1// Note that some host libraries have the same module name as the target 2// libraries. This is currently needed to build, for example, adb. But it's 3// probably something that should be changed. 4 5package { 6 default_visibility: ["//visibility:private"], 7 default_applicable_licenses: ["external_boringssl_license"], 8} 9 10// Added automatically by a large-scale-change that took the approach of 11// 'apply every license found to every target'. While this makes sure we respect 12// every license restriction, it may not be entirely correct. 13// 14// e.g. GPL in an MIT project might only apply to the contrib/ directory. 15// 16// Please consider splitting the single license below into multiple licenses, 17// taking care not to lose any license_kind information, and overriding the 18// default license using the 'licenses: [...]' property on targets as needed. 19// 20// For unused files, consider creating a 'fileGroup' with "//visibility:private" 21// to attach the license to, and including a comment whether the files may be 22// used in the current project. 23// See: http://go/android-license-faq 24license { 25 name: "external_boringssl_license", 26 visibility: [":__subpackages__"], 27 license_kinds: [ 28 "SPDX-license-identifier-Apache-2.0", 29 "SPDX-license-identifier-BSD", 30 "SPDX-license-identifier-ISC", 31 "SPDX-license-identifier-MIT", 32 "SPDX-license-identifier-OpenSSL", 33 "legacy_unencumbered", 34 ], 35 license_text: [ 36 "NOTICE", 37 ], 38} 39 40// Pull in the autogenerated sources modules 41build = ["sources.bp"] 42 43// Used by libcrypto, libssl, bssl tool, and native tests 44cc_defaults { 45 // This contains the common options between boringssl_flags and 46 // boringssl_flags_baremetal. Nothing else should include this target 47 // directly. 48 name: "boringssl_flags_common", 49 50 cflags: [ 51 "-fvisibility=hidden", 52 "-DBORINGSSL_SHARED_LIBRARY", 53 "-DOPENSSL_SMALL", 54 "-Werror", 55 "-Wno-unused-parameter", 56 ], 57 58 cppflags: [ 59 "-Wall", 60 "-Werror", 61 ], 62 63 // Build BoringSSL and its tests against the same STL. 64 stl: "libc++_static", 65} 66 67cc_defaults { 68 name: "boringssl_flags", 69 vendor_available: true, 70 product_available: true, 71 cflags: ["-DBORINGSSL_ANDROID_SYSTEM"], 72 defaults: ["boringssl_flags_common"], 73 sdk_version: "9", 74} 75 76cc_defaults { 77 name: "boringssl_flags_baremetal", 78 cflags: [ 79 "-DBORINGSSL_NO_STATIC_INITIALIZER", 80 "-DANDROID_BAREMETAL", 81 ], 82 defaults: [ 83 "boringssl_flags_common", 84 "cc_baremetal_defaults", 85 ], 86 apex_available: [ 87 "com.android.virt", 88 ], 89} 90 91// Used by libcrypto + libssl 92cc_defaults { 93 name: "boringssl_defaults", 94 95 local_include_dirs: ["src/include"], 96 export_include_dirs: ["src/include"], 97 cflags: ["-DBORINGSSL_IMPLEMENTATION"], 98 99 cmake_snapshot_supported: true, 100} 101 102//// libcrypto, but not libcrypto_baremetal. libcrypto_baremetal is a single 103//// target, so there is no need for a libcrypto_defaults_baremetal. 104cc_defaults { 105 name: "libcrypto_defaults", 106 host_supported: true, 107 ramdisk_available: true, 108 vendor_ramdisk_available: true, 109 110 target: { 111 windows: { 112 enabled: true, 113 host_ldlibs: ["-lws2_32"], 114 }, 115 host: { 116 host_ldlibs: ["-lpthread"], 117 }, 118 android: { 119 // On FIPS builds (i.e. Android only) prevent other libraries 120 // from pre-empting symbols in libcrypto which could affect FIPS 121 // compliance and cause integrity checks to fail. See b/160231064. 