crypto/BUILD.gn

   1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 # Use of this source code is governed by a BSD-style license that can be
   3 # found in the LICENSE file.
   4
   5 import("//build/config/crypto.gni")
   6 import("//testing/test.gni")
   7
   8 component("crypto") {
   9   output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
  10   sources = [
  11     "apple_keychain.h",
  12     "apple_keychain_ios.mm",
  13     "apple_keychain_mac.mm",
  14     "capi_util.cc",
  15     "capi_util.h",
  16     "crypto_export.h",
  17     "cssm_init.cc",
  18     "cssm_init.h",
  19     "curve25519.cc",
  20     "curve25519-donna.c",
  21     "curve25519.h",
  22     "ec_private_key.h",
  23     "ec_private_key_nss.cc",
  24     "ec_private_key_openssl.cc",
  25     "ec_signature_creator.cc",
  26     "ec_signature_creator.h",
  27     "ec_signature_creator_impl.h",
  28     "ec_signature_creator_nss.cc",
  29     "ec_signature_creator_openssl.cc",
  30     "encryptor.cc",
  31     "encryptor.h",
  32     "encryptor_nss.cc",
  33     "encryptor_openssl.cc",
  34     "ghash.cc",
  35     "ghash.h",
  36     "hkdf.cc",
  37     "hkdf.h",
  38     "hmac.cc",
  39     "hmac.h",
  40     "hmac_nss.cc",
  41     "hmac_openssl.cc",
  42     "mac_security_services_lock.cc",
  43     "mac_security_services_lock.h",
  44
  45     # TODO(brettw) these mocks should be moved to a test_support_crypto target
  46     # if possible.
  47     "mock_apple_keychain.cc",
  48     "mock_apple_keychain.h",
  49     "mock_apple_keychain_ios.cc",
  50     "mock_apple_keychain_mac.cc",
  51     "nss_util.cc",
  52     "nss_util.h",
  53     "nss_util_internal.h",
  54     "openssl_bio_string.cc",
  55     "openssl_bio_string.h",
  56     "openssl_util.cc",
  57     "openssl_util.h",
  58     "p224.cc",
  59     "p224.h",
  60     "p224_spake.cc",
  61     "p224_spake.h",
  62     "random.cc",
  63     "random.h",
  64     "rsa_private_key.cc",
  65     "rsa_private_key.h",
  66     "rsa_private_key_nss.cc",
  67     "rsa_private_key_openssl.cc",
  68     "scoped_capi_types.h",
  69     "scoped_nss_types.h",
  70     "secure_hash_default.cc",
  71     "secure_hash.h",
  72     "secure_hash_openssl.cc",
  73     "secure_util.cc",
  74     "secure_util.h",
  75     "sha2.cc",
  76     "sha2.h",
  77     "signature_creator.h",
  78     "signature_creator_nss.cc",
  79     "signature_creator_openssl.cc",
  80     "signature_verifier.h",
  81     "signature_verifier_nss.cc",
  82     "signature_verifier_openssl.cc",
  83     "symmetric_key.h",
  84     "symmetric_key_nss.cc",
  85     "symmetric_key_openssl.cc",
  86     "third_party/nss/chromium-blapi.h",
  87     "third_party/nss/chromium-blapit.h",
  88     "third_party/nss/chromium-nss.h",
  89     "third_party/nss/chromium-sha256.h",
  90     "third_party/nss/pk11akey.cc",
  91     "third_party/nss/rsawrapr.c",
  92     "third_party/nss/secsign.cc",
  93     "third_party/nss/sha512.cc",
  94   ]
  95
  96   deps = [
  97     ":platform",
  98     "//base",
  99     "//base/third_party/dynamic_annotations",
 100   ]
 101
 102   if (!is_mac && !is_ios) {
 103     sources -= [
 104       "apple_keychain.h",
 105       "mock_apple_keychain.cc",
 106       "mock_apple_keychain.h",
 107     ]
 108   }
 109
 110   if (!is_mac) {
 111     sources -= [
 112       "cssm_init.cc",
 113       "cssm_init.h",
 114       "mac_security_services_lock.cc",
 115       "mac_security_services_lock.h",
 116     ]
 117   }
 118   if (!is_win) {
 119     sources -= [
 120       "capi_util.cc",
 121       "capi_util.h",
 122     ]
 123   }
 124
 125   if (is_android) {
 126     deps += [ "//third_party/android_tools:cpu_features" ]
 127   }
 128
 129   if (is_win) {
 130     # TODO(jschuh): crbug.com/167187 fix size_t to int truncations.
 131     cflags = [ "/wd4267" ]
 132   }
 133
 134   if (use_openssl) {
 135     # Remove NSS files when using OpenSSL
 136     sources -= [
 137       "ec_private_key_nss.cc",
 138       "ec_signature_creator_nss.cc",
 139       "encryptor_nss.cc",
 140       "hmac_nss.cc",
 141       "nss_util.cc",
 142       "nss_util.h",
 143       "nss_util_internal.h",
 144       "rsa_private_key_nss.cc",
 145       "secure_hash_default.cc",
 146       "signature_creator_nss.cc",
 147       "signature_verifier_nss.cc",
 148       "symmetric_key_nss.cc",
 149       "third_party/nss/chromium-blapi.h",
 150       "third_party/nss/chromium-blapit.h",
 151       "third_party/nss/chromium-nss.h",
 152       "third_party/nss/pk11akey.cc",
 153       "third_party/nss/rsawrapr.c",
 154       "third_party/nss/secsign.cc",
 155     ]
 156   } else {
 157     # Remove OpenSSL when using NSS.
