| blob | d3d318de50ffcb82b1c8c61ffeea2aaa6a12f866 |
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
7 component("crypto") {
8 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
9 sources = [
10 "apple_keychain.h",
11 "apple_keychain_ios.mm",
12 "apple_keychain_mac.mm",
13 "capi_util.cc",
14 "capi_util.h",
15 "crypto_export.h",
16 "cssm_init.cc",
17 "cssm_init.h",
18 "curve25519.cc",
19 "curve25519-donna.c",
20 "curve25519.h",
21 "ec_private_key.h",
22 "ec_private_key_nss.cc",
23 "ec_private_key_openssl.cc",
24 "ec_signature_creator.cc",
25 "ec_signature_creator.h",
26 "ec_signature_creator_impl.h",
27 "ec_signature_creator_nss.cc",
28 "ec_signature_creator_openssl.cc",
29 "encryptor.cc",
30 "encryptor.h",
31 "encryptor_nss.cc",
32 "encryptor_openssl.cc",
33 "ghash.cc",
34 "ghash.h",
35 "hkdf.cc",
36 "hkdf.h",
37 "hmac.cc",
38 "hmac.h",
39 "hmac_nss.cc",
40 "hmac_openssl.cc",
41 "mac_security_services_lock.cc",
42 "mac_security_services_lock.h",
43 # TODO(brettw) these mocks should be moved to a test_support_crypto target
44 # if possible.
45 "mock_apple_keychain.cc",
46 "mock_apple_keychain.h",
47 "mock_apple_keychain_ios.cc",
48 "mock_apple_keychain_mac.cc",
49 "nss_util.cc",
50 "nss_util.h",
51 "nss_util_internal.h",
52 "openssl_bio_string.cc",
53 "openssl_bio_string.h",
54 "openssl_util.cc",
55 "openssl_util.h",
56 "p224.cc",
57 "p224.h",
58 "p224_spake.cc",
59 "p224_spake.h",
60 "random.cc",
61 "random.h",
62 "rsa_private_key.cc",
63 "rsa_private_key.h",
64 "rsa_private_key_nss.cc",
65 "rsa_private_key_openssl.cc",
66 "scoped_capi_types.h",
67 "scoped_nss_types.h",
68 "secure_hash_default.cc",
69 "secure_hash.h",
70 "secure_hash_openssl.cc",
71 "secure_util.cc",
72 "secure_util.h",
73 "sha2.cc",
74 "sha2.h",
75 "signature_creator.h",
76 "signature_creator_nss.cc",
77 "signature_creator_openssl.cc",
78 "signature_verifier.h",
79 "signature_verifier_nss.cc",
80 "signature_verifier_openssl.cc",
81 "symmetric_key.h",
82 "symmetric_key_nss.cc",
83 "symmetric_key_openssl.cc",
84 "third_party/nss/chromium-blapi.h",
85 "third_party/nss/chromium-blapit.h",
86 "third_party/nss/chromium-nss.h",
87 "third_party/nss/chromium-sha256.h",
88 "third_party/nss/pk11akey.cc",
89 "third_party/nss/rsawrapr.c",
90 "third_party/nss/secsign.cc",
91 "third_party/nss/sha512.cc",
92 ]
94 deps = [
95 ":platform",
96 "//base",
97 "//base/third_party/dynamic_annotations",
98 ]
100 if (!is_mac && !is_ios) {
101 sources -= [
102 "apple_keychain.h",
103 "mock_apple_keychain.cc",
104 "mock_apple_keychain.h",
105 ]
106 }
108 if (!is_mac) {
109 sources -= [
110 "cssm_init.cc",
111 "cssm_init.h",
112 "mac_security_services_lock.cc",
113 "mac_security_services_lock.h",
114 ]
115 }
116 if (!is_win) {
117 sources -= [
118 "capi_util.cc",
119 "capi_util.h",
120 ]
121 }
123 if (is_android) {
124 deps += [ "//third_party/android_tools:cpu_features" ]
125 }
127 if (use_openssl) {
128 # Remove NSS files when using OpenSSL
129 sources -= [
130 "ec_private_key_nss.cc",
131 "ec_signature_creator_nss.cc",
132 "encryptor_nss.cc",
133 "hmac_nss.cc",
134 "nss_util.cc",
135 "nss_util.h",
136 "nss_util_internal.h",
137 "rsa_private_key_nss.cc",
138 "secure_hash_default.cc",
139 "signature_creator_nss.cc",
140 "signature_verifier_nss.cc",
141 "symmetric_key_nss.cc",
142 "third_party/nss/chromium-blapi.h",
143 "third_party/nss/chromium-blapit.h",
144 "third_party/nss/chromium-nss.h",
145 "third_party/nss/pk11akey.cc",
146 "third_party/nss/rsawrapr.c",
147 "third_party/nss/secsign.cc",
148 ]
149 } else {
150 # Remove OpenSSL when using NSS.