122 ldflags: ["-Wl,-Bsymbolic"], 123 }, 124 }, 125 126 stl: "none", 127} 128 129// Boring Crypto Module object file. 130// Common settings between bcm_object and bcm_object_for_testing. 131cc_defaults { 132 name: "bcm_object_defaults", 133 device_supported: true, 134 defaults: [ 135 "libcrypto_bcm_sources", 136 "libcrypto_defaults", 137 "boringssl_defaults", 138 "boringssl_flags", 139 ], 140 sanitize: { 141 address: false, 142 hwaddress: false, 143 memtag_stack: false, 144 memtag_globals: false, 145 fuzzer: false, 146 }, 147 target: { 148 android: { 149 cflags: [ 150 "-DBORINGSSL_FIPS", 151 "-fPIC", 152 // -fno[data|text]-sections required to ensure a 153 // single text and data section for FIPS integrity check 154 "-fno-data-sections", 155 "-fno-function-sections", 156 ], 157 linker_script: "src/crypto/fipsmodule/fips_shared.lds", 158 }, 159 // Temporary hack to let BoringSSL build with a new compiler. 160 // This doesn't enable HWASAN unconditionally, it just causes 161 // BoringSSL's asm code to unconditionally use a HWASAN-compatible 162 // global variable reference so that the non-HWASANified (because of 163 // sanitize: { hwaddress: false } above) code in the BCM can 164 // successfully link against the HWASANified code in the rest of 165 // BoringSSL in HWASAN builds. 166 android_arm64: { 167 asflags: [ 168 "-fsanitize=hwaddress", 169 ], 170 }, 171 }, 172 min_sdk_version: "29", 173} 174 175cc_object { 176 name: "bcm_object", 177 recovery_available: true, 178 native_bridge_supported: true, 179 defaults: [ 180 "bcm_object_defaults", 181 ], 182 apex_available: [ 183 "//apex_available:platform", 184 "com.android.adbd", 185 "com.android.adservices", 186 "com.android.btservices", 187 "com.android.compos", 188 "com.android.configinfrastructure", 189 "com.android.conscrypt", 190 "com.android.extservices", 191 "com.android.ondevicepersonalization", 192 "com.android.resolv", 193 "com.android.virt", 194 "com.android.wifi", 195 ], 196} 197 198// Version of bcm_object built with BORINGSSL_FIPS_BREAK_TESTS defined. 199// Only for use with the FIPS break-tests.sh script. 200cc_object { 201 name: "bcm_object_for_testing", 202 visibility: [ 203 "//external/boringssl", 204 ], 205 defaults: [ 206 "bcm_object_defaults", 207 ], 208 target: { 209 android: { 210 cflags: ["-DBORINGSSL_FIPS_BREAK_TESTS"], 211 }, 212 }, 213} 214 215bootstrap_go_package { 216 name: "bssl_ar", 217 pkgPath: "boringssl.googlesource.com/boringssl/util/ar", 218 srcs: [ 219 "src/util/ar/ar.go", 220 ], 221 testSrcs: [ 222 "src/util/ar/ar_test.go", 223 ], 224} 225 226bootstrap_go_package { 227 name: "bssl_fipscommon", 228 pkgPath: "boringssl.googlesource.com/boringssl/util/fipstools/fipscommon", 229 srcs: [ 230 "src/util/fipstools/fipscommon/const.go", 231 ], 232} 233 234blueprint_go_binary { 235 name: "bssl_inject_hash", 236 srcs: [ 237 "src/util/fipstools/inject_hash/inject_hash.go", 238 ], 239 deps: [ 240 "bssl_ar", 241 "bssl_fipscommon", 242 ], 243} 244 245// Target and host library. 246// Any changes here must also be reflected in libcrypto_for_test below. 247cc_library { 248 name: "libcrypto", 249 visibility: ["//visibility:public"], 250 vendor_available: true, 251 product_available: true, 252 native_bridge_supported: true, 253 double_loadable: true, 254 recovery_available: true, 255 defaults: [ 256 "libcrypto_sources", 257 "libcrypto_defaults", 258 "boringssl_defaults", 259 "boringssl_flags", 260 ], 261 unique_host_soname: true, 262 srcs: [ 263 ":bcm_object", 264 ], 265 target: { 266 android: { 267 cflags: [ 268 "-DBORINGSSL_FIPS", 269 ], 270 sanitize: { 271 // Disable address sanitizing otherwise libcrypto will not report 272 // itself as being in FIPS mode, which causes boringssl_self_test 273 // to fail. 274 address: false, 275 }, 276 inject_bssl_hash: true, 277 static: { 278 // Disable the static version of libcrypto, as it causes 279 // problems for FIPS certification. Use libcrypto_static for 280 // modules that need static libcrypto but do not need FIPS self 281 // testing, or use dynamic libcrypto. 