| blob | 31d56c122e35e87652158aa6b88b2c8169cbbc1c |
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
7 component("crypto") {
8 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
9 sources = [
10 "apple_keychain.h",
11 "apple_keychain_ios.mm",
12 "apple_keychain_mac.mm",
13 "capi_util.cc",
14 "capi_util.h",
15 "crypto_export.h",
16 "cssm_init.cc",
17 "cssm_init.h",
18 "curve25519.cc",
19 "curve25519-donna.c",
20 "curve25519.h",
21 "ec_private_key.h",
22 "ec_private_key_nss.cc",
23 "ec_private_key_openssl.cc",
24 "ec_signature_creator.cc",
25 "ec_signature_creator.h",
26 "ec_signature_creator_impl.h",
27 "ec_signature_creator_nss.cc",
28 "ec_signature_creator_openssl.cc",
29 "encryptor.cc",
30 "encryptor.h",
31 "encryptor_nss.cc",
32 "encryptor_openssl.cc",
33 "ghash.cc",
34 "ghash.h",
35 "hkdf.cc",
36 "hkdf.h",
37 "hmac.cc",
38 "hmac.h",
39 "hmac_nss.cc",
40 "hmac_openssl.cc",
41 "mac_security_services_lock.cc",
42 "mac_security_services_lock.h",
43 # TODO(brettw) these mocks should be moved to a test_support_crypto target
44 # if possible.
45 "mock_apple_keychain.cc",
46 "mock_apple_keychain.h",
47 "mock_apple_keychain_ios.cc",
48 "mock_apple_keychain_mac.cc",
49 "nss_util.cc",
50 "nss_util.h",
51 "nss_util_internal.h",
52 "openssl_util.cc",
53 "openssl_util.h",
54 "p224.cc",
55 "p224.h",
56 "p224_spake.cc",
57 "p224_spake.h",
58 "random.cc",
59 "random.h",
60 "rsa_private_key.cc",
61 "rsa_private_key.h",
62 "rsa_private_key_nss.cc",
63 "rsa_private_key_openssl.cc",
64 "scoped_capi_types.h",
65 "scoped_nss_types.h",
66 "secure_hash_default.cc",
67 "secure_hash.h",
68 "secure_hash_openssl.cc",
69 "secure_util.cc",
70 "secure_util.h",
71 "sha2.cc",
72 "sha2.h",
73 "signature_creator.h",
74 "signature_creator_nss.cc",
75 "signature_creator_openssl.cc",
76 "signature_verifier.h",
77 "signature_verifier_nss.cc",
78 "signature_verifier_openssl.cc",
79 "symmetric_key.h",
80 "symmetric_key_nss.cc",
81 "symmetric_key_openssl.cc",
82 "third_party/nss/chromium-blapi.h",
83 "third_party/nss/chromium-blapit.h",
84 "third_party/nss/chromium-nss.h",
85 "third_party/nss/chromium-sha256.h",
86 "third_party/nss/pk11akey.cc",
87 "third_party/nss/rsawrapr.c",
88 "third_party/nss/secsign.cc",
89 "third_party/nss/sha512.cc",
90 ]
92 deps = [
93 ":platform",
94 "//base",
95 "//base/third_party/dynamic_annotations",
96 ]
98 if (!is_mac && !is_ios) {
99 sources -= [
100 "apple_keychain.h",
101 "mock_apple_keychain.cc",
102 "mock_apple_keychain.h",
103 ]
104 }
106 if (!is_mac) {
107 sources -= [
108 "cssm_init.cc",
109 "cssm_init.h",
110 "mac_security_services_lock.cc",
111 "mac_security_services_lock.h",
112 ]
113 }
114 if (!is_win) {
115 sources -= [
116 "capi_util.cc",
117 "capi_util.h",
118 ]
119 }
121 if (use_openssl) {
122 # Remove NSS files when using OpenSSL
123 sources -= [
124 "ec_private_key_nss.cc",
125 "ec_signature_creator_nss.cc",
126 "encryptor_nss.cc",
127 "hmac_nss.cc",
128 "nss_util.cc",
129 "nss_util.h",
130 "rsa_private_key_nss.cc",
131 "secure_hash_default.cc",
132 "signature_creator_nss.cc",
133 "signature_verifier_nss.cc",
134 "symmetric_key_nss.cc",
135 "third_party/nss/chromium-blapi.h",
136 "third_party/nss/chromium-blapit.h",
137 "third_party/nss/chromium-nss.h",
138 "third_party/nss/pk11akey.cc",
139 "third_party/nss/rsawrapr.c",
140 "third_party/nss/secsign.cc",
141 ]
142 } else {
143 # Remove OpenSSL when using NSS.
