Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / crypto / BUILD.gn
blob27e786ce85aef51f83c4e0f71feeaf6150f4a130
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
6 import("//testing/test.gni")
8 component("crypto") {
9   output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
10   sources = [
11     "apple_keychain.h",
12     "apple_keychain_ios.mm",
13     "apple_keychain_mac.mm",
14     "capi_util.cc",
15     "capi_util.h",
16     "crypto_export.h",
17     "cssm_init.cc",
18     "cssm_init.h",
19     "curve25519-donna.c",
20     "curve25519.cc",
21     "curve25519.h",
22     "ec_private_key.h",
23     "ec_private_key_nss.cc",
24     "ec_private_key_openssl.cc",
25     "ec_signature_creator.cc",
26     "ec_signature_creator.h",
27     "ec_signature_creator_impl.h",
28     "ec_signature_creator_nss.cc",
29     "ec_signature_creator_openssl.cc",
30     "encryptor.cc",
31     "encryptor.h",
32     "encryptor_nss.cc",
33     "encryptor_openssl.cc",
34     "ghash.cc",
35     "ghash.h",
36     "hkdf.cc",
37     "hkdf.h",
38     "hmac.cc",
39     "hmac.h",
40     "hmac_nss.cc",
41     "hmac_openssl.cc",
42     "mac_security_services_lock.cc",
43     "mac_security_services_lock.h",
45     # TODO(brettw) these mocks should be moved to a test_support_crypto target
46     # if possible.
47     "mock_apple_keychain.cc",
48     "mock_apple_keychain.h",
49     "mock_apple_keychain_ios.cc",
50     "mock_apple_keychain_mac.cc",
51     "nss_util.cc",
52     "nss_util.h",
53     "nss_util_internal.h",
54     "openssl_bio_string.cc",
55     "openssl_bio_string.h",
56     "openssl_util.cc",
57     "openssl_util.h",
58     "p224.cc",
59     "p224.h",
60     "p224_spake.cc",
61     "p224_spake.h",
62     "random.cc",
63     "random.h",
64     "rsa_private_key.cc",
65     "rsa_private_key.h",
66     "rsa_private_key_nss.cc",
67     "rsa_private_key_openssl.cc",
68     "scoped_capi_types.h",
69     "scoped_nss_types.h",
70     "secure_hash.h",
71     "secure_hash_default.cc",
72     "secure_hash_openssl.cc",
73     "secure_util.cc",
74     "secure_util.h",
75     "sha2.cc",
76     "sha2.h",
77     "signature_creator.h",
78     "signature_creator_nss.cc",
79     "signature_creator_openssl.cc",
80     "signature_verifier.h",
81     "signature_verifier_nss.cc",
82     "signature_verifier_openssl.cc",
83     "symmetric_key.h",
84     "symmetric_key_nss.cc",
85     "symmetric_key_openssl.cc",
86     "third_party/nss/chromium-blapi.h",
87     "third_party/nss/chromium-blapit.h",
88     "third_party/nss/chromium-nss.h",
89     "third_party/nss/chromium-sha256.h",
90     "third_party/nss/pk11akey.cc",
91     "third_party/nss/rsawrapr.c",
92     "third_party/nss/secsign.cc",
93     "third_party/nss/sha512.cc",
94   ]
96   # TODO(jschuh): crbug.com/167187 fix size_t to int truncations.
97   configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
99   deps = [
100     ":platform",
101     "//base",
102     "//base/third_party/dynamic_annotations",
103   ]
105   if (!is_mac && !is_ios) {
106     sources -= [
107       "apple_keychain.h",
108       "mock_apple_keychain.cc",
109       "mock_apple_keychain.h",
110     ]
111   }
113   if (!is_mac) {
114     sources -= [
115       "cssm_init.cc",
116       "cssm_init.h",
117       "mac_security_services_lock.cc",
118       "mac_security_services_lock.h",
119     ]
120   }
121   if (!is_win) {
122     sources -= [
123       "capi_util.cc",
124       "capi_util.h",
125     ]
126   }
128   if (is_android) {
129     deps += [ "//third_party/android_tools:cpu_features" ]
130   }
132   if (use_openssl) {
133     # Remove NSS files when using OpenSSL
134     sources -= [
135       "ec_private_key_nss.cc",
136       "ec_signature_creator_nss.cc",
137       "encryptor_nss.cc",
138       "hmac_nss.cc",
139       "rsa_private_key_nss.cc",
140       "secure_hash_default.cc",
141       "signature_creator_nss.cc",
142       "signature_verifier_nss.cc",
143       "symmetric_key_nss.cc",
144       "third_party/nss/chromium-blapi.h",
145       "third_party/nss/chromium-blapit.h",
146       "third_party/nss/chromium-nss.h",
147       "third_party/nss/pk11akey.cc",
148       "third_party/nss/rsawrapr.c",
149       "third_party/nss/secsign.cc",
150     ]
151   } else {
152     # Remove OpenSSL when using NSS.
153     sources -= [
154       "ec_private_key_openssl.cc",
155       "ec_signature_creator_openssl.cc",
156       "encryptor_openssl.cc",
157       "hmac_openssl.cc",
158       "openssl_bio_string.cc",
159       "openssl_bio_string.h",
160       "openssl_util.cc",
161       "openssl_util.h",
162       "rsa_private_key_openssl.cc",
163       "secure_hash_openssl.cc",
164       "signature_creator_openssl.cc",
165       "signature_verifier_openssl.cc",
166       "symmetric_key_openssl.cc",
167     ]
168   }
170   # Remove nss_util when NSS is used for neither the internal crypto library
171   # nor the platform certificate library.