282 enabled: false, 283 }, 284 }, 285 }, 286 apex_available: [ 287 "//apex_available:platform", 288 "com.android.adbd", 289 "com.android.adservices", 290 "com.android.btservices", 291 "com.android.compos", 292 "com.android.configinfrastructure", 293 "com.android.conscrypt", 294 "com.android.extservices", 295 "com.android.ondevicepersonalization", 296 "com.android.resolv", 297 "com.android.virt", 298 "com.android.wifi", 299 ], 300 min_sdk_version: "29", 301 afdo: true, 302} 303 304// Version of libcrypto build with BORINGSSL_FIPS_BREAK_TESTS defined 305// Only for use with the FIPS break-tests.sh script. 306// Must be kept in sync with libcrypto. 307cc_library { 308 name: "libcrypto_for_testing", 309 visibility: [ 310 "//external/boringssl", 311 ], 312 defaults: [ 313 "libcrypto_sources", 314 "libcrypto_defaults", 315 "boringssl_defaults", 316 "boringssl_flags", 317 ], 318 unique_host_soname: true, 319 srcs: [ 320 ":bcm_object_for_testing", 321 ], 322 target: { 323 android: { 324 cflags: [ 325 "-DBORINGSSL_FIPS", 326 "-DBORINGSSL_FIPS_BREAK_TESTS", 327 ], 328 sanitize: { 329 // Disable address sanitizing otherwise libcrypto will not report 330 // itself as being in FIPS mode, which causes boringssl_self_test 331 // to fail. 332 address: false, 333 }, 334 inject_bssl_hash: true, 335 static: { 336 // Disable the static version of libcrypto, as it causes 337 // problems for FIPS certification. Use libcrypto_static for 338 // modules that need static libcrypto but do not need FIPS self 339 // testing, or use dynamic libcrypto. 340 enabled: false, 341 }, 342 }, 343 }, 344 min_sdk_version: "29", 345} 346 347// Static library 348// This version of libcrypto will not have FIPS self tests enabled, so its 349// usage is protected through visibility to ensure it doesn't end up used 350// somewhere that needs the FIPS version. 351cc_library_static { 352 name: "libcrypto_static", 353 visibility: [ 354 "//bootable/recovery/updater", 355 "//bootable/deprecated-ota/updater", 356 "//external/conscrypt", 357 "//external/python/cpython2", 358 "//external/rust/android-crates-io/crates/quiche", 359 // Strictly, only the *static* toybox for legacy devices should have 360 // access to libcrypto_static, but we can't express that. 361 "//external/toybox", 362 "//hardware/interfaces/confirmationui/1.0/vts/functional", 363 "//hardware/interfaces/drm/1.0/vts/functional", 364 "//hardware/interfaces/drm/1.2/vts/functional", 365 "//hardware/interfaces/drm/1.3/vts/functional", 366 "//hardware/interfaces/keymaster/3.0/vts/functional", 367 "//hardware/interfaces/keymaster/4.0/vts/functional", 368 "//hardware/interfaces/keymaster/4.1/vts/functional", 369 "//packages/modules/adb", 370 "//packages/modules/AdServices:__subpackages__", 371 "//packages/modules/DnsResolver/tests:__subpackages__", 372 "//packages/modules/NeuralNetworks:__subpackages__", 373 "//system/core/init", 374 "//system/core/fs_mgr/liblp", 375 "//system/core/fs_mgr/liblp/vts_core", 376 "//system/core/fs_mgr/libsnapshot", 377 "//system/libvintf/test", 378 "//system/security/keystore/tests", 379 "//system/security/provisioner", 380 "//test/vts-testcase/security/avb", 381 "//vendor:__subpackages__", 382 ], 383 min_sdk_version: "29", 384 apex_available: [ 385 "//apex_available:platform", 386 "com.android.adservices", 387 "com.android.extservices", 388 "com.android.neuralnetworks", 389 ], 390 defaults: [ 391 "libcrypto_bcm_sources", 392 "libcrypto_sources", 393 "libcrypto_defaults", 394 "boringssl_defaults", 395 "boringssl_flags", 396 ], 397} 398 399// Static library for use in bare-metal environments 400cc_library_static { 401 name: "libcrypto_baremetal", 402 defaults: [ 403 "libcrypto_bcm_sources", 404 "libcrypto_sources", 405 "boringssl_defaults", 406 "boringssl_flags_baremetal", 407 ], 408 visibility: [ 409 "//external/avb:__subpackages__", 410 "//external/open-dice", 411 "//packages/modules/Virtualization:__subpackages__", 412 "//system/security/diced/open_dice", 413 ], 414 415 // b/336916369: This library gets linked into a rust rlib. Disable LTO 416 // until cross-language lto is supported. 417 lto: { 418 never: true, 419 }, 420} 421 422// For static linking into the ART module to provide limited functionality: 423// bignums and SHA1 for ELF checksums. 424cc_library_static { 425 name: "libcrypto_for_art", 426 defaults: [ 427 "libcrypto_defaults", 428 "boringssl_defaults", 429 ], 430 srcs: [ 431 "src/crypto/cpu_*.c", 432 "src/crypto/crypto.c", 433 "src/crypto/err/err.c", 434 "src/crypto/fipsmodule/bn/*.c", 435 "src/crypto/fipsmodule/bn/asm/*.c", 436 "src/crypto/fipsmodule/rand/*.c", 437 "src/crypto/fipsmodule/sha/sha1.c", 438 "src/crypto/mem.c", 439 "src/crypto/stack/stack.c", 440 "src/crypto/thread_pthread.c", 441 "src/gen/crypto/err_data.c", 442 ], 443 target: { 444 linux: { 445 srcs: [ 446 "src/gen/bcm/*-linux.S", 447 ], 448 }, 449 }, 450 visibility: [ 451 "//art:__subpackages__", 452 "//libcore:__subpackages__", 453 ], 454 apex_available: [ 455 "com.android.art", 456 "com.android.art.debug", 457 "com.android.art.testing", 458 ], 459 min_sdk_version: "29", 460} 461 462// Common defaults for lib*_fuzz_unsafe. These are unsafe and deterministic 463// libraries for testing and fuzzing only. See src/FUZZING.md. 464cc_defaults { 465 name: "boringssl_fuzz_unsafe_defaults", 466 host_supported: true, 467 cflags: [ 468 "-DBORINGSSL_UNSAFE_DETERMINISTIC_MODE", 469 "-DBORINGSSL_UNSAFE_FUZZER_MODE", 470 ], 471 visibility: [ 472 "//frameworks/native/libs/binder/tests:__subpackages__", 473 ], 474} 475 476// Unsafe and deterministic version of libcrypto. For testing and fuzzing only. 477// See src/FUZZING.md. 478cc_test_library { 479 name: "libcrypto_fuzz_unsafe", 480 ramdisk_available: false, 481 vendor_ramdisk_available: false, 482 defaults: [ 483 "libcrypto_bcm_sources", 484 "libcrypto_sources", 485 "libcrypto_defaults", 486 "boringssl_defaults", 487 "boringssl_flags", 488 "boringssl_fuzz_unsafe_defaults", 489 ], 490} 491 492//// libssl 493 494// Target static library 495 496// Static and Shared library 497cc_library { 498 name: "libssl", 499 visibility: ["//visibility:public"], 500 recovery_available: true, 501 vendor_available: true, 502 product_available: true, 503 native_bridge_supported: true, 504 host_supported: true, 505 defaults: [ 506 "libssl_sources", 507 "boringssl_defaults", 508 "boringssl_flags", 509 ], 510 target: { 511 windows: { 512 enabled: true, 513 }, 514 }, 515 unique_host_soname: true, 516 517 shared_libs: ["libcrypto"], 518 519 apex_available: [ 520 "//apex_available:platform", 521 "com.android.adbd", 522 "com.android.btservices", 523 "com.android.configinfrastructure", 524 "com.android.conscrypt", 525 "com.android.resolv", 526 "com.android.virt", 527 "com.android.wifi", 