_utils",
455    ":dice_with_mbedtls_ops",
456    "$dir_pw_string:pw_string",
457    "//third_party/boringssl:crypto",
458    "//third_party/cose-c:cose-c_ed25519",
459  ]
460}
461
462pw_executable("mbedtls_ops_fuzzer") {
463  deps = [
464    ":dice_with_mbedtls_ops",
465    ":fuzzer",
466  ]
467}
468
469pw_static_library("dice_android") {
470  public = [
471    "//include/dice/dice.h",
472    "//include/dice/utils.h",
473  ]
474  sources = [ "src/android.c" ]
475  deps = [
476    ":cbor_reader",
477    ":cbor_writer",
478    ":dice_with_cbor_ed25519_cert",
479  ]
480}
481
482pw_test("android_test") {
483  sources = [ "src/android_test.cc" ]
484  deps = [ ":dice_android" ]
485}
486
487pw_executable("android_fuzzer") {
488  sources = [ "src/android_fuzzer.cc" ]
489  deps = [ ":dice_android" ]
490}
491
492pw_test_group("tests") {
493  tests = [
494    ":android_test",
495    ":boringssl_ed25519_ops_test",
496    ":cbor_ed25519_cert_op_test",
497    ":cbor_p256_cert_op_test",
498    ":cbor_p384_cert_op_test",
499    ":cbor_multialg_op_test",
500    ":cbor_reader_test",
501    ":cbor_writer_test",
502    ":dice_test",
503    ":mbedtls_ops_test",
504    ":template_cbor_ed25519_cert_op_test",
505    ":template_cert_op_test",
506  ]
507}
508
509group("fuzzers") {
510  deps = [
511    ":android_fuzzer",
512    ":boringssl_ed25519_ops_fuzzer",
513    ":boringssl_p256_ops_fuzzer",
514    ":boringssl_p384_ops_fuzzer",
515    ":cbor_ed25519_cert_op_fuzzer",
516    ":cbor_reader_fuzzer",
517    ":cbor_writer_fuzzer",
518    ":mbedtls_ops_fuzzer",
519    ":template_cbor_ed25519_cert_op_fuzzer",
520    ":template_cert_op_fuzzer",
521  ]
522}
523
524pw_static_library("empty_lib") {
525}
526
527pw_executable("empty_main") {
528  sources = [ "src/empty_main.c" ]
529}
530
531pw_executable("dice_standalone_main") {
532  sources = [ "src/dice_standalone_main.c" ]
533  deps = [ ":dice_standalone" ]
534}
535
536pw_source_set("dice_main") {
537  public = [
538    "include/dice/dice.h",
539    "include/dice/utils.h",
540  ]
541  sources = [ "src/dice_main.c" ]
542}
543
544pw_executable("dice_with_boringssl_ed25519_ops_main") {
545  deps = [
546    ":dice_main",
547    ":dice_with_boringssl_ed25519_ops",
548  ]
549}
550
551pw_executable("dice_with_mbedtls_ops_main") {
552  deps = [
553    ":dice_main",
554    ":dice_with_mbedtls_ops",
555  ]
556}
557
558pw_executable("dice_with_cbor_cert_main") {
559  deps = [
560    ":dice_main",
561    ":dice_with_cbor_ed25519_cert",
562  ]
563}
564
565pw_executable("dice_with_cbor_template_ed25519_cert_main") {
566  deps = [
567    ":dice_main",
568    ":dice_with_cbor_template_ed25519_cert",
569  ]
570}
571
572pw_executable("dice_with_x509_template_cert_main") {
573  deps = [
574    ":dice_main",
575    ":dice_with_x509_template_cert",
576  ]
577}
578
579pw_size_diff("executable_size_report") {
580  title = "Executable sizes (includes thirdparty deps)"
581  base = ":empty_main"
582  binaries = [
583    {
584      target = ":dice_standalone_main"
585      label = "DiceMainFlow only (No Ops)"
586    },
587    {
588      target = ":dice_with_boringssl_ed25519_ops_main"
589      label = "Boringssl Ed25519 Ops"
590      base = ":dice_standalone_main"
591    },
592    {
593      target = ":dice_with_mbedtls_ops_main"
594      label = "MbedTLS Ops"
595      base = ":dice_standalone_main"
596    },
597    {
598      target = ":dice_with_cbor_cert_main"
599      label = "Boringssl with CBOR Cert"
600      base = ":dice_with_boringssl_ed25519_ops_main"
601    },
602    {
603      target = ":dice_with_cbor_template_ed25519_cert_main"
604      label = "Boringssl with CBOR Template Ed25519 Cert"
605      base = ":dice_with_boringssl_ed25519_ops_main"
606    },
607    {
608      target = ":dice_with_x509_template_cert_main"
609      label = "Boringssl with X.509 Template Cert"
