1#####
2# Local unit test Makefile
3#
4# This makefile builds and runs the keymaster unit tests locally on the development
5# machine, not on an Android device.  Android.mk builds the same tests into the
6# "keymaster_tests" binary for execution on-device, but this Makefile runs them locally,
7# for a very fast edit/build/test development cycle.
8#
9# To build and run these tests, one pre-requisite must be manually installed: BoringSSL.
10# This Makefile expects to find BoringSSL in a directory adjacent to $ANDROID_BUILD_TOP.
11# To get and build it, first install the Ninja build tool (e.g. apt-get install
12# ninja-build), then do:
13#
14# cd $ANDROID_BUILD_TOP/..
15# git clone https://boringssl.googlesource.com/boringssl
16# cd boringssl
17# mdkir build
18# cd build
19# cmake -GNinja ..
20# ninja
21#
22# Then return to $ANDROID_BUILD_TOP/system/keymaster and run "make".
23#####
24
25BASE=../..
26SUBS=system/core \
27	hardware/libhardware \
28	external/gtest \
29	system/security/softkeymaster \
30	system/security/keystore
31GTEST=$(BASE)/external/googletest/googletest
32
33INCLUDES=$(foreach dir,$(SUBS),-I $(BASE)/$(dir)/include) \
34	-I $(GTEST)/include -isystem $(GTEST) -Iinclude -I$(BASE)/../boringssl/include
35
36ifdef FORCE_32_BIT
37ARCH_FLAGS = -m32
38endif
39
40ifdef USE_GCC
41CXXFLAGS +=-std=c++14 -fprofile-arcs -ftest-coverage
42CFLAGS += -fprofile-arcs -ftest-coverage
43else
44CC=$(BASE)/prebuilts/clang/host/linux-x86/clang-r370808/bin/clang
45CXX=$(BASE)/prebuilts/clang/host/linux-x86/clang-r370808/bin/clang++
46CXXFLAGS +=-std=c++14 -DKEYMASTER_CLANG_TEST_BUILD
47CFLAGS += -DKEYMASTER_CLANG_TEST_BUILD
48endif
49
50LDFLAGS += $(ARCH_FLAGS)
51CPPFLAGS = $(INCLUDES) -g -O0 -MD -MP $(ARCH_FLAGS) -DKEYMASTER_UNIT_TEST_BUILD -DHOST_BUILD
52CXXFLAGS += -Wall -Werror -Wno-unused -Winit-self -Wpointer-arith -Wunused-parameter \
53	-Werror=sign-compare -Werror=return-type -fno-permissive \
54	-Wno-deprecated-declarations -fno-exceptions -DKEYMASTER_NAME_TAGS $(ARCH_FLAGS)
55CFLAGS += $(ARCH_FLAGS) -DKEYMASTER_UNIT_TEST_BUILD -DHOST_BUILD
56
57# Uncomment to enable debug logging.
