| blob | 43e20a55fd180677ba09fe521ee96f531963f3e8 |
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
7 component("crypto") {
8 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
9 sources = [
10 "apple_keychain.h",
11 "apple_keychain_ios.mm",
12 "apple_keychain_mac.mm",
13 "capi_util.cc",
14 "capi_util.h",
15 "crypto_export.h",
16 "cssm_init.cc",
17 "cssm_init.h",
18 "curve25519.cc",
19 "curve25519-donna.c",
20 "curve25519.h",
21 "ec_private_key.h",
22 "ec_private_key_nss.cc",
23 "ec_private_key_openssl.cc",
24 "ec_signature_creator.cc",
25 "ec_signature_creator.h",
26 "ec_signature_creator_impl.h",
27 "ec_signature_creator_nss.cc",
28 "ec_signature_creator_openssl.cc",
29 "encryptor.cc",
30 "encryptor.h",
31 "encryptor_nss.cc",
32 "encryptor_openssl.cc",
33 "ghash.cc",
34 "ghash.h",
35 "hkdf.cc",
36 "hkdf.h",
37 "hmac.cc",
38 "hmac.h",
39 "hmac_nss.cc",
40 "hmac_openssl.cc",
41 "mac_security_services_lock.cc",
42 "mac_security_services_lock.h",
43 # TODO(brettw) these mocks should be moved to a test_support_crypto target
44 # if possible.
45 "mock_apple_keychain.cc",
46 "mock_apple_keychain.h",
47 "mock_apple_keychain_ios.cc",
48 "mock_apple_keychain_mac.cc",
49 "nss_util.cc",
50 "nss_util.h",
51 "nss_util_internal.h",
52 "openssl_util.cc",
53 "openssl_util.h",
54 "p224.cc",
55 "p224.h",
56 "p224_spake.cc",
57 "p224_spake.h",
58 "random.cc",
59 "random.h",
60 "rsa_private_key.cc",
61 "rsa_private_key.h",
62 "rsa_private_key_nss.cc",
63 "rsa_private_key_openssl.cc",
64 "scoped_capi_types.h",
65 "scoped_nss_types.h",
66 "secure_hash_default.cc",
67 "secure_hash.h",
68 "secure_hash_openssl.cc",
69 "secure_util.cc",
70 "secure_util.h",
71 "sha2.cc",
72 "sha2.h",
73 "signature_creator.h",
74 "signature_creator_nss.cc",
75 "signature_creator_openssl.cc",
76 "signature_verifier.h",
77 "signature_verifier_nss.cc",
78 "signature_verifier_openssl.cc",
79 "symmetric_key.h",
80 "symmetric_key_nss.cc",
81 "symmetric_key_openssl.cc",
82 "third_party/nss/chromium-blapi.h",
83 "third_party/nss/chromium-blapit.h",
84 "third_party/nss/chromium-nss.h",
85 "third_party/nss/chromium-sha256.h",
86 "third_party/nss/pk11akey.cc",
87 "third_party/nss/rsawrapr.c",
88 "third_party/nss/secsign.cc",
89 "third_party/nss/sha512.cc",
90 ]
92 deps = [
93 ":platform",
94 "//base",
95 "//base/third_party/dynamic_annotations",
96 ]
98 if (!is_mac && !is_ios) {
99 sources -= [
100 "apple_keychain.h",
101 "mock_apple_keychain.cc",
102 "mock_apple_keychain.h",
103 ]
104 }
106 if (!is_mac) {
107 sources -= [
108 "cssm_init.cc",
109 "cssm_init.h",
110 "mac_security_services_lock.cc",
111 "mac_security_services_lock.h",
112 ]
113 }
114 if (!is_win) {
115 sources -= [
116 "capi_util.cc",
117 "capi_util.h",
118 ]
119 }
121 if (is_android) {
122 deps += [ "//third_party/android_tools:cpu_features" ]
123 }
125 if (use_openssl) {
126 # Remove NSS files when using OpenSSL
127 sources -= [
128 "ec_private_key_nss.cc",
129 "ec_signature_creator_nss.cc",
130 "encryptor_nss.cc",
131 "hmac_nss.cc",
132 "nss_util.cc",
133 "nss_util.h",
134 "nss_util_internal.h",
135 "rsa_private_key_nss.cc",
136 "secure_hash_default.cc",
137 "signature_creator_nss.cc",
138 "signature_verifier_nss.cc",
139 "symmetric_key_nss.cc",
140 "third_party/nss/chromium-blapi.h",
141 "third_party/nss/chromium-blapit.h",
142 "third_party/nss/chromium-nss.h",
143 "third_party/nss/pk11akey.cc",
144 "third_party/nss/rsawrapr.c",
145 "third_party/nss/secsign.cc",
146 ]
147 } else {
148 # Remove OpenSSL when using NSS.