151 sources -= [
152 "ec_private_key_openssl.cc",
153 "ec_signature_creator_openssl.cc",
154 "encryptor_openssl.cc",
155 "hmac_openssl.cc",
156 "openssl_bio_string.cc",
157 "openssl_bio_string.h",
158 "openssl_util.cc",
159 "openssl_util.h",
160 "rsa_private_key_openssl.cc",
161 "secure_hash_openssl.cc",
162 "signature_creator_openssl.cc",
163 "signature_verifier_openssl.cc",
164 "symmetric_key_openssl.cc",
165 ]
166 }
168 defines = [ "CRYPTO_IMPLEMENTATION" ]
169 }
171 if (is_win) {
172 # A minimal crypto subset for hmac-related stuff that small standalone
173 # targets can use to reduce code size on Windows. This does not depend on
174 # OpenSSL/NSS but will use Windows APIs for that functionality.
175 source_set("crypto_minimal_win") {
176 sources = [
177 "crypto_export.h",
178 "hmac.cc",
179 "hmac.h",
180 "hmac_win.cc",
181 "scoped_capi_types.h",
182 "scoped_nss_types.h",
183 "secure_util.cc",
184 "secure_util.h",
185 "symmetric_key.h",
186 "symmetric_key_win.cc",
187 "third_party/nss/chromium-blapi.h",
188 "third_party/nss/chromium-sha256.h",
189 "third_party/nss/sha512.cc",
190 ]
192 deps = [
193 "//base",
194 "//base/third_party/dynamic_annotations",
195 ]
197 defines = [ "CRYPTO_IMPLEMENTATION" ]
198 }
199 }
201 test("crypto_unittests") {
202 sources = [
203 # Tests.
204 "curve25519_unittest.cc",
205 "ec_private_key_unittest.cc",
206 "ec_signature_creator_unittest.cc",
207 "encryptor_unittest.cc",
208 "ghash_unittest.cc",
209 "hkdf_unittest.cc",
210 "hmac_unittest.cc",
211 "nss_util_unittest.cc",
212 "openssl_bio_string_unittest.cc",
213 "p224_unittest.cc",
214 "p224_spake_unittest.cc",
215 "random_unittest.cc",
216 "rsa_private_key_unittest.cc",
217 "rsa_private_key_nss_unittest.cc",
218 "secure_hash_unittest.cc",
219 "sha2_unittest.cc",
220 "signature_creator_unittest.cc",
221 "signature_verifier_unittest.cc",
222 "symmetric_key_unittest.cc",
223 ]
225 if (use_openssl || !is_linux) {
226 sources -= [
227 "rsa_private_key_nss_unittest.cc",
228 ]
229 }
231 if (use_openssl) {
232 sources -= [ "nss_util_unittest.cc" ]
233 } else {
234 sources -= [ "openssl_bio_string_unittest.cc" ]
235 }
237 deps = [
238 ":crypto",
239 ":platform",
240 ":test_support",
241 "//base",
242 "//base/test:run_all_unittests",
243 "//base/test:test_support",
244 "//testing/gmock",
245 "//testing/gtest",
246 ]
247 }
249 source_set("test_support") {
250 sources = [
251 "scoped_test_nss_db.cc",
252 "scoped_test_nss_db.h",
253 "scoped_test_nss_chromeos_user.cc",
254 "scoped_test_nss_chromeos_user.h",
255 "scoped_test_system_nss_key_slot.cc",
256 "scoped_test_system_nss_key_slot.h",
257 ]
258 deps = [
259 ":crypto",
260 ":platform",
261 "//base",
262 ]
264 if (!use_nss_certs) {
265 sources -= [
266 "scoped_test_nss_db.cc",
267 "scoped_test_nss_db.h",
268 ]
269 }
271 if (!is_chromeos) {
272 sources -= [
273 "scoped_test_nss_chromeos_user.cc",
274 "scoped_test_nss_chromeos_user.h",
275 "scoped_test_system_nss_key_slot.cc",
276 "scoped_test_system_nss_key_slot.h",
277 ]
278 }
279 }
281 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
282 # according to the state of the crypto flags. A target just wanting to depend
283 # on the current SSL library should just depend on this.
284 group("platform") {
285 if (use_openssl) {
286 deps = [ "//third_party/boringssl" ]
287 } else {
288 deps = [ "//net/third_party/nss/ssl:libssl" ]
289 if (is_linux) {
290 # On Linux, we use the system NSS (excepting SSL where we always use our
291 # own).
292 #
293 # We always need our SSL header search path to come before the system one
294 # so our versions are used. The libssl target will add the search path we
295 # want, but according to GN's ordering rules, public_configs' search path
296 # will get applied before ones inherited from our dependencies.
297 # Therefore, we need to explicitly list our custom libssl's config here
298 # before the system one.
299 public_configs = [
300 "//net/third_party/nss/ssl:ssl_config",
301 "//third_party/nss:system_nss_no_ssl_config",
302 ]
303 } else {
304 # Non-Linux platforms use the hermetic NSS from the tree.
305 deps += [
306 "//third_party/nss:nspr",
307 "//third_party/nss:nss",
308 ]
309 }
310 }
311 }