58# CXXFLAGS += -DDEBUG
59
60LDLIBS=-L$(BASE)/../boringssl/build/crypto -lcrypto -lpthread -lstdc++ -lgcov
61
62CPPSRCS=\
63	km_openssl/aes_key.cpp \
64	km_openssl/aes_operation.cpp \
65	km_openssl/triple_des_key.cpp \
66	km_openssl/triple_des_operation.cpp \
67	android_keymaster/android_keymaster.cpp \
68	android_keymaster/android_keymaster_messages.cpp \
69	tests/android_keymaster_messages_test.cpp \
70	tests/android_keymaster_test.cpp \
71	tests/android_keymaster_test_utils.cpp \
72	android_keymaster/android_keymaster_utils.cpp \
73	km_openssl/asymmetric_key.cpp \
74	km_openssl/asymmetric_key_factory.cpp \
75	km_openssl/attestation_record.cpp \
76	km_openssl/block_cipher_operation.cpp \
77	tests/attestation_record_test.cpp \
78	key_blob_utils/auth_encrypted_key_blob.cpp \
79	android_keymaster/authorization_set.cpp \
80	tests/authorization_set_test.cpp \
81	km_openssl/ec_key.cpp \
82	km_openssl/ec_key_factory.cpp \
83	legacy_support/ec_keymaster0_key.cpp \
84	legacy_support/ec_keymaster1_key.cpp \
85	legacy_support/ecdsa_keymaster1_operation.cpp \
86	km_openssl/ecdsa_operation.cpp \
87	km_openssl/ecies_kem.cpp \
88	tests/ecies_kem_test.cpp \
89	tests/gtest_main.cpp \
90	km_openssl/ckdf.cpp \
91	tests/hkdf_test.cpp \
92	km_openssl/hkdf.cpp \
93	tests/hkdf_test.cpp \
94	km_openssl/hmac.cpp \
95	km_openssl/hmac_key.cpp \
96	km_openssl/hmac_operation.cpp \
97	tests/hmac_test.cpp \
98	key_blob_utils/integrity_assured_key_blob.cpp \
99	km_openssl/iso18033kdf.cpp \
100	km_openssl/kdf.cpp \
101	tests/kdf1_test.cpp \
102	tests/kdf2_test.cpp \
103	tests/kdf_test.cpp \
104	tests/key_blob_test.cpp \
105	legacy_support/keymaster0_engine.cpp \
106	legacy_support/keymaster1_engine.cpp \
107	android_keymaster/keymaster_configuration.cpp \
108	tests/keymaster_configuration_test.cpp \
109	android_keymaster/keymaster_enforcement.cpp \
110	km_openssl/soft_keymaster_enforcement.cpp \
111	tests/keymaster_enforcement_test.cpp \
112	android_keymaster/keymaster_tags.cpp \
113	android_keymaster/logger.cpp \
114	km_openssl/nist_curve_key_exchange.cpp \
115	tests/nist_curve_key_exchange_test.cpp \
116	key_blob_utils/ocb_utils.cpp \
117	km_openssl/openssl_err.cpp \
118	km_openssl/openssl_utils.cpp \
119	android_keymaster/operation.cpp \
120	android_keymaster/operation_table.cpp \
121	km_openssl/rsa_key.cpp \
122	km_openssl/rsa_key_factory.cpp \
123	legacy_support/rsa_keymaster0_key.cpp \
124	legacy_support/rsa_keymaster1_key.cpp \
125	legacy_support/rsa_keymaster1_operation.cpp \
126	km_openssl/rsa_operation.cpp \
127	android_keymaster/serializable.cpp \
128	contexts/soft_keymaster_context.cpp \
129	contexts/soft_keymaster_device.cpp \
130	contexts/pure_soft_keymaster_context.cpp \
131	km_openssl/symmetric_key.cpp \
132	km_openssl/software_random_source.cpp \
133	contexts/soft_attestation_cert.cpp \
134	km_openssl/attestation_utils.cpp \
135	key_blob_utils/software_keyblobs.cpp \
136	km_openssl/wrapped_key.cpp
137
138CCSRCS=$(GTEST)/src/gtest-all.cc
139CSRCS=key_blob_utils/ocb.c
140
141OBJS=$(CPPSRCS:.cpp=.o) $(CCSRCS:.cc=.o) $(CSRCS:.c=.o)
142DEPS=$(CPPSRCS:.cpp=.d) $(CCSRCS:.cc=.d) $(CSRCS:.c=.d)
143
144BINARIES = \
145	tests/android_keymaster_messages_test \
146	tests/android_keymaster_test \
147	tests/attestation_record_test \