172   if (use_openssl && !use_nss_certs) {
173     sources -= [
174       "nss_util.cc",
175       "nss_util.h",
176       "nss_util_internal.h",
177     ]
178   }
180   defines = [ "CRYPTO_IMPLEMENTATION" ]
183 # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
184 # and make it work.
185 if (false && is_win) {
186   # A minimal crypto subset for hmac-related stuff that small standalone
187   # targets can use to reduce code size on Windows. This does not depend on
188   # OpenSSL/NSS but will use Windows APIs for that functionality.
189   source_set("crypto_minimal_win") {
190     sources = [
191       "crypto_export.h",
192       "hmac.cc",
193       "hmac.h",
194       "hmac_win.cc",
195       "scoped_capi_types.h",
196       "scoped_nss_types.h",
197       "secure_util.cc",
198       "secure_util.h",
199       "symmetric_key.h",
200       "symmetric_key_win.cc",
201       "third_party/nss/chromium-blapi.h",
202       "third_party/nss/chromium-sha256.h",
203       "third_party/nss/sha512.cc",
204     ]
206     deps = [
207       "//base",
208       "//base/third_party/dynamic_annotations",
209     ]
211     defines = [ "CRYPTO_IMPLEMENTATION" ]
212   }
215 test("crypto_unittests") {
216   sources = [
217     # Tests.
218     "curve25519_unittest.cc",
219     "ec_private_key_unittest.cc",
220     "ec_signature_creator_unittest.cc",
221     "encryptor_unittest.cc",
222     "ghash_unittest.cc",
223     "hkdf_unittest.cc",
224     "hmac_unittest.cc",
225     "nss_util_unittest.cc",
226     "openssl_bio_string_unittest.cc",
227     "p224_spake_unittest.cc",
228     "p224_unittest.cc",
229     "random_unittest.cc",
230     "rsa_private_key_nss_unittest.cc",
231     "rsa_private_key_unittest.cc",
232     "secure_hash_unittest.cc",
233     "sha2_unittest.cc",
234     "signature_creator_unittest.cc",
235     "signature_verifier_unittest.cc",
236     "symmetric_key_unittest.cc",
237   ]
239   # Remove nss_util when NSS is used for neither the internal crypto library
240   # nor the platform certificate library.
241   if (use_openssl && !use_nss_certs) {
242     sources -= [ "nss_util_unittest.cc" ]
243   }
245   if (use_openssl) {
246     sources -= [ "rsa_private_key_nss_unittest.cc" ]
247   } else {
248     sources -= [ "openssl_bio_string_unittest.cc" ]
249   }
251   configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
253   deps = [
254     ":crypto",
255     ":platform",
256     ":test_support",
257     "//base",
258     "//base/test:run_all_unittests",
259     "//base/test:test_support",
260     "//testing/gmock",
261     "//testing/gtest",
262   ]
265 source_set("test_support") {
266   sources = [
267     "scoped_test_nss_chromeos_user.cc",
268     "scoped_test_nss_chromeos_user.h",
269     "scoped_test_nss_db.cc",
270     "scoped_test_nss_db.h",
271     "scoped_test_system_nss_key_slot.cc",
272     "scoped_test_system_nss_key_slot.h",
273   ]
274   deps = [
275     ":crypto",
276     ":platform",
277     "//base",
278   ]
280   if (!use_nss_certs) {
281     sources -= [
282       "scoped_test_nss_db.cc",
283       "scoped_test_nss_db.h",
284     ]
285   }
287   if (!is_chromeos) {
288     sources -= [
289       "scoped_test_nss_chromeos_user.cc",
290       "scoped_test_nss_chromeos_user.h",
291       "scoped_test_system_nss_key_slot.cc",
292       "scoped_test_system_nss_key_slot.h",
293     ]
294   }
297 config("platform_config") {
298   if ((!use_openssl || use_nss_certs) && is_clang) {
299     # There is a broken header guard in /usr/include/nss/secmod.h:
300     # https://bugzilla.mozilla.org/show_bug.cgi?id=884072
301     cflags = [ "-Wno-header-guard" ]
302   }
305 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
306 # according to the state of the crypto flags. A target just wanting to depend
307 # on the current SSL library should just depend on this.
308 group("platform") {
309   if (use_openssl) {
310     deps = [
311       "//third_party/boringssl",
312     ]
313   } else {
314     deps = [
315       "//net/third_party/nss/ssl:libssl",
316     ]
317   }
319   # Link in NSS if it is used for either the internal crypto library
320   # (!use_openssl) or platform certificate library (use_nss_certs).
321   if (!use_openssl || use_nss_certs) {
322     if (is_linux) {
323       # On Linux, we use the system NSS (excepting SSL where we always use our
324       # own).
325       public_configs = [ ":platform_config" ]
326       if (!use_openssl) {
327         # If using a bundled copy of NSS's SSL library, ensure the bundled SSL
328         # header search path comes before the system one so our versions are
329         # used. The libssl target will add the search path we want, but
330         # according to GN's ordering rules, public_configs' search path will get
331         # applied before ones inherited from our dependencies.  Therefore, we
332         # need to explicitly list our custom libssl's config here before the
333         # system one.
334         public_configs += [ "//net/third_party/nss/ssl:ssl_config" ]
335       }
336       public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ]
337     } else {
338       # Non-Linux platforms use the hermetic NSS from the tree.
339       deps += [
340         "//third_party/nss:nspr",
341         "//third_party/nss:nss",
342       ]
343     }
344   }