diff options
author | Tomasz Swierczek <t.swierczek@samsung.com> | 2018-04-18 13:25:37 +0200 |
---|---|---|
committer | Tomasz Swierczek <t.swierczek@samsung.com> | 2018-04-19 07:00:10 +0200 |
commit | ee31296a3cf4c9ef4d77298d781761e3bff5d279 (patch) | |
tree | 7023b4be8daf2d57df301658f8c9ad2a33d86b38 | |
parent | 873b8e71eeab8beb2bcc87d518908887c43254e2 (diff) | |
download | key-manager-submit/tizen/20180419.050559.tar.gz key-manager-submit/tizen/20180419.050559.tar.bz2 key-manager-submit/tizen/20180419.050559.zip |
Disable default build with tz-backendsubmit/tizen/20180502.043224submit/tizen/20180430.063346submit/tizen/20180419.050559accepted/tizen/unified/20180502.111600
Migration to VD causes build breaks because of missing optee dependency.
Relation between key-manager and key-manager-ta needs to be re-worked.
For now it will be disabled.
Change-Id: I5312db283e3514d7c54dfa7caffd6738b5568e2f
-rw-r--r-- | CMakeLists.txt | 4 | ||||
-rw-r--r-- | packaging/key-manager.spec | 9 | ||||
-rw-r--r-- | src/CMakeLists.txt | 28 | ||||
-rw-r--r-- | src/manager/crypto/platform/decider.cpp | 16 | ||||
-rw-r--r-- | tests/CMakeLists.txt | 31 | ||||
-rw-r--r-- | tools/ckm_db_tool/CMakeLists.txt | 34 |
6 files changed, 100 insertions, 22 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index d345f010..64aa0881 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -64,6 +64,10 @@ ADD_DEFINITIONS("-DINITIAL_VALUES_DIR=\"${INITIAL_VALUES_DIR}\"") ADD_DEFINITIONS("-DCA_CERTS_DIR=\"${CA_CERTS_DIR}\"") ADD_DEFINITIONS("-DSYSTEMD_ENV_FILE=\"${SYSTEMD_ENV_FILE}\"") +IF (TZ_BACKEND_ENABLED) + ADD_DEFINITIONS("-DTZ_BACKEND_ENABLED") +ENDIF() + IF (DEFINED WATCHDOG_ENABLED) MESSAGE("WATCHDOG ENABELD!") ADD_DEFINITIONS("-DWATCHDOG_ENABLED") diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index d953b27a..fe470a77 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -1,6 +1,7 @@ %global watchdog_enabled 1 %global watchdog_timeout_sec 60 %global watchdog_notify_sec 20 +%global tz_backend_enabled 0 Name: key-manager Summary: Central Key Manager and utilities @@ -35,10 +36,11 @@ BuildRequires: pkgconfig(argos_watchdog) %endif BuildRequires: boost-devel BuildRequires: ca-certificates-devel +%if %{tz_backend_enabled} == 1 BuildRequires: key-manager-ta-devel BuildRequires: key-manager-ta-serialization-devel BuildRequires: pkgconfig(tef-libteec) -#Requires(pre): tizen-platform-config-tools +%endif Requires: libkey-manager-common = %{version}-%{release} %{?systemd_requires} @@ -164,6 +166,11 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions " -DWATCHDOG_TIMEOUT_SEC=%{watchdog_timeout_sec} \ -DWATCHDOG_NOTIFY_SEC=%{watchdog_notify_sec} \ %endif +%if %{tz_backend_enabled} == 1 + -DTZ_BACKEND_ENABLED=ON \ +%else + -DTZ_BACKEND_ENABLED=OFF \ +%endif -DTEST_DIR=%{test_dir} make %{?jobs:-j%jobs} diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 04e4d529..a4943c8a 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -4,6 +4,13 @@ ELSE (DEFINED WATCHDOG_ENABLED) SET(EXTRA_KM_DEPS) ENDIF (DEFINED