528 ], 529 min_sdk_version: "29", 530} 531 532cc_library_static { 533 name: "libssl_baremetal", 534 defaults: [ 535 "libssl_sources", 536 "boringssl_defaults", 537 "boringssl_flags_baremetal", 538 ], 539 static_libs: ["libcrypto_baremetal"], 540} 541 542cc_library_host_static { 543 name: "libssl_static", 544 defaults: [ 545 "libssl_sources", 546 "boringssl_defaults", 547 "boringssl_flags", 548 ], 549 static_libs: ["libcrypto_static"], 550} 551 552// Unsafe and deterministic version of libssl. For testing and fuzzing only. 553// See src/FUZZING.md. 554cc_test_library { 555 name: "libssl_fuzz_unsafe", 556 host_supported: true, 557 defaults: [ 558 "libssl_sources", 559 "boringssl_defaults", 560 "boringssl_flags", 561 "boringssl_fuzz_unsafe_defaults", 562 ], 563 static_libs: [ 564 "libcrypto_fuzz_unsafe", 565 ], 566} 567 568// Tool 569cc_binary { 570 name: "bssl", 571 host_supported: true, 572 defaults: [ 573 "bssl_sources", 574 "boringssl_flags", 575 ], 576 577 shared_libs: [ 578 "libcrypto", 579 "libssl", 580 ], 581 target: { 582 darwin: { 583 enabled: false, 584 }, 585 android: { 586 compile_multilib: "both", 587 }, 588 }, 589 multilib: { 590 lib32: { 591 suffix: "32", 592 }, 593 }, 594} 595 596// Used for ACVP testing for FIPS certification. 597// Not installed on devices by default. 598cc_binary { 599 name: "acvp_modulewrapper", 600 srcs: [ 601 "src/util/fipstools/acvp/modulewrapper/main.cc", 602 ], 603 target: { 604 android_x86: { 605 enabled: false, 606 }, 607 android_x86_64: { 608 enabled: false, 609 }, 610 }, 611 stem: "modulewrapper", 612 compile_multilib: "both", 613 multilib: { 614 lib32: { 615 suffix: "32", 616 }, 617 }, 618 619 static_libs: [ 620 "libacvp_modulewrapper", 621 ], 622 shared_libs: [ 623 "libcrypto", 624 ], 625 626 defaults: [ 627 "boringssl_flags", 628 ], 629} 630 631// ACVP wrapper implementation shared between Android and Trusty 632cc_library_static { 633 name: "libacvp_modulewrapper", 634 host_supported: true, 635 vendor_available: true, 636 srcs: [ 637 "src/util/fipstools/acvp/modulewrapper/modulewrapper.cc", 638 ], 639 target: { 640 android: { 641 compile_multilib: "both", 642 }, 643 }, 644 export_include_dirs: ["src/util/fipstools/acvp/modulewrapper/"], 645 shared_libs: [ 646 "libcrypto", 647 ], 648 649 defaults: [ 650 "boringssl_flags", 651 ], 652 653 visibility: ["//system/core/trusty/utils/acvp"], 654} 655 656// Test support library 657cc_test_library { 658 name: "boringssl_test_support", 659 host_supported: true, 660 defaults: [ 661 "boringssl_test_support_sources", 662 "boringssl_flags", 663 ], 664 665 shared_libs: [ 666 "libcrypto", 667 ], 668} 669 670// Tests 671cc_test { 672 name: "boringssl_crypto_test", 673 test_config: "CryptoNativeTests.xml", 674 test_suites: ["general-tests"], 675 host_supported: false, 676 vendor_available: false, 677 product_available: false, 678 per_testcase_directory: true, 679 compile_multilib: "both", 680 multilib: { 681 lib32: { 682 suffix: "32", 683 }, 684 lib64: { 685 suffix: "64", 686 }, 687 }, 688 defaults: [ 689 "boringssl_crypto_test_sources", 690 "boringssl_flags", 691 ], 692 whole_static_libs: ["boringssl_test_support"], 693 // Statically link the library to test to ensure we always pick up the 694 // correct version regardless of device linker configuration. 