Don't elide what likely is Andriod system stacks.
[chromium-blink-merge.git] / crypto / BUILD.gn
blob6f2adf517a9c5c87441f667dcf3ed37935e13d95
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
6 import("//testing/test.gni")
8 if (is_nacl) {
9   component("crypto") {
10     output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
11     sources = [
12       "random.cc",
13       "random.h",
14     ]
15     deps = [
16       "//base",
17     ]
18   }
19 } else {
20   component("crypto") {
21     output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
22     sources = [
23       "aead_openssl.cc",
24       "aead_openssl.h",
25       "aes_128_gcm_helpers_nss.cc",
26       "aes_128_gcm_helpers_nss.h",
27       "apple_keychain.h",
28       "apple_keychain_ios.mm",
29       "apple_keychain_mac.mm",
30       "capi_util.cc",
31       "capi_util.h",
32       "crypto_export.h",
33       "cssm_init.cc",
34       "cssm_init.h",
35       "curve25519-donna.c",
36       "curve25519.cc",
37       "curve25519.h",
38       "ec_private_key.h",
39       "ec_private_key_nss.cc",
40       "ec_private_key_openssl.cc",
41       "ec_signature_creator.cc",
42       "ec_signature_creator.h",
43       "ec_signature_creator_impl.h",
44       "ec_signature_creator_nss.cc",
45       "ec_signature_creator_openssl.cc",
46       "encryptor.cc",
47       "encryptor.h",
48       "encryptor_nss.cc",
49       "encryptor_openssl.cc",
50       "ghash.cc",
51       "ghash.h",
52       "hkdf.cc",
53       "hkdf.h",
54       "hmac.cc",
55       "hmac.h",
56       "hmac_nss.cc",
57       "hmac_openssl.cc",
58       "mac_security_services_lock.cc",
59       "mac_security_services_lock.h",
61       # TODO(brettw) these mocks should be moved to a test_support_crypto target
62       # if possible.
63       "mock_apple_keychain.cc",
64       "mock_apple_keychain.h",
65       "mock_apple_keychain_ios.cc",
66       "mock_apple_keychain_mac.cc",
67       "nss_key_util.cc",
68       "nss_key_util.h",
69       "nss_util.cc",
70       "nss_util.h",
71       "nss_util_internal.h",
72       "openssl_bio_string.cc",
73       "openssl_bio_string.h",
74       "openssl_util.cc",
75       "openssl_util.h",
76       "p224.cc",
77       "p224.h",
78       "p224_spake.cc",
79       "p224_spake.h",
80       "random.cc",
81       "random.h",
82       "rsa_private_key.cc",
83       "rsa_private_key.h",
84       "rsa_private_key_nss.cc",
85       "rsa_private_key_openssl.cc",
86       "scoped_capi_types.h",
87       "scoped_nss_types.h",
88       "secure_hash.h",
89       "secure_hash_default.cc",
90       "secure_hash_openssl.cc",
91       "secure_util.cc",
92       "secure_util.h",
93       "sha2.cc",
94       "sha2.h",
95       "signature_creator.h",
96       "signature_creator_nss.cc",
97       "signature_creator_openssl.cc",
98       "signature_verifier.h",
99       "signature_verifier_nss.cc",
100       "signature_verifier_openssl.cc",
101       "symmetric_key.h",
102       "symmetric_key_nss.cc",
103       "symmetric_key_openssl.cc",
104       "third_party/nss/chromium-blapi.h",
105       "third_party/nss/chromium-blapit.h",
106       "third_party/nss/chromium-nss.h",
107       "third_party/nss/chromium-sha256.h",
108       "third_party/nss/pk11akey.cc",
109       "third_party/nss/rsawrapr.c",
110       "third_party/nss/secsign.cc",
111       "third_party/nss/sha512.cc",
112     ]
114     # TODO(jschuh): crbug.com/167187 fix size_t to int truncations.