610      base = ":dice_with_boringssl_ed25519_ops_main"
611    },
612  ]
613}
614
615pw_size_diff("library_size_report") {
616  title = "Library sizes (excludes thirdparty deps)"
617  base = ":empty_lib"
618  binaries = [
619    {
620      target = ":dice_standalone"
621      label = "DICE Standalone (No Ops)"
622    },
623    {
624      target = ":dice_with_boringssl_ed25519_ops"
625      label = "Boringssl Ops"
626      base = ":dice_standalone"
627    },
628    {
629      target = ":dice_with_mbedtls_ops"
630      label = "MbedTLS Ops"
631      base = ":dice_standalone"
632    },
633    {
634      target = ":dice_with_cbor_ed25519_cert"
635      label = "CBOR Cert"
636      base = ":dice_standalone"
637    },
638    {
639      target = ":dice_with_cbor_p256_cert"
640      label = "CBOR P256 Cert"
641      base = ":dice_standalone"
642    },
643    {
644      target = ":dice_with_cbor_p384_cert"
645      label = "CBOR P384 Cert"
646      base = ":dice_standalone"
647    },
648    {
649      target = ":dice_with_cbor_multialg"
650      label = "CBOR Multi-Alg"
651      base = ":dice_standalone"
652    },
653    {
654      target = ":dice_with_cbor_template_ed25519_cert"
655      label = "CBOR Template Cert"
656      base = ":dice_standalone"
657    },
658    {
659      target = ":dice_with_x509_template_cert"
660      label = "X.509 Template Cert"
661      base = ":dice_standalone"
662    },
663  ]
664}
665
666group("optimized_libs") {
667  deps = [
668    ":dice_android",
669    ":dice_standalone",
670    ":dice_with_boringssl_ed25519_ops",
671    ":dice_with_cbor_ed25519_cert",
672    ":dice_with_cbor_multialg",
673    ":dice_with_cbor_p256_cert",
674    ":dice_with_cbor_p384_cert",
675    ":dice_with_cbor_template_ed25519_cert",
676    ":dice_with_mbedtls_ops",
677    ":dice_with_x509_template_cert",
678    ":executable_size_report",
679    ":library_size_report",
680  ]
681}
682
683# This group is built during bootstrap to setup the interactive Python
684# environment.
685pw_python_group("python") {
686  python_deps = [ ":pip_install_open_dice_tools" ]
687}
688
689# In-tree Python packages
690_open_dice_python_packages = [ "//tools:tools" ]
691
692# Pigweed Python packages to include
693_pigweed_python_packages = [ "$dir_pw_env_setup:core_pigweed_python_packages" ]
694
695_all_python_packages = _open_dice_python_packages + _pigweed_python_packages
696
697# The default venv for Python actions in GN
698# Set this gn arg in a declare_args block in this file 'BUILD.gn' or in '.gn' to
699# use this venv.
700#
701#   pw_build_PYTHON_BUILD_VENV = "//:open_dice_build_venv"
702#
703pw_python_venv("open_dice_build_venv") {
704  path = "$root_build_dir/python-venv"
705  constraints = pw_build_PIP_CONSTRAINTS
706  requirements = pw_build_PIP_REQUIREMENTS
707
708  # Ensure all third party Python dependencies are installed into this venv.
709  # This works by checking the setup.cfg files for all packages listed here and
710  # installing the packages listed in the [options].install_requires field.
711  source_packages = _all_python_packages
712}
713
714# This template collects all python packages and their dependencies into a
715# single super Python package for installation into the bootstrapped virtual
716# environment.
717pw_python_distribution("generate_open_dice_tools_python_distribution") {
718  packages = _all_python_packages
719  generate_setup_cfg = {
720    name = "open-dice-tools"
721    version = "0.0.1"
722    append_date_to_version = true
723    include_default_pyproject_file = true
724  }
725}
726
727# Install the open-dice-tools super Python package into the bootstrapped Python
728# venv.
729pw_internal_pip_install("pip_install_open_dice_tools") {
730  packages = [ ":generate_open_dice_tools_python_distribution" ]
731}
732