src/crypto/BUILD.gn

   1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 # Use of this source code is governed by a BSD-style license that can be
   3 # found in the LICENSE file.
   4
   5 import("//build/config/crypto.gni")
   6
   7 component("crypto") {
   8   output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
   9   sources = [
  10     "apple_keychain.h",
  11     "apple_keychain_ios.mm",
  12     "apple_keychain_mac.mm",
  13     "capi_util.cc",
  14     "capi_util.h",
  15     "crypto_export.h",
  16     "cssm_init.cc",
  17     "cssm_init.h",
  18     "curve25519.cc",
  19     "curve25519-donna.c",
  20     "curve25519.h",
  21     "ec_private_key.h",
  22     "ec_private_key_nss.cc",
  23     "ec_private_key_openssl.cc",
  24     "ec_signature_creator.cc",
  25     "ec_signature_creator.h",
  26     "ec_signature_creator_impl.h",
  27     "ec_signature_creator_nss.cc",
  28     "ec_signature_creator_openssl.cc",
  29     "encryptor.cc",
  30     "encryptor.h",
  31     "encryptor_nss.cc",
  32     "encryptor_openssl.cc",
  33     "ghash.cc",
  34     "ghash.h",
  35     "hkdf.cc",
  36     "hkdf.h",
  37     "hmac.cc",
  38     "hmac.h",
  39     "hmac_nss.cc",
  40     "hmac_openssl.cc",
  41     "mac_security_services_lock.cc",
  42     "mac_security_services_lock.h",
  43     # TODO(brettw) these mocks should be moved to a test_support_crypto target
  44     # if possible.
  45     "mock_apple_keychain.cc",
  46     "mock_apple_keychain.h",
  47     "mock_apple_keychain_ios.cc",
  48     "mock_apple_keychain_mac.cc",
  49     "nss_util.cc",
  50     "nss_util.h",
  51     "nss_util_internal.h",
  52     "openssl_util.cc",
  53     "openssl_util.h",
  54     "p224.cc",
  55     "p224.h",
  56     "p224_spake.cc",
  57     "p224_spake.h",
  58     "random.cc",
  59     "random.h",
  60     "rsa_private_key.cc",
  61     "rsa_private_key.h",
  62     "rsa_private_key_nss.cc",
  63     "rsa_private_key_openssl.cc",
  64     "scoped_capi_types.h",
  65     "scoped_nss_types.h",
  66     "secure_hash_default.cc",
  67     "secure_hash.h",
  68     "secure_hash_openssl.cc",
  69     "secure_util.cc",
  70     "secure_util.h",
  71     "sha2.cc",
  72     "sha2.h",
  73     "signature_creator.h",
  74     "signature_creator_nss.cc",
  75     "signature_creator_openssl.cc",
  76     "signature_verifier.h",
  77     "signature_verifier_nss.cc",
  78     "signature_verifier_openssl.cc",
  79     "symmetric_key.h",
  80     "symmetric_key_nss.cc",
  81     "symmetric_key_openssl.cc",
  82     "third_party/nss/chromium-blapi.h",
  83     "third_party/nss/chromium-blapit.h",
  84     "third_party/nss/chromium-nss.h",
  85     "third_party/nss/chromium-sha256.h",
  86     "third_party/nss/pk11akey.cc",
  87     "third_party/nss/rsawrapr.c",
  88     "third_party/nss/secsign.cc",
  89     "third_party/nss/sha512.cc",
  90   ]
  91
  92   deps = [
  93     ":platform",
  94     "//base",
  95     "//base/third_party/dynamic_annotations",
  96   ]
  97
  98   if (!is_mac && !is_ios) {
  99     sources -= [
 100       "apple_keychain.h",
 101       "mock_apple_keychain.cc",
 102       "mock_apple_keychain.h",
 103     ]
 104   }
 105
 106   if (!is_mac) {
 107     sources -= [
 108       "cssm_init.cc",
 109       "cssm_init.h",
 110       "mac_security_services_lock.cc",
 111       "mac_security_services_lock.h",
 112     ]
 113   }
 114   if (!is_win) {
 115     sources -= [
 116       "capi_util.cc",
 117       "capi_util.h",
 118     ]
 119   }
 120
 121   if (use_openssl) {
 122     # Remove NSS files when using OpenSSL
 123     sources -= [
 124       "ec_private_key_nss.cc",
 125       "ec_signature_creator_nss.cc",
 126       "encryptor_nss.cc",
 127       "hmac_nss.cc",
 128       "nss_util.cc",
 129       "nss_util.h",
 130       "rsa_private_key_nss.cc",
 131       "secure_hash_default.cc",
 132       "signature_creator_nss.cc",
 133       "signature_verifier_nss.cc",
 134       "symmetric_key_nss.cc",
 135       "third_party/nss/chromium-blapi.h",
 136       "third_party/nss/chromium-blapit.h",
 137       "third_party/nss/chromium-nss.h",
 138       "third_party/nss/pk11akey.cc",
 139       "third_party/nss/rsawrapr.c",
 140       "third_party/nss/secsign.cc",
 141     ]
 142   } else {
 143     # Remove OpenSSL when using NSS.