WATCHDOG_ENABLED) +IF (TZ_BACKEND_ENABLED) +SET(EXTRA_KM_DEPS + ${EXTRA_KM_DEPS} + tef-libteec + ) +ENDIF() + PKG_CHECK_MODULES(KEY_MANAGER_DEP REQUIRED dlog @@ -19,7 +26,6 @@ PKG_CHECK_MODULES(KEY_MANAGER_DEP cynara-creds-socket pkgmgr vconf - tef-libteec ${EXTRA_KM_DEPS} ) FIND_PACKAGE(Threads REQUIRED) @@ -75,14 +81,20 @@ SET(KEY_MANAGER_SOURCES ${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp ${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp ${KEY_MANAGER_PATH}/crypto/platform/decider.cpp + ${SECURITY_MANAGER_WRAPPER_PATH} + ${CYNARA_WRAPPER_PATH} + ) + +IF(TZ_BACKEND_ENABLED) +SET(KEY_MANAGER_SOURCES + ${KEY_MANAGER_SOURCES} ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp - ${SECURITY_MANAGER_WRAPPER_PATH} - ${CYNARA_WRAPPER_PATH} ) +ENDIF() SET_SOURCE_FILES_PROPERTIES( ${KEY_MANAGER_SOURCES} @@ -110,14 +122,20 @@ LINK_DIRECTORIES(${KEY_MANAGER_DEP_LIBRARY_DIRS}) ADD_EXECUTABLE(${TARGET_KEY_MANAGER} ${KEY_MANAGER_SOURCES}) +IF(TZ_BACKEND_ENABLED) +SET(KM_LINK_EXTRA_DEPS + ${KM_LINK_EXTRA_DEPS} + km_serialization + ) +ENDIF() + TARGET_LINK_LIBRARIES(${TARGET_KEY_MANAGER} ${CMAKE_THREAD_LIBS_INIT} ${KEY_MANAGER_DEP_LIBRARIES} ${TARGET_KEY_MANAGER_COMMON} + ${KM_LINK_EXTRA_DEPS} -ldl - km_serialization ) - ################################################################################ SET(KEY_MANAGER_CLIENT_VERSION_MAJOR 1) diff --git a/src/manager/crypto/platform/decider.cpp b/src/manager/crypto/platform/decider.cpp index 2a93729f..a2f16e2f 100644 --- a/src/manager/crypto/platform/decider.cpp +++ b/src/manager/crypto/platform/decider.cpp @@ -27,11 +27,14 @@ #include <generic-backend/exception.h> #include <sw-backend/store.h> + +#ifdef TZ_BACKEND_ENABLED #include <tz-backend/store.h> #include <tz-backend/tz-context.h> #include <tee_client_api.h> #include <km_ta_defines.h> +#endif // TZ_BACKEND_ENABLED #include <sstream> #include <fstream> @@ -57,6 +60,7 @@ CryptoBackend chooseCryptoBackend(DataType data, const Policy &policy, bool encrypted) { +#ifdef TZ_BACKEND_ENABLED // user directly point proper backend - we will not discuss with it if (policy.backend == CKM::PolicyBackend::FORCE_SOFTWARE) return CryptoBackend::OpenSSL; @@ -91,13 +95,21 @@ CryptoBackend chooseCryptoBackend(DataType data, LogDebug("...succeeded. Selecting TZ backend."); return CryptoBackend::TrustZone; +#else // TZ_BACKEND_ENABLED + (void) data; + (void) policy; + (void) encrypted; + return CryptoBackend::OpenSSL; +#endif // TZ_BACKEND_ENABLED } } // namespace Decider::Decider() : m_swStore(new SW::Store(CryptoBackend::OpenSSL)) +#ifdef TZ_BACKEND_ENABLED , m_tzStore(new TZ::Store(CryptoBackend::TrustZone)) +#endif { } @@ -112,10 +124,10 @@ GStore &Decider::getStore(CryptoBackend cryptoBackend) const if (cryptoBackend == CryptoBackend::OpenSSL) gStore = m_swStore.get(); - +#ifdef TZ_BACKEND_ENABLED if (cryptoBackend == CryptoBackend::TrustZone) gStore = m_tzStore.get(); - +#endif if (gStore) return *gStore; diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index e90d8d73..7af494ca 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -68,7 +68,6 @@ SET(TEST_MERGED_SOURCES ${KEY_MANAGER_TEST_MERGED_SRC}/test_stringify.