149 sources -= [
150 "ec_private_key_openssl.cc",
151 "ec_signature_creator_openssl.cc",
152 "encryptor_openssl.cc",
153 "hmac_openssl.cc",
154 "openssl_util.cc",
155 "openssl_util.h",
156 "rsa_private_key_openssl.cc",
157 "secure_hash_openssl.cc",
158 "signature_creator_openssl.cc",
159 "signature_verifier_openssl.cc",
160 "symmetric_key_openssl.cc",
161 ]
162 }
164 defines = [ "CRYPTO_IMPLEMENTATION" ]
165 }
167 if (is_win) {
168 # A minimal crypto subset for hmac-related stuff that small standalone
169 # targets can use to reduce code size on Windows. This does not depend on
170 # OpenSSL/NSS but will use Windows APIs for that functionality.
171 source_set("crypto_minimal_win") {
172 sources = [
173 "crypto_export.h",
174 "hmac.cc",
175 "hmac.h",
176 "hmac_win.cc",
177 "scoped_capi_types.h",
178 "scoped_nss_types.h",
179 "secure_util.cc",
180 "secure_util.h",
181 "symmetric_key.h",
182 "symmetric_key_win.cc",
183 "third_party/nss/chromium-blapi.h",
184 "third_party/nss/chromium-sha256.h",
185 "third_party/nss/sha512.cc",
186 ]
188 deps = [
189 "//base",
190 "//base/third_party/dynamic_annotations",
191 ]
193 defines = [ "CRYPTO_IMPLEMENTATION" ]
194 }
195 }
197 test("crypto_unittests") {
198 sources = [
199 # Tests.
200 "curve25519_unittest.cc",
201 "ec_private_key_unittest.cc",
202 "ec_signature_creator_unittest.cc",
203 "encryptor_unittest.cc",
204 "ghash_unittest.cc",
205 "hkdf_unittest.cc",
206 "hmac_unittest.cc",
207 "nss_util_unittest.cc",
208 "p224_unittest.cc",
209 "p224_spake_unittest.cc",
210 "random_unittest.cc",
211 "rsa_private_key_unittest.cc",
212 "rsa_private_key_nss_unittest.cc",
213 "secure_hash_unittest.cc",
214 "sha2_unittest.cc",
215 "signature_creator_unittest.cc",
216 "signature_verifier_unittest.cc",
217 "symmetric_key_unittest.cc",
218 ]
220 if (use_openssl || !is_linux) {
221 sources -= [
222 "rsa_private_key_nss_unittest.cc",
223 ]
224 }
226 if (use_openssl) {
227 sources -= [ "nss_util_unittest.cc" ]
228 }
230 deps = [
231 ":crypto",
232 ":platform",
233 ":test_support",
234 "//base",
235 "//base/test:run_all_unittests",
236 "//base/test:test_support",
237 "//testing/gmock",
238 "//testing/gtest",
239 ]
240 }
242 source_set("test_support") {
243 sources = [
244 "scoped_test_nss_db.cc",
245 "scoped_test_nss_db.h",
246 "scoped_test_nss_chromeos_user.cc",
247 "scoped_test_nss_chromeos_user.h",
248 "scoped_test_system_nss_key_slot.cc",
249 "scoped_test_system_nss_key_slot.h",
250 ]
251 deps = [
252 ":crypto",
253 ":platform",
254 "//base",
255 ]
257 if (!use_nss_certs) {
258 sources -= [
259 "scoped_test_nss_db.cc",
260 "scoped_test_nss_db.h",
261 ]
262 }
264 if (!is_chromeos) {
265 sources -= [
266 "scoped_test_nss_chromeos_user.cc",
267 "scoped_test_nss_chromeos_user.h",
268 "scoped_test_system_nss_key_slot.cc",
269 "scoped_test_system_nss_key_slot.h",
270 ]
271 }
272 }
274 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
275 # according to the state of the crypto flags. A target just wanting to depend
276 # on the current SSL library should just depend on this.
277 group("platform") {
278 if (use_openssl) {
279 deps = [ "//third_party/boringssl" ]
280 } else {
281 deps = [ "//net/third_party/nss/ssl:libssl" ]
282 if (is_linux) {
283 # On Linux, we use the system NSS (excepting SSL where we always use our
284 # own).
285 #
286 # We always need our SSL header search path to come before the system one
287 # so our versions are used. The libssl target will add the search path we
288 # want, but according to GN's ordering rules, public_configs' search path
289 # will get applied before ones inherited from our dependencies.
290 # Therefore, we need to explicitly list our custom libssl's config here
291 # before the system one.
292 public_configs = [
293 "//net/third_party/nss/ssl:ssl_config",
294 "//third_party/nss:system_nss_no_ssl_config",
295 ]
296 } else {
297 # Non-Linux platforms use the hermetic NSS from the tree.
298 deps += [
299 "//third_party/nss:nspr",
300 "//third_party/nss:nss",
301 ]
302 }
303 }
304 }