695 static_libs: [ 696 "libcrypto_static", 697 "libgmock_ndk", 698 ], 699 target: { 700 android: { 701 test_suites: ["mts-conscrypt"], 702 }, 703 }, 704} 705 706cc_test { 707 name: "boringssl_ssl_test", 708 test_config: "SslNativeTests.xml", 709 test_suites: ["general-tests"], 710 host_supported: false, 711 vendor_available: false, 712 product_available: false, 713 per_testcase_directory: true, 714 compile_multilib: "both", 715 multilib: { 716 lib32: { 717 suffix: "32", 718 }, 719 lib64: { 720 suffix: "64", 721 }, 722 }, 723 defaults: [ 724 "boringssl_ssl_test_sources", 725 "boringssl_flags", 726 ], 727 whole_static_libs: ["boringssl_test_support"], 728 // Statically link the libraries to test to ensure we always pick up the 729 // correct version regardless of device linker configuration. 730 static_libs: [ 731 "libcrypto_static", 732 "libgmock_ndk", 733 "libssl", 734 ], 735 target: { 736 android: { 737 test_suites: ["mts-conscrypt"], 738 }, 739 }, 740} 741 742// Utility binary for CMVP on-site testing. 743cc_binary { 744 name: "test_fips", 745 host_supported: false, 746 compile_multilib: "both", 747 multilib: { 748 lib32: { 749 suffix: "32", 750 }, 751 lib64: { 752 suffix: "", 753 }, 754 }, 755 defaults: [ 756 "boringssl_flags", 757 ], 758 cflags: [ 759 "-DBORINGSSL_FIPS", 760 ], 761 shared_libs: [ 762 "libcrypto", 763 ], 764 srcs: [ 765 "src/util/fipstools/test_fips.c", 766 ], 767 required: [ 768 "adb", 769 "libcrypto_for_testing", 770 ], 771} 772 773libbssl_sys_raw_flags = [ 774 // Adapted from upstream the src/rust/CMakeLists.txt file at: 775 // https://boringssl.googlesource.com/boringssl/+/refs/heads/master/rust/CMakeLists.txt 776 "--no-derive-default", 777 "--enable-function-attribute-detection", 778 "--use-core", 779 "--default-macro-constant-type=signed", 780 "--rustified-enum=point_conversion_form_t", 781 // These regexes use [[:punct:]] instead of / to handle Windows file paths. 782 // Ideally we would write [/\\], but escaping rules are complex, and often 783 // ill-defined, in some build systems, so align on [[:punct:]]. 784 "--allowlist-file=.*[[:punct:]]include[[:punct:]]openssl[[:punct:]].*\\.h", 785 "--allowlist-file=.*[[:punct:]]rust_wrapper\\.h", 786] 787 788// Rust bindings 789rust_bindgen { 790 name: "libbssl_sys_raw", 791 source_stem: "bssl_sys_bindings", 792 crate_name: "bssl_sys_raw", 793 host_supported: true, 794 wrapper_src: "src/rust/bssl-sys/wrapper.h", 795 vendor_available: true, 796 product_available: true, 797 bindgen_flags: libbssl_sys_raw_flags, 798 shared_libs: [ 799 "libcrypto", 800 "libssl", 801 ], 802 min_sdk_version: "29", 803 apex_available: [ 804 "//apex_available:platform", 805 "com.android.configinfrastructure", 806 "com.android.virt", 807 ], 808} 809 810rust_bindgen { 811 name: "libbssl_sys_raw_nostd", 812 source_stem: "bssl_sys_bindings", 813 crate_name: "bssl_sys_raw", 814 wrapper_src: "src/rust/bssl-sys/wrapper.h", 815 bindgen_flags: [ 816 "--ctypes-prefix=core::ffi", 817 ] + libbssl_sys_raw_flags, 818 header_libs: [ 819 "libcrypto_baremetal", 820 "libssl_baremetal", 821 ], 822 apex_available: [ 823 "com.android.virt", 824 ], 825} 826 827// Encapsulate the bindgen-generated layout tests as a test target. 828rust_test { 829 name: "libbssl_sys_raw_test", 830 srcs: [ 831 ":libbssl_sys_raw", 832 ], 833 crate_name: "bssl_sys_raw_test", 834 test_suites: ["general-tests"], 835 auto_gen_config: true, 836 clippy_lints: "none", 837 lints: "none", 838} 839 840// Rust's bindgen doesn't cope with macros, so this target includes C functions that 841// do the same thing as macros defined in BoringSSL header files. 