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_ss-crypto.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_sw-backend.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/test_tz-backend.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_xml-parser.cpp # duplicated srcs to test hidden symbols @@ -77,11 +76,6 @@ SET(TEST_MERGED_SOURCES ${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp ${KEY_MANAGER_PATH}/crypto/sw-backend/obj.cpp ${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp ${KEY_MANAGER_PATH}/dpl/core/src/colors.cpp ${KEY_MANAGER_PATH}/dpl/core/src/errno_string.cpp @@ -102,17 +96,40 @@ SET(TEST_MERGED_SOURCES ${KEY_MANAGER_PATH}/service/ss-crypto.cpp ) +IF(TZ_BACKEND_ENABLED) +SET(TEST_MERGED_SOURCES + ${TEST_MERGED_SOURCES} + ${KEY_MANAGER_TEST_MERGED_SRC}/test_tz-backend.cpp + + # duplicated srcs to test hidden symbols + ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp + ) +ENDIF() + LINK_DIRECTORIES(${KEY_MANAGER_DEP_LIBRARY_DIRS}) ADD_EXECUTABLE(${TARGET_TEST_MERGED} ${TEST_MERGED_SOURCES}) + +IF(TZ_BACKEND_ENABLED) +SET(TEST_LINK_EXTRA_DEPS + ${TEST_LINK_EXTRA_DEPS} + teec + km_serialization + ) +ENDIF() + TARGET_LINK_LIBRARIES(${TARGET_TEST_MERGED} ${TARGET_KEY_MANAGER_COMMON} ${CMAKE_THREAD_LIBS_INIT} ${KEY_MANAGER_DEP_LIBRARIES} ${TARGET_ENCRYPTION_SCHEME_COMMON} + ${TEST_LINK_EXTRA_DEPS} boost_unit_test_framework - teec km_serialization -ldl ) diff --git a/tools/ckm_db_tool/CMakeLists.txt b/tools/ckm_db_tool/CMakeLists.txt index 65247120..7b78c1a9 100644 --- a/tools/ckm_db_tool/CMakeLists.txt +++ b/tools/ckm_db_tool/CMakeLists.txt @@ -1,6 +1,12 @@ SET(CKM_DB_TOOL "ckm_db_tool") SET(KEY_MANAGER_PATH ${PROJECT_SOURCE_DIR}/src/manager) +IF (TZ_BACKEND_ENABLED) +SET(CKM_DB_TOOL_EXTRA_DEP + tef-libteec + ) +ENDIF() + PKG_CHECK_MODULES(CKM_DB_TOOL_DEP REQUIRED openssl @@ -11,7 +17,7 @@ PKG_CHECK_MODULES(CKM_DB_TOOL_DEP cynara-client-async cynara-creds-socket security-manager - tef-libteec + ${CKM_DB_TOOL_EXTRA_DEP} ) FIND_PACKAGE(Threads REQUIRED) @@ -38,11 +44,6 @@ SET(CKM_DB_TOOL_SOURCES ${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp ${KEY_MANAGER_PATH}/crypto/sw-backend/obj.cpp ${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp @@ -78,15 +79,34 @@ SET(CKM_DB_TOOL_SOURCES ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c ) +IF(TZ_BACKEND_ENABLED) +SET(CKM_DB_TOOL_SOURCES + ${CKM_DB_TOOL_SOURCES} + ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp + ) +ENDIF() + LINK_DIRECTORIES(${CKM_DB_TOOL_DEP_LIBRARY_DIRS}) ADD_EXECUTABLE( ${CKM_DB_TOOL} ${CKM_DB_TOOL_SOURCES} ) +IF(TZ_BACKEND_ENABLED) +SET(CKM_DB_TOOL_LINK_EXTRA_DEPS + ${CKM_DB_TOOL_LINK_EXTRA_DEPS} + teec + km_serialization + ) +ENDIF() + TARGET_LINK_LIBRARIES(${CKM_DB_TOOL} ${CMAKE_THREAD_LIBS_INIT} ${CKM_DB_TOOL_DEP_LIBRARIES} ${TARGET_KEY_MANAGER_COMMON} - teec km_serialization + ${CKM_DB_TOOL_LINK_EXTRA_DEPS} -ldl ) |