148	tests/authorization_set_test \
149	tests/ecies_kem_test \
150	tests/ckdf_test \
151	tests/hkdf_test \
152	tests/hmac_test \
153	tests/kdf1_test \
154	tests/kdf2_test \
155	tests/kdf_test \
156	tests/key_blob_test \
157	tests/keymaster_configuration_test \
158	tests/keymaster_enforcement_test \
159	tests/nist_curve_key_exchange_test
160
161.PHONY: coverage memcheck massif clean run
162
163%.run: %
164	./$<
165	touch $@
166
167run: $(BINARIES:=.run)
168
169coverage: coverage.info
170	genhtml coverage.info --output-directory coverage
171
172coverage.info: run
173	lcov --capture --directory=. --output-file coverage.info
174
175%.coverage : %
176	$(MAKE) clean && $(MAKE) $<
177	./$<
178	lcov --capture --directory=. --output-file coverage.info
179	genhtml coverage.info --output-directory coverage
180
181#UNINIT_OPTS=--track-origins=yes
182UNINIT_OPTS=--undef-value-errors=no
183
184MEMCHECK_OPTS=--leak-check=full \
185	--show-reachable=yes \
186	--vgdb=full \
187	$(UNINIT_OPTS) \
188	--error-exitcode=1 \
189	--suppressions=valgrind.supp \
190	--gen-suppressions=all
191
192MASSIF_OPTS=--tool=massif \
193	--stacks=yes
194
195%.memcheck : %
196	valgrind $(MEMCHECK_OPTS) ./$< && \
197	touch $@
198
199%.massif : %
200	valgrind $(MASSIF_OPTS) --massif-out-file=$@ ./$<
201
202memcheck: $(BINARIES:=.memcheck)
203
204massif: $(BINARIES:=.massif)
205
206GTEST_OBJS = $(GTEST)/src/gtest-all.o tests/gtest_main.o
207
208tests/keymaster_configuration_test: tests/keymaster_configuration_test.o \
209	android_keymaster/authorization_set.o \
210	android_keymaster/serializable.o \
211	android_keymaster/logger.o \
212	android_keymaster/keymaster_configuration.o \
213	$(GTEST_OBJS)
214
215tests/hmac_test: tests/hmac_test.o \
216	tests/android_keymaster_test_utils.o \
217	android_keymaster/android_keymaster_utils.o \
218	android_keymaster/authorization_set.o \
219	km_openssl/hmac.o \
220	android_keymaster/keymaster_tags.o \
221	android_keymaster/logger.o \
222	android_keymaster/serializable.o \
223	$(GTEST_OBJS)
224
225tests/ckdf_test: tests/ckdf_test.o \
226	tests/android_keymaster_test_utils.o \
227	android_keymaster/android_keymaster_utils.o \
228	android_keymaster/authorization_set.o \
229	android_keymaster/keymaster_tags.o \
230	android_keymaster/logger.o \
231	android_keymaster/serializable.o \
232	km_openssl/ckdf.o \
233	km_openssl/openssl_err.o \
234	$(GTEST_OBJS)
235
236tests/hkdf_test: tests/hkdf_test.o \
237	tests/android_keymaster_test_utils.o \
238	android_keymaster/android_keymaster_utils.o \
239	android_keymaster/authorization_set.o \
240	km_openssl/hkdf.o \
241	km_openssl/hmac.o \
242	km_openssl/kdf.o \
243	android_keymaster/keymaster_tags.o \
244	android_keymaster/logger.o \
245	android_keymaster/serializable.o \
246	$(GTEST_OBJS)
247
248tests/kdf_test: tests/kdf_test.o \
249	android_keymaster/android_keymaster_utils.o \
250	km_openssl/kdf.o \
251	android_keymaster/logger.o \
252	android_keymaster/serializable.o \
253	$(GTEST_OBJS)
254
255tests/kdf1_test: tests/kdf1_test.o \
256	tests/android_keymaster_test_utils.o \
257	android_keymaster/android_keymaster_utils.o \
258	android_keymaster/authorization_set.o \
259	km_openssl/iso18033kdf.o \
260	km_openssl/kdf.o \
261	android_keymaster/keymaster_tags.o \
