1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
6 import("//testing/test.gni")
10 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
21 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
25 "aes_128_gcm_helpers_nss.cc",
26 "aes_128_gcm_helpers_nss.h",
28 "apple_keychain_ios.mm",
29 "apple_keychain_mac.mm",
39 "ec_private_key_nss.cc",
40 "ec_private_key_openssl.cc",
41 "ec_signature_creator.cc",
42 "ec_signature_creator.h",
43 "ec_signature_creator_impl.h",
44 "ec_signature_creator_nss.cc",
45 "ec_signature_creator_openssl.cc",
49 "encryptor_openssl.cc",
58 "mac_security_services_lock.cc",
59 "mac_security_services_lock.h",
61 # TODO(brettw) these mocks should be moved to a test_support_crypto target
63 "mock_apple_keychain.cc",
64 "mock_apple_keychain.h",
65 "mock_apple_keychain_ios.cc",
66 "mock_apple_keychain_mac.cc",
71 "nss_util_internal.h",
72 "openssl_bio_string.cc",
73 "openssl_bio_string.h",
84 "rsa_private_key_nss.cc",
85 "rsa_private_key_openssl.cc",
86 "scoped_capi_types.h",
89 "secure_hash_default.cc",
90 "secure_hash_openssl.cc",
95 "signature_creator.h",
96 "signature_creator_nss.cc",
97 "signature_creator_openssl.cc",
98 "signature_verifier.h",
99 "signature_verifier_nss.cc",
100 "signature_verifier_openssl.cc",
102 "symmetric_key_nss.cc",
103 "symmetric_key_openssl.cc",
104 "third_party/nss/chromium-blapi.h",
105 "third_party/nss/chromium-blapit.h",
106 "third_party/nss/chromium-nss.h",
107 "third_party/nss/chromium-sha256.h",
108 "third_party/nss/pk11akey.cc",
109 "third_party/nss/rsawrapr.c",
110 "third_party/nss/secsign.cc",
111 "third_party/nss/sha512.cc",
114 # TODO(jschuh): crbug.com/167187 fix size_t to int truncations.
115 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
120 "//base/third_party/dynamic_annotations",
123 if (!is_mac && !is_ios) {
126 "mock_apple_keychain.cc",
127 "mock_apple_keychain.h",
135 "mac_security_services_lock.cc",
136 "mac_security_services_lock.h",
147 deps += [ "//third_party/android_tools:cpu_features" ]
151 # Remove NSS files when using OpenSSL
153 "aes_128_gcm_helpers_nss.cc",
154 "aes_128_gcm_helpers_nss.h",
155 "ec_private_key_nss.cc",
156 "ec_signature_creator_nss.cc",
159 "rsa_private_key_nss.cc",
160 "secure_hash_default.cc",
161 "signature_creator_nss.cc",
162 "signature_verifier_nss.cc",
163 "symmetric_key_nss.cc",
164 "third_party/nss/chromium-blapi.h",
165 "third_party/nss/chromium-blapit.h",
166 "third_party/nss/chromium-nss.h",
167 "third_party/nss/pk11akey.cc",
168 "third_party/nss/rsawrapr.c",
169 "third_party/nss/secsign.cc",
172 # Remove OpenSSL when using NSS.
176 "ec_private_key_openssl.cc",
177 "ec_signature_creator_openssl.cc",
178 "encryptor_openssl.cc",
180 "openssl_bio_string.cc",
181 "openssl_bio_string.h",
184 "rsa_private_key_openssl.cc",
185 "secure_hash_openssl.cc",
186 "signature_creator_openssl.cc",
187 "signature_verifier_openssl.cc",
188 "symmetric_key_openssl.cc",
192 # Some files are built when NSS is used at all, either for the internal crypto
193 # library or the platform certificate library.
194 if (use_openssl && !use_nss_certs) {
200 "nss_util_internal.h",
204 defines = [ "CRYPTO_IMPLEMENTATION" ]
208 # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
210 if (false && is_win) {
211 # A minimal crypto subset for hmac-related stuff that small standalone
212 # targets can use to reduce code size on Windows. This does not depend on
213 # OpenSSL/NSS but will use Windows APIs for that functionality.
214 source_set("crypto_minimal_win") {
220 "scoped_capi_types.h",
221 "scoped_nss_types.h",
225 "symmetric_key_win.cc",
226 "third_party/nss/chromium-blapi.h",
227 "third_party/nss/chromium-sha256.h",
228 "third_party/nss/sha512.cc",
233 "//base/third_party/dynamic_annotations",
236 defines = [ "CRYPTO_IMPLEMENTATION" ]
240 # TODO(GYP): Delete this after we've converted everything to GN.
241 # The _run targets exist only for compatibility w/ GYP.
242 group("crypto_unittests_run") {
249 test("crypto_unittests") {
252 "aes_128_gcm_helpers_nss_unittest.cc",
253 "curve25519_unittest.cc",
254 "ec_private_key_unittest.cc",
255 "ec_signature_creator_unittest.cc",
256 "encryptor_unittest.cc",
260 "nss_key_util_unittest.cc",
261 "nss_util_unittest.cc",
262 "openssl_bio_string_unittest.cc",
263 "p224_spake_unittest.cc",
265 "random_unittest.cc",
266 "rsa_private_key_unittest.cc",
267 "secure_hash_unittest.cc",
269 "signature_creator_unittest.cc",
270 "signature_verifier_unittest.cc",
271 "symmetric_key_unittest.cc",
274 # Some files are built when NSS is used at all, either for the internal crypto
275 # library or the platform certificate library.
276 if (use_openssl && !use_nss_certs) {
278 "nss_key_util_unittest.cc",
279 "nss_util_unittest.cc",
284 sources -= [ "aes_128_gcm_helpers_nss_unittest.cc" ]
286 sources -= [ "openssl_bio_string_unittest.cc" ]
289 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
296 "//base/test:run_all_unittests",
297 "//base/test:test_support",
303 source_set("test_support") {
305 "scoped_test_nss_chromeos_user.cc",
306 "scoped_test_nss_chromeos_user.h",
307 "scoped_test_nss_db.cc",
308 "scoped_test_nss_db.h",
309 "scoped_test_system_nss_key_slot.cc",
310 "scoped_test_system_nss_key_slot.h",
318 if (!use_nss_certs) {
320 "scoped_test_nss_db.cc",
321 "scoped_test_nss_db.h",
327 "scoped_test_nss_chromeos_user.cc",
328 "scoped_test_nss_chromeos_user.h",
329 "scoped_test_system_nss_key_slot.cc",
330 "scoped_test_system_nss_key_slot.h",
335 config("platform_config") {
336 if ((!use_openssl || use_nss_certs) && is_clang) {
337 # There is a broken header guard in /usr/include/nss/secmod.h:
338 # https://bugzilla.mozilla.org/show_bug.cgi?id=884072
339 cflags = [ "-Wno-header-guard" ]
343 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
344 # according to the state of the crypto flags. A target just wanting to depend
345 # on the current SSL library should just depend on this.
349 "//third_party/boringssl",
353 "//net/third_party/nss/ssl:libssl",
357 # Link in NSS if it is used for either the internal crypto library
358 # (!use_openssl) or platform certificate library (use_nss_certs).
359 if (!use_openssl || use_nss_certs) {
361 # On Linux, we use the system NSS (excepting SSL where we always use our
363 public_configs = [ ":platform_config" ]
365 # If using a bundled copy of NSS's SSL library, ensure the bundled SSL
366 # header search path comes before the system one so our versions are
367 # used. The libssl target will add the search path we want, but
368 # according to GN's ordering rules, public_configs' search path will get
369 # applied before ones inherited from our dependencies. Therefore, we
370 # need to explicitly list our custom libssl's config here before the
372 public_configs += [ "//net/third_party/nss/ssl:ssl_config" ]
374 public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ]
376 # Non-Linux platforms use the hermetic NSS from the tree.
378 "//third_party/nss:nspr",
379 "//third_party/nss:nss",