115     configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
117     deps = [
118       ":platform",
119       "//base",
120       "//base/third_party/dynamic_annotations",
121     ]
123     if (!is_mac && !is_ios) {
124       sources -= [
125         "apple_keychain.h",
126         "mock_apple_keychain.cc",
127         "mock_apple_keychain.h",
128       ]
129     }
131     if (!is_mac) {
132       sources -= [
133         "cssm_init.cc",
134         "cssm_init.h",
135         "mac_security_services_lock.cc",
136         "mac_security_services_lock.h",
137       ]
138     }
139     if (!is_win) {
140       sources -= [
141         "capi_util.cc",
142         "capi_util.h",
143       ]
144     }
146     if (is_android) {
147       deps += [ "//third_party/android_tools:cpu_features" ]
148     }
150     if (use_openssl) {
151       # Remove NSS files when using OpenSSL
152       sources -= [
153         "aes_128_gcm_helpers_nss.cc",
154         "aes_128_gcm_helpers_nss.h",
155         "ec_private_key_nss.cc",
156         "ec_signature_creator_nss.cc",
157         "encryptor_nss.cc",
158         "hmac_nss.cc",
159         "rsa_private_key_nss.cc",
160         "secure_hash_default.cc",
161         "signature_creator_nss.cc",
162         "signature_verifier_nss.cc",
163         "symmetric_key_nss.cc",
164         "third_party/nss/chromium-blapi.h",
165         "third_party/nss/chromium-blapit.h",
166         "third_party/nss/chromium-nss.h",
167         "third_party/nss/pk11akey.cc",
168         "third_party/nss/rsawrapr.c",
169         "third_party/nss/secsign.cc",
170       ]
171     } else {
172       # Remove OpenSSL when using NSS.
173       sources -= [
174         "aead_openssl.cc",
175         "aead_openssl.h",
176         "ec_private_key_openssl.cc",
177         "ec_signature_creator_openssl.cc",
178         "encryptor_openssl.cc",
179         "hmac_openssl.cc",
180         "openssl_bio_string.cc",
181         "openssl_bio_string.h",
182         "openssl_util.cc",
183         "openssl_util.h",
184         "rsa_private_key_openssl.cc",
185         "secure_hash_openssl.cc",
186         "signature_creator_openssl.cc",
187         "signature_verifier_openssl.cc",
188         "symmetric_key_openssl.cc",
189       ]
190     }
192     # Some files are built when NSS is used at all, either for the internal crypto
193     # library or the platform certificate library.
194     if (use_openssl && !use_nss_certs) {
195       sources -= [
196         "nss_key_util.cc",
197         "nss_key_util.h",
198         "nss_util.cc",
199         "nss_util.h",
200         "nss_util_internal.h",
201       ]
202     }
204     defines = [ "CRYPTO_IMPLEMENTATION" ]
205   }
208 # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
209 # and make it work.
210 if (false && is_win) {
211   # A minimal crypto subset for hmac-related stuff that small standalone
212   # targets can use to reduce code size on Windows. This does not depend on
213   # OpenSSL/NSS but will use Windows APIs for that functionality.
214   source_set("crypto_minimal_win") {
215     sources = [
216       "crypto_export.h",
217       "hmac.cc",
218       "hmac.h",
219       "hmac_win.cc",
220       "scoped_capi_types.h",
221       "scoped_nss_types.h",
222       "secure_util.cc",
223       "secure_util.h",
224       "symmetric_key.h",
225       "symmetric_key_win.cc",
226       "third_party/nss/chromium-blapi.h",
227       "third_party/nss/chromium-sha256.h",
228       "third_party/nss/sha512.cc",
229     ]
231     deps = [
232       "//base",
233       "//base/third_party/dynamic_annotations",
234     ]
236     defines = [ "CRYPTO_IMPLEMENTATION" ]
237   }
240 # TODO(GYP): Delete this after we've converted everything to GN.
241 # The _run targets exist only for compatibility w/ GYP.
242 group("crypto_unittests_run") {
243   testonly = true
244   deps = [
245     ":crypto_unittests",
246   ]
249 test("crypto_unittests") {
250   sources = [
251     # Tests.