262	android_keymaster/logger.o \
263	android_keymaster/serializable.o \
264	$(GTEST_OBJS)
265
266tests/kdf2_test: tests/kdf2_test.o \
267	tests/android_keymaster_test_utils.o \
268	android_keymaster/android_keymaster_utils.o \
269	android_keymaster/authorization_set.o \
270	km_openssl/iso18033kdf.o \
271	km_openssl/kdf.o \
272	android_keymaster/keymaster_tags.o \
273	android_keymaster/logger.o \
274	android_keymaster/serializable.o \
275	$(GTEST_OBJS)
276
277tests/nist_curve_key_exchange_test: tests/nist_curve_key_exchange_test.o \
278	tests/android_keymaster_test_utils.o \
279	android_keymaster/authorization_set.o \
280	android_keymaster/keymaster_tags.o \
281	android_keymaster/logger.o \
282	km_openssl/nist_curve_key_exchange.o \
283	km_openssl/openssl_err.o \
284	km_openssl/openssl_utils.o \
285	android_keymaster/serializable.o \
286	$(GTEST_OBJS)
287
288tests/ecies_kem_test: tests/ecies_kem_test.o \
289	android_keymaster/android_keymaster_utils.o \
290	tests/android_keymaster_test_utils.o \
291	android_keymaster/authorization_set.o \
292	km_openssl/ecies_kem.o \
293	km_openssl/hkdf.o \
294	km_openssl/hmac.o \
295	km_openssl/kdf.o \
296	android_keymaster/keymaster_tags.o \
297	android_keymaster/logger.o \
298	km_openssl/nist_curve_key_exchange.o \
299	km_openssl/openssl_err.o \
300	km_openssl/openssl_utils.o \
301	android_keymaster/serializable.o \
302	$(GTEST_OBJS)
303
304tests/authorization_set_test: tests/authorization_set_test.o \
305	tests/android_keymaster_test_utils.o \
306	android_keymaster/authorization_set.o \
307	android_keymaster/keymaster_tags.o \
308	android_keymaster/logger.o \
309	android_keymaster/serializable.o \
310	$(GTEST_OBJS)
311
312tests/key_blob_test: tests/key_blob_test.o \
313	tests/android_keymaster_test_utils.o \
314	android_keymaster/android_keymaster_utils.o \
315	key_blob_utils/auth_encrypted_key_blob.o \
316	android_keymaster/authorization_set.o \
317	key_blob_utils/integrity_assured_key_blob.o \
318	android_keymaster/keymaster_tags.o \
319	android_keymaster/logger.o \
320	key_blob_utils/ocb.o \
321	key_blob_utils/ocb_utils.o \
322	km_openssl/openssl_err.o \
323	android_keymaster/serializable.o \
324	$(GTEST_OBJS)
325
326tests/android_keymaster_messages_test: tests/android_keymaster_messages_test.o \
327	android_keymaster/android_keymaster_messages.o \
328	tests/android_keymaster_test_utils.o \
329	android_keymaster/android_keymaster_utils.o \
330	android_keymaster/authorization_set.o \
331	android_keymaster/keymaster_tags.o \
332	android_keymaster/logger.o \
333	android_keymaster/serializable.o \
334	$(GTEST_OBJS)
335
336tests/android_keymaster_test: tests/android_keymaster_test.o \
337	android_keymaster/android_keymaster.o \
338	android_keymaster/android_keymaster_messages.o \
339	android_keymaster/android_keymaster_utils.o \
340	android_keymaster/authorization_set.o \
341	android_keymaster/keymaster_enforcement.o \
342	android_keymaster/keymaster_tags.o \
343	android_keymaster/logger.o \
344	android_keymaster/operation.o \
345	android_keymaster/operation_table.o \
346	android_keymaster/serializable.o \
347	contexts/pure_soft_keymaster_context.o \
348	contexts/soft_attestation_cert.o \
349	contexts/soft_keymaster_context.o \
350	contexts/soft_keymaster_device.o \