842cc_library_static { 843 name: "libbssl_rust_support", 844 host_supported: true, 845 defaults: ["boringssl_flags"], 846 srcs: ["src/rust/bssl-sys/rust_wrapper.c"], 847 shared_libs: [ 848 "libcrypto", 849 "libssl", 850 ], 851 min_sdk_version: "29", 852 apex_available: [ 853 "//apex_available:platform", 854 "com.android.configinfrastructure", 855 "com.android.virt", 856 ], 857 858 // b/336916369: This library gets linked into a rust rlib. Disable LTO 859 // until cross-language lto is supported. 860 lto: { 861 never: true, 862 }, 863} 864 865cc_library_static { 866 name: "libbssl_rust_support_baremetal", 867 defaults: ["boringssl_flags_baremetal"], 868 srcs: ["src/rust/bssl-sys/rust_wrapper.c"], 869 static_libs: [ 870 "libcrypto_baremetal", 871 "libssl_baremetal", 872 ], 873 874 // b/336916369: This library gets linked into a rust rlib. Disable LTO 875 // until cross-language lto is supported. 876 lto: { 877 never: true, 878 }, 879} 880 881cc_library_host_static { 882 name: "libbssl_rust_support_static", 883 defaults: ["boringssl_flags"], 884 srcs: ["src/rust/bssl-sys/rust_wrapper.c"], 885 whole_static_libs: [ 886 "libcrypto_static", 887 "libssl_static", 888 ], 889} 890 891rust_defaults { 892 name: "libbssl_sys_defaults", 893 host_supported: true, 894 crate_name: "bssl_sys", 895 visibility: [ 896 "//external/rust/crates/openssl", 897 "//external/rust/android-crates-io/crates/tokio-openssl", 898 "//system/keymint/boringssl", 899 "//system/security/prng_seeder", 900 ], 901 srcs: [ 902 "src/rust/bssl-sys/src/lib.rs", 903 ":libbssl_sys_raw", 904 ], 905 shared_libs: [ 906 "libcrypto", 907 "libssl", 908 ], 909 vendor_available: true, 910 product_available: true, 911} 912 913rust_library { 914 name: "libbssl_sys", 915 defaults: ["libbssl_sys_defaults"], 916 whole_static_libs: [ 917 "libbssl_rust_support", 918 ], 919 min_sdk_version: "29", 920 apex_available: [ 921 "//apex_available:platform", 922 "com.android.configinfrastructure", 923 "com.android.virt", 924 ], 925 cfgs: ["unsupported_inline_wrappers"], 926} 927 928rust_library_host_rlib { 929 name: "libbssl_sys_static", 930 defaults: ["libbssl_sys_defaults"], 931 whole_static_libs: [ 932 "libbssl_rust_support_static", 933 ], 934 cfgs: ["unsupported_inline_wrappers"], 935} 936 937genrule { 938 name: "libbssl_sys_src_nostd", 939 srcs: ["src/rust/bssl-sys/src/lib.rs"], 940 out: ["lib.rs"], 941 cmd: "(echo '#![no_std]' && cat $(in)) > $(out)", 942} 943 944rust_library_rlib { 945 name: "libbssl_sys_nostd", 946 crate_name: "bssl_sys", 947 visibility: [ 948 "//packages/modules/Virtualization:__subpackages__", 949 ], 950 srcs: [ 951 ":libbssl_sys_src_nostd", 952 ":libbssl_sys_raw_nostd", 953 ], 954 prefer_rlib: true, 955 no_stdlibs: true, 956 stdlibs: [ 957 "libcompiler_builtins.rust_sysroot", 958 "libcore.rust_sysroot", 959 ], 960 whole_static_libs: [ 961 "libbssl_rust_support_baremetal", 962 ], 963 cfgs: ["unsupported_inline_wrappers"], 964} 965 966// High-level Rust crate `bssl-crypto` 967 968rust_defaults { 969 name: "libbssl_crypto_defaults", 970 crate_name: "bssl_crypto", 971 visibility: ["//visibility:public"], 972 srcs: ["src/rust/bssl-crypto/src/lib.rs"], 973 rustlibs: ["libbssl_sys"], 974} 975 976rust_library { 977 name: "libbssl_crypto", 978 defaults: ["libbssl_crypto_defaults"], 979 host_supported: true, 980 apex_available: [ 981 "//apex_available:platform", 982 "com.android.virt", 983 ], 984 vendor_available: true, 985 product_available: true, 986} 987 988rust_test { 989 name: "libbssl_crypto_test", 990 defaults: ["libbssl_crypto_defaults"], 991 crate_name: "bssl_crypto_test", 992 test_suites: ["general-tests"], 993 auto_gen_config: true, 994} 995 996dirgroup { 997 name: "trusty_dirgroup_external_boringssl", 998 dirs: ["."], 999 visibility: ["//trusty/vendor/google/aosp/scripts"], 1000} 1001