 144     sources -= [
 145       "ec_private_key_openssl.cc",
 146       "ec_signature_creator_openssl.cc",
 147       "encryptor_openssl.cc",
 148       "hmac_openssl.cc",
 149       "openssl_util.cc",
 150       "openssl_util.h",
 151       "rsa_private_key_openssl.cc",
 152       "secure_hash_openssl.cc",
 153       "signature_creator_openssl.cc",
 154       "signature_verifier_openssl.cc",
 155       "symmetric_key_openssl.cc",
 156     ]
 157   }
 158
 159   defines = [ "CRYPTO_IMPLEMENTATION" ]
 160 }
 161
 162 if (is_win) {
 163   # A minimal crypto subset for hmac-related stuff that small standalone
 164   # targets can use to reduce code size on Windows. This does not depend on
 165   # OpenSSL/NSS but will use Windows APIs for that functionality.
 166   source_set("crypto_minimal_win") {
 167     sources = [
 168       "crypto_export.h",
 169       "hmac.cc",
 170       "hmac.h",
 171       "hmac_win.cc",
 172       "scoped_capi_types.h",
 173       "scoped_nss_types.h",
 174       "secure_util.cc",
 175       "secure_util.h",
 176       "symmetric_key.h",
 177       "symmetric_key_win.cc",
 178       "third_party/nss/chromium-blapi.h",
 179       "third_party/nss/chromium-sha256.h",
 180       "third_party/nss/sha512.cc",
 181     ]
 182
 183     deps = [
 184       "//base",
 185       "//base/third_party/dynamic_annotations",
 186     ]
 187
 188     defines = [ "CRYPTO_IMPLEMENTATION" ]
 189   }
 190 }
 191
 192 test("crypto_unittests") {
 193   sources = [
 194     # Tests.
 195     "curve25519_unittest.cc",
 196     "ec_private_key_unittest.cc",
 197     "ec_signature_creator_unittest.cc",
 198     "encryptor_unittest.cc",
 199     "ghash_unittest.cc",
 200     "hkdf_unittest.cc",
 201     "hmac_unittest.cc",
 202     "nss_util_unittest.cc",
 203     "p224_unittest.cc",
 204     "p224_spake_unittest.cc",
 205     "random_unittest.cc",
 206     "rsa_private_key_unittest.cc",
 207     "rsa_private_key_nss_unittest.cc",
 208     "secure_hash_unittest.cc",
 209     "sha2_unittest.cc",
 210     "signature_creator_unittest.cc",
 211     "signature_verifier_unittest.cc",
 212     "symmetric_key_unittest.cc",
 213   ]
 214
 215   if (use_openssl || !is_linux) {
 216     sources -= [
 217       "rsa_private_key_nss_unittest.cc",
 218     ]
 219   }
 220
 221   if (use_openssl) {
 222     sources -= [ "nss_util_unittest.cc" ]
 223   }
 224
 225   deps = [
 226     ":crypto",
 227     ":platform",
 228     "//base",
 229     "//base/test:run_all_unittests",
 230     "//base/test:test_support",
 231     "//testing/gmock",
 232     "//testing/gtest",
 233   ]
 234 }
 235
 236 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
 237 # according to the state of the crypto flags. A target just wanting to depend
 238 # on the current SSL library should just depend on this.
 239 group("platform") {
 240   if (use_openssl) {
 241     deps = [ "//third_party/openssl" ]
 242   } else {
 243     deps = [ "//net/third_party/nss/ssl:libssl" ]
 244     if (is_linux) {
 245       # On Linux, we use the system NSS (excepting SSL where we always use our
 246       # own).
 247       #
 248       # We always need our SSL header search path to come before the system one
 249       # so our versions are used. The libssl target will add the search path we
 250       # want, but according to GN's ordering rules, direct_dependent_configs'
 251       # search path will get applied before ones inherited from our
 252       # dependencies. Therefore, we need to explicitly list our custom libssl's
 253       # config here before the system one.
 254       direct_dependent_configs = [
 255         "//net/third_party/nss/ssl:ssl_config",
 256         "//third_party/nss:system_nss_no_ssl_config",
 257       ]
 258     } else {
 259       # Non-Linux platforms use the hermetic NSