Migration to VD causes build breaks because of missing optee dependency.
Relation between key-manager and key-manager-ta needs to be re-worked.
For now it will be disabled.
Change-Id: I5312db283e3514d7c54dfa7caffd6738b5568e2f
ADD_DEFINITIONS("-DCA_CERTS_DIR=\"${CA_CERTS_DIR}\"")
ADD_DEFINITIONS("-DSYSTEMD_ENV_FILE=\"${SYSTEMD_ENV_FILE}\"")
+IF (TZ_BACKEND_ENABLED)
+ ADD_DEFINITIONS("-DTZ_BACKEND_ENABLED")
+ENDIF()
+
IF (DEFINED WATCHDOG_ENABLED)
MESSAGE("WATCHDOG ENABELD!")
ADD_DEFINITIONS("-DWATCHDOG_ENABLED")
%global watchdog_enabled 1
%global watchdog_timeout_sec 60
%global watchdog_notify_sec 20
+%global tz_backend_enabled 0
Name: key-manager
Summary: Central Key Manager and utilities
%endif
BuildRequires: boost-devel
BuildRequires: ca-certificates-devel
+%if %{tz_backend_enabled} == 1
BuildRequires: key-manager-ta-devel
BuildRequires: key-manager-ta-serialization-devel
BuildRequires: pkgconfig(tef-libteec)
-#Requires(pre): tizen-platform-config-tools
+%endif
Requires: libkey-manager-common = %{version}-%{release}
%{?systemd_requires}
-DWATCHDOG_TIMEOUT_SEC=%{watchdog_timeout_sec} \
-DWATCHDOG_NOTIFY_SEC=%{watchdog_notify_sec} \
%endif
+%if %{tz_backend_enabled} == 1
+ -DTZ_BACKEND_ENABLED=ON \
+%else
+ -DTZ_BACKEND_ENABLED=OFF \
+%endif
-DTEST_DIR=%{test_dir}
make %{?jobs:-j%jobs}
SET(EXTRA_KM_DEPS)
ENDIF (DEFINED WATCHDOG_ENABLED)
+IF (TZ_BACKEND_ENABLED)
+SET(EXTRA_KM_DEPS
+ ${EXTRA_KM_DEPS}
+ tef-libteec
+ )
+ENDIF()
+
PKG_CHECK_MODULES(KEY_MANAGER_DEP
REQUIRED
dlog
cynara-creds-socket
pkgmgr
vconf
- tef-libteec
${EXTRA_KM_DEPS}
)
FIND_PACKAGE(Threads REQUIRED)
${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp
${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp
${KEY_MANAGER_PATH}/crypto/platform/decider.cpp
+ ${SECURITY_MANAGER_WRAPPER_PATH}
+ ${CYNARA_WRAPPER_PATH}
+ )
+
+IF(TZ_BACKEND_ENABLED)
+SET(KEY_MANAGER_SOURCES
+ ${KEY_MANAGER_SOURCES}
${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp
${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp
${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp
${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp
${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp
- ${SECURITY_MANAGER_WRAPPER_PATH}
- ${CYNARA_WRAPPER_PATH}
)
+ENDIF()
SET_SOURCE_FILES_PROPERTIES(
${KEY_MANAGER_SOURCES}
ADD_EXECUTABLE(${TARGET_KEY_MANAGER} ${KEY_MANAGER_SOURCES})
+IF(TZ_BACKEND_ENABLED)
+SET(KM_LINK_EXTRA_DEPS
+ ${KM_LINK_EXTRA_DEPS}
+ km_serialization
+ )
+ENDIF()
+
TARGET_LINK_LIBRARIES(${TARGET_KEY_MANAGER}
${CMAKE_THREAD_LIBS_INIT}
${KEY_MANAGER_DEP_LIBRARIES}
${TARGET_KEY_MANAGER_COMMON}
+ ${KM_LINK_EXTRA_DEPS}
-ldl
- km_serialization
)
-
################################################################################
SET(KEY_MANAGER_CLIENT_VERSION_MAJOR 1)
#include <generic-backend/exception.h>
#include <sw-backend/store.h>
+
+#ifdef TZ_BACKEND_ENABLED
#include <tz-backend/store.h>
#include <tz-backend/tz-context.h>
#include <tee_client_api.h>
#include <km_ta_defines.h>
+#endif // TZ_BACKEND_ENABLED
#include <sstream>
#include <fstream>
const Policy &policy,
bool encrypted)
{
+#ifdef TZ_BACKEND_ENABLED
// user directly point proper backend - we will not discuss with it
if (policy.backend == CKM::PolicyBackend::FORCE_SOFTWARE)
return CryptoBackend::OpenSSL;
LogDebug("...succeeded. Selecting TZ backend.");
return CryptoBackend::TrustZone;
+#else // TZ_BACKEND_ENABLED
+ (void) data;
+ (void) policy;
+ (void) encrypted;
+ return CryptoBackend::OpenSSL;
+#endif // TZ_BACKEND_ENABLED
}
} // namespace
Decider::Decider()
: m_swStore(new SW::Store(CryptoBackend::OpenSSL))
+#ifdef TZ_BACKEND_ENABLED
, m_tzStore(new TZ::Store(CryptoBackend::TrustZone))
+#endif
{
}
if (cryptoBackend == CryptoBackend::OpenSSL)
gStore = m_swStore.get();
-
+#ifdef TZ_BACKEND_ENABLED
if (cryptoBackend == CryptoBackend::TrustZone)
gStore = m_tzStore.get();
-
+#endif
if (gStore)
return *gStore;
${KEY_MANAGER_TEST_MERGED_SRC}/test_stringify.cpp
${KEY_MANAGER_TEST_MERGED_SRC}/test_ss-crypto.cpp
${KEY_MANAGER_TEST_MERGED_SRC}/test_sw-backend.cpp
- ${KEY_MANAGER_TEST_MERGED_SRC}/test_tz-backend.cpp
${KEY_MANAGER_TEST_MERGED_SRC}/test_xml-parser.cpp
# duplicated srcs to test hidden symbols
${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp
${KEY_MANAGER_PATH}/crypto/sw-backend/obj.cpp
${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp
${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp
${KEY_MANAGER_PATH}/dpl/core/src/colors.cpp
${KEY_MANAGER_PATH}/dpl/core/src/errno_string.cpp
${KEY_MANAGER_PATH}/service/ss-crypto.cpp
)
+IF(TZ_BACKEND_ENABLED)
+SET(TEST_MERGED_SOURCES
+ ${TEST_MERGED_SOURCES}
+ ${KEY_MANAGER_TEST_MERGED_SRC}/test_tz-backend.cpp
+
+ # duplicated srcs to test hidden symbols
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp
+ )
+ENDIF()
+
LINK_DIRECTORIES(${KEY_MANAGER_DEP_LIBRARY_DIRS})
ADD_EXECUTABLE(${TARGET_TEST_MERGED} ${TEST_MERGED_SOURCES})
+
+IF(TZ_BACKEND_ENABLED)
+SET(TEST_LINK_EXTRA_DEPS
+ ${TEST_LINK_EXTRA_DEPS}
+ teec
+ km_serialization
+ )
+ENDIF()
+
TARGET_LINK_LIBRARIES(${TARGET_TEST_MERGED}
${TARGET_KEY_MANAGER_COMMON}
${CMAKE_THREAD_LIBS_INIT}
${KEY_MANAGER_DEP_LIBRARIES}
${TARGET_ENCRYPTION_SCHEME_COMMON}
+ ${TEST_LINK_EXTRA_DEPS}
boost_unit_test_framework
- teec km_serialization
-ldl
)
SET(CKM_DB_TOOL "ckm_db_tool")
SET(KEY_MANAGER_PATH ${PROJECT_SOURCE_DIR}/src/manager)
+IF (TZ_BACKEND_ENABLED)
+SET(CKM_DB_TOOL_EXTRA_DEP
+ tef-libteec
+ )
+ENDIF()
+
PKG_CHECK_MODULES(CKM_DB_TOOL_DEP
REQUIRED
openssl
cynara-client-async
cynara-creds-socket
security-manager
- tef-libteec
+ ${CKM_DB_TOOL_EXTRA_DEP}
)
FIND_PACKAGE(Threads REQUIRED)
${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp
${KEY_MANAGER_PATH}/crypto/sw-backend/obj.cpp
${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp
- ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp
${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp
${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp
${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp
${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c
)
+IF(TZ_BACKEND_ENABLED)
+SET(CKM_DB_TOOL_SOURCES
+ ${CKM_DB_TOOL_SOURCES}
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/internals.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/obj.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-context.cpp
+ ${KEY_MANAGER_PATH}/crypto/tz-backend/tz-memory.cpp
+ )
+ENDIF()
+
LINK_DIRECTORIES(${CKM_DB_TOOL_DEP_LIBRARY_DIRS})
ADD_EXECUTABLE( ${CKM_DB_TOOL} ${CKM_DB_TOOL_SOURCES} )
+IF(TZ_BACKEND_ENABLED)
+SET(CKM_DB_TOOL_LINK_EXTRA_DEPS
+ ${CKM_DB_TOOL_LINK_EXTRA_DEPS}
+ teec
+ km_serialization
+ )
+ENDIF()
+
TARGET_LINK_LIBRARIES(${CKM_DB_TOOL}
${CMAKE_THREAD_LIBS_INIT}
${CKM_DB_TOOL_DEP_LIBRARIES}
${TARGET_KEY_MANAGER_COMMON}
- teec km_serialization
+ ${CKM_DB_TOOL_LINK_EXTRA_DEPS}
-ldl
)