 158     sources -= [
 159       "ec_private_key_openssl.cc",
 160       "ec_signature_creator_openssl.cc",
 161       "encryptor_openssl.cc",
 162       "hmac_openssl.cc",
 163       "openssl_bio_string.cc",
 164       "openssl_bio_string.h",
 165       "openssl_util.cc",
 166       "openssl_util.h",
 167       "rsa_private_key_openssl.cc",
 168       "secure_hash_openssl.cc",
 169       "signature_creator_openssl.cc",
 170       "signature_verifier_openssl.cc",
 171       "symmetric_key_openssl.cc",
 172     ]
 173   }
 174
 175   defines = [ "CRYPTO_IMPLEMENTATION" ]
 176 }
 177
 178 # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
 179 # and make it work.
 180 if (false && is_win) {
 181   # A minimal crypto subset for hmac-related stuff that small standalone
 182   # targets can use to reduce code size on Windows. This does not depend on
 183   # OpenSSL/NSS but will use Windows APIs for that functionality.
 184   source_set("crypto_minimal_win") {
 185     sources = [
 186       "crypto_export.h",
 187       "hmac.cc",
 188       "hmac.h",
 189       "hmac_win.cc",
 190       "scoped_capi_types.h",
 191       "scoped_nss_types.h",
 192       "secure_util.cc",
 193       "secure_util.h",
 194       "symmetric_key.h",
 195       "symmetric_key_win.cc",
 196       "third_party/nss/chromium-blapi.h",
 197       "third_party/nss/chromium-sha256.h",
 198       "third_party/nss/sha512.cc",
 199     ]
 200
 201     deps = [
 202       "//base",
 203       "//base/third_party/dynamic_annotations",
 204     ]
 205
 206     defines = [ "CRYPTO_IMPLEMENTATION" ]
 207   }
 208 }
 209
 210 # TODO(GYP): Make this link on win as well.
 211 if (!is_win) {
 212   test("crypto_unittests") {
 213     sources = [
 214       # Tests.
 215       "curve25519_unittest.cc",
 216       "ec_private_key_unittest.cc",
 217       "ec_signature_creator_unittest.cc",
 218       "encryptor_unittest.cc",
 219       "ghash_unittest.cc",
 220       "hkdf_unittest.cc",
 221       "hmac_unittest.cc",
 222       "nss_util_unittest.cc",
 223       "openssl_bio_string_unittest.cc",
 224       "p224_unittest.cc",
 225       "p224_spake_unittest.cc",
 226       "random_unittest.cc",
 227       "rsa_private_key_unittest.cc",
 228       "rsa_private_key_nss_unittest.cc",
 229       "secure_hash_unittest.cc",
 230       "sha2_unittest.cc",
 231       "signature_creator_unittest.cc",
 232       "signature_verifier_unittest.cc",
 233       "symmetric_key_unittest.cc",
 234     ]
 235
 236     if (use_openssl || !is_linux) {
 237       sources -= [ "rsa_private_key_nss_unittest.cc" ]
 238     }
 239
 240     if (use_openssl) {
 241       sources -= [ "nss_util_unittest.cc" ]
 242     } else {
 243       sources -= [ "openssl_bio_string_unittest.cc" ]
 244     }
 245
 246     deps = [
 247       ":crypto",
 248       ":platform",
 249       ":test_support",
 250       "//base",
 251       "//base/test:run_all_unittests",
 252       "//base/test:test_support",
 253       "//testing/gmock",
 254       "//testing/gtest",
 255     ]
 256   }
 257 }
 258
 259 source_set("test_support") {
 260   sources = [
 261     "scoped_test_nss_db.cc",
 262     "scoped_test_nss_db.h",
 263     "scoped_test_nss_chromeos_user.cc",
 264     "scoped_test_nss_chromeos_user.h",
 265     "scoped_test_system_nss_key_slot.cc",
 266     "scoped_test_system_nss_key_slot.h",
 267   ]
 268   deps = [
 269     ":crypto",
 270     ":platform",
 271     "//base",
 272   ]
 273
 274   if (!use_nss_certs) {
 275     sources -= [
 276       "scoped_test_nss_db.cc",
 277       "scoped_test_nss_db.h",
 278     ]
 279   }
 280
 281   if (!is_chromeos) {
 282     sources -= [
 283       "scoped_test_nss_chromeos_user.cc",
 284       "scoped_test_nss_chromeos_user.h",
 285       "scoped_test_system_nss_key_slot.cc",
 286       "scoped_test_system_nss_key_slot.h",
 287     ]
 288   }
 289 }
 290
 291 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
 292 # according to the state of the crypto flags. A target just wanting to depend
 293 # on the current SSL library should just depend on this.
 294 group("platform") {
 295   if (use_openssl) {
 296     deps = [
 297       "//third_party/boringssl",
 298     ]
 299   } else {
 300     deps = [
 301       "//net/third_party/nss/ssl:libssl",
 302     ]
 303     if (is_linux) {
 304       # On Linux, we use the system NSS (excepting SSL where we always use our
 305       # own).
 306       #
 307       # We always need our SSL header search path to come before the system one
 308       # so our versions are used. The libssl target will add the search path we
 309       # want, but according to GN's ordering rules, public_configs' search path
 310       # will get applied before ones inherited from our dependencies.
 311       # Therefore, we need to explicitly list our custom libssl's config here
 312       # before the system one.
 313       public_configs = [
 314         "//net/third_party/nss/ssl:ssl_config",
 315         "//third_party/nss:system_nss_no_ssl_config",
 316       ]
 317     } else {
 318       # Non-Linux platforms use the hermetic NSS from the tree.
 319       deps += [
 320         "//third_party/nss:nspr",
 321         "//third_party/nss:nss",
 322       ]
 323     }
 324   }
 325 }