1# Copyright (c) 2023-2024 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14import("//build/ohos.gni")
15import("../../../code_signature.gni")
16
17config("public_local_code_sign_configs") {
18  include_dirs = [ "include" ]
19}
20
21ohos_shared_library("liblocal_code_sign_sdk") {
22  sanitize = {
23    cfi = true
24    cfi_cross_dso = true
25    debug = false
26  }
27  branch_protector_ret = "pac_ret"
28  sources = [
29    "${code_signature_root_dir}/utils/src/cert_utils.cpp",
30    "${code_signature_root_dir}/utils/src/huks_attest_verifier.cpp",
31    "${code_signature_root_dir}/utils/src/openssl_utils.cpp",
32    "src/local_code_sign_client.cpp",
33    "src/local_code_sign_kit.cpp",
34    "src/local_code_sign_load_callback.cpp",
35    "src/local_code_sign_proxy.cpp",
36  ]
37  version_script = "liblocal_code_sign_sdk.versionscript"
38  cflags_cc = [
39    "-Os",
40    "-fno-asynchronous-unwind-tables",
41    "-fno-unwind-tables",
42  ]
43
44  public_configs = [
45    "${code_signature_root_dir}:common_public_config",
46    ":public_local_code_sign_configs",
47  ]
48  configs = [ "${code_signature_root_dir}:common_utils_config" ]
49  defines = []
50  if (build_variant == "root") {
51    defines += [ "CODE_SIGNATURE_DEBUGGABLE" ]
52  }
53  if (code_signature_support_oh_code_sign) {
54    defines += [ "VERIFY_KEY_ATTEST_CERTCHAIN" ]
55  }
56
57  external_deps = [
58    "c_utils:utils",
59    "hilog:libhilog",
60    "hisysevent:libhisysevent",
61    "huks:libhukssdk",
62    "ipc:ipc_core",
63    "openssl:libcrypto_shared",
64    "safwk:system_ability_fwk",
65    "samgr:samgr_proxy",
66  ]
67
68  part_name = "code_signature"
69
70  subsystem_name = "security"
71
72  install_images = [ "system" ]
73
74  install_enable = true
75}
76