351	key_blob_utils/auth_encrypted_key_blob.o \
352	key_blob_utils/integrity_assured_key_blob.o \
353	key_blob_utils/ocb.o \
354	key_blob_utils/ocb_utils.o \
355	key_blob_utils/software_keyblobs.o \
356	km_openssl/aes_key.o \
357	km_openssl/aes_key.o \
358	km_openssl/aes_operation.o \
359	km_openssl/aes_operation.o \
360	km_openssl/asymmetric_key.o \
361	km_openssl/asymmetric_key_factory.o \
362	km_openssl/attestation_record.o \
363	km_openssl/attestation_utils.o \
364	km_openssl/block_cipher_operation.o \
365	km_openssl/ckdf.o \
366	km_openssl/ec_key.o \
367	km_openssl/ec_key_factory.o \
368	km_openssl/ecdsa_operation.o \
369	km_openssl/hmac_key.o \
370	km_openssl/hmac_operation.o \
371	km_openssl/openssl_err.o \
372	km_openssl/openssl_utils.o \
373	km_openssl/rsa_key.o \
374	km_openssl/rsa_key_factory.o \
375	km_openssl/rsa_operation.o \
376	km_openssl/soft_keymaster_enforcement.o \
377	km_openssl/software_random_source.o \
378	km_openssl/symmetric_key.o \
379	km_openssl/triple_des_key.o \
380	km_openssl/triple_des_operation.o \
381	km_openssl/wrapped_key.o \
382	legacy_support/ec_keymaster0_key.o \
383	legacy_support/ec_keymaster1_key.o \
384	legacy_support/ecdsa_keymaster1_operation.o \
385	legacy_support/keymaster0_engine.o \
386	legacy_support/keymaster1_engine.o \
387	legacy_support/rsa_keymaster0_key.o \
388	legacy_support/rsa_keymaster1_key.o \
389	legacy_support/rsa_keymaster1_operation.o \
390	tests/android_keymaster_test_utils.o \
391	$(BASE)/system/security/keystore/keyblob_utils.o \
392	$(GTEST_OBJS)
393
394tests/keymaster_enforcement_test: tests/keymaster_enforcement_test.o \
395	android_keymaster/android_keymaster_messages.o \
396	tests/android_keymaster_test_utils.o \
397	android_keymaster/android_keymaster_utils.o \
398	android_keymaster/authorization_set.o \
399	android_keymaster/keymaster_enforcement.o \
400	km_openssl/ckdf.o \
401	km_openssl/openssl_err.o \
402	km_openssl/soft_keymaster_enforcement.o \
403	android_keymaster/keymaster_tags.o \
404	android_keymaster/logger.o \
405	android_keymaster/serializable.o \
406	$(GTEST_OBJS)
407
408tests/attestation_record_test: tests/attestation_record_test.o \
409	tests/android_keymaster_test_utils.o \
410	android_keymaster/android_keymaster_utils.o \
411	km_openssl/attestation_record.o \
412	android_keymaster/authorization_set.o \
413	android_keymaster/keymaster_tags.o \
414	android_keymaster/logger.o \
415	km_openssl/openssl_err.o \
416	android_keymaster/serializable.o \
417	$(GTEST_OBJS)
418
419tests/wrapped_key_test: tests/wrapped_key_test.o \
420	tests/android_keymaster_test_utils.o \
421	android_keymaster/android_keymaster_utils.o \
422	km_openssl/attestation_record.o \
423	android_keymaster/authorization_set.o \
424	android_keymaster/keymaster_tags.o \
425	android_keymaster/logger.o \
426	km_openssl/openssl_err.o \
427	android_keymaster/serializable.o \
428	km_openssl/wrapped_key.o \
429	$(GTEST_OBJS)
430
431$(GTEST)/src/gtest-all.o: CXXFLAGS:=$(subst -Wmissing-declarations,,$(CXXFLAGS))
432
433clean:
434	rm -f $(OBJS) $(DEPS) $(BINARIES) \
435		$(BINARIES:=.run) $(BINARIES:=.memcheck) $(BINARIES:=.massif) \
436		*gcov *gcno *gcda coverage.info
437	rm -rf coverage
438
439-include $(CPPSRCS:.cpp=.d)
440-include $(CCSRCS:.cc=.d)
441