252     "aes_128_gcm_helpers_nss_unittest.cc",
253     "curve25519_unittest.cc",
254     "ec_private_key_unittest.cc",
255     "ec_signature_creator_unittest.cc",
256     "encryptor_unittest.cc",
257     "ghash_unittest.cc",
258     "hkdf_unittest.cc",
259     "hmac_unittest.cc",
260     "nss_key_util_unittest.cc",
261     "nss_util_unittest.cc",
262     "openssl_bio_string_unittest.cc",
263     "p224_spake_unittest.cc",
264     "p224_unittest.cc",
265     "random_unittest.cc",
266     "rsa_private_key_unittest.cc",
267     "secure_hash_unittest.cc",
268     "sha2_unittest.cc",
269     "signature_creator_unittest.cc",
270     "signature_verifier_unittest.cc",
271     "symmetric_key_unittest.cc",
272   ]
274   # Some files are built when NSS is used at all, either for the internal crypto
275   # library or the platform certificate library.
276   if (use_openssl && !use_nss_certs) {
277     sources -= [
278       "nss_key_util_unittest.cc",
279       "nss_util_unittest.cc",
280     ]
281   }
283   if (use_openssl) {
284     sources -= [ "aes_128_gcm_helpers_nss_unittest.cc" ]
285   } else {
286     sources -= [ "openssl_bio_string_unittest.cc" ]
287   }
289   configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
291   deps = [
292     ":crypto",
293     ":platform",
294     ":test_support",
295     "//base",
296     "//base/test:run_all_unittests",
297     "//base/test:test_support",
298     "//testing/gmock",
299     "//testing/gtest",
300   ]
303 source_set("test_support") {
304   sources = [
305     "scoped_test_nss_chromeos_user.cc",
306     "scoped_test_nss_chromeos_user.h",
307     "scoped_test_nss_db.cc",
308     "scoped_test_nss_db.h",
309     "scoped_test_system_nss_key_slot.cc",
310     "scoped_test_system_nss_key_slot.h",
311   ]
312   deps = [
313     ":crypto",
314     ":platform",
315     "//base",
316   ]
318   if (!use_nss_certs) {
319     sources -= [
320       "scoped_test_nss_db.cc",
321       "scoped_test_nss_db.h",
322     ]
323   }
325   if (!is_chromeos) {
326     sources -= [
327       "scoped_test_nss_chromeos_user.cc",
328       "scoped_test_nss_chromeos_user.h",
329       "scoped_test_system_nss_key_slot.cc",
330       "scoped_test_system_nss_key_slot.h",
331     ]
332   }
335 config("platform_config") {
336   if ((!use_openssl || use_nss_certs) && is_clang) {
337     # There is a broken header guard in /usr/include/nss/secmod.h:
338     # https://bugzilla.mozilla.org/show_bug.cgi?id=884072
339     cflags = [ "-Wno-header-guard" ]
340   }
343 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
344 # according to the state of the crypto flags. A target just wanting to depend
345 # on the current SSL library should just depend on this.
346 group("platform") {
347   if (use_openssl) {
348     deps = [
349       "//third_party/boringssl",
350     ]
351   } else {
352     deps = [
353       "//net/third_party/nss/ssl:libssl",
354     ]
355   }
357   # Link in NSS if it is used for either the internal crypto library
358   # (!use_openssl) or platform certificate library (use_nss_certs).
359   if (!use_openssl || use_nss_certs) {
360     if (is_linux) {
361       # On Linux, we use the system NSS (excepting SSL where we always use our
362       # own).
363       public_configs = [ ":platform_config" ]
364       if (!use_openssl) {
365         # If using a bundled copy of NSS's SSL library, ensure the bundled SSL
366         # header search path comes before the system one so our versions are
367         # used. The libssl target will add the search path we want, but
368         # according to GN's ordering rules, public_configs' search path will get
369         # applied before ones inherited from our dependencies.  Therefore, we
370         # need to explicitly list our custom libssl's config here before the
371         # system one.
372         public_configs += [ "//net/third_party/nss/ssl:ssl_config" ]
373       }
374       public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ]
375     } else {
376       # Non-Linux platforms use the hermetic NSS from the tree.
377       public_deps = [
378         "//third_party/nss:nspr",
379         "//third_party/nss:nss",
380       ]
381     }
382   }