144 sources -= [
145 "ec_private_key_openssl.cc",
146 "ec_signature_creator_openssl.cc",
147 "encryptor_openssl.cc",
148 "hmac_openssl.cc",
149 "openssl_util.cc",
150 "openssl_util.h",
151 "rsa_private_key_openssl.cc",
152 "secure_hash_openssl.cc",
153 "signature_creator_openssl.cc",
154 "signature_verifier_openssl.cc",
155 "symmetric_key_openssl.cc",
156 ]
157 }
159 defines = [ "CRYPTO_IMPLEMENTATION" ]
160 }
162 if (is_win) {
163 # A minimal crypto subset for hmac-related stuff that small standalone
164 # targets can use to reduce code size on Windows. This does not depend on
165 # OpenSSL/NSS but will use Windows APIs for that functionality.
166 source_set("crypto_minimal_win") {
167 sources = [
168 "crypto_export.h",
169 "hmac.cc",
170 "hmac.h",
171 "hmac_win.cc",
172 "scoped_capi_types.h",
173 "scoped_nss_types.h",
174 "secure_util.cc",
175 "secure_util.h",
176 "symmetric_key.h",
177 "symmetric_key_win.cc",
178 "third_party/nss/chromium-blapi.h",
179 "third_party/nss/chromium-sha256.h",
180 "third_party/nss/sha512.cc",
181 ]
183 deps = [
184 "//base",
185 "//base/third_party/dynamic_annotations",
186 ]
188 defines = [ "CRYPTO_IMPLEMENTATION" ]
189 }
190 }
192 test("crypto_unittests") {
193 sources = [
194 # Tests.
195 "curve25519_unittest.cc",
196 "ec_private_key_unittest.cc",
197 "ec_signature_creator_unittest.cc",
198 "encryptor_unittest.cc",
199 "ghash_unittest.cc",
200 "hkdf_unittest.cc",
201 "hmac_unittest.cc",
202 "nss_util_unittest.cc",
203 "p224_unittest.cc",
204 "p224_spake_unittest.cc",
205 "random_unittest.cc",
206 "rsa_private_key_unittest.cc",
207 "rsa_private_key_nss_unittest.cc",
208 "secure_hash_unittest.cc",
209 "sha2_unittest.cc",
210 "signature_creator_unittest.cc",
211 "signature_verifier_unittest.cc",
212 "symmetric_key_unittest.cc",
213 ]
215 if (use_openssl || !is_linux) {
216 sources -= [
217 "rsa_private_key_nss_unittest.cc",
218 ]
219 }
221 if (use_openssl) {
222 sources -= [ "nss_util_unittest.cc" ]
223 }
225 deps = [
226 ":crypto",
227 ":platform",
228 "//base",
229 "//base/test:run_all_unittests",
230 "//base/test:test_support",
231 "//testing/gmock",
232 "//testing/gtest",
233 ]
234 }
236 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
237 # according to the state of the crypto flags. A target just wanting to depend
238 # on the current SSL library should just depend on this.
239 group("platform") {
240 if (use_openssl) {
241 deps = [ "//third_party/openssl" ]
242 } else {
243 deps = [ "//net/third_party/nss/ssl:libssl" ]
244 if (is_linux) {
245 # On Linux, we use the system NSS (excepting SSL where we always use our
246 # own).
247 #
248 # We always need our SSL header search path to come before the system one
249 # so our versions are used. The libssl target will add the search path we
250 # want, but according to GN's ordering rules, direct_dependent_configs'
251 # search path will get applied before ones inherited from our
252 # dependencies. Therefore, we need to explicitly list our custom libssl's
253 # config here before the system one.
254 direct_dependent_configs = [
255 "//net/third_party/nss/ssl:ssl_config",
256 "//third_party/nss:system_nss_no_ssl_config",
257 ]
258 } else {
259 # Non-Linux platforms use the hermetic NSS from the tree.
260 deps += [
261 "//third_party/nss:nspr",
262 "//third_party/nss:nss",
263 ]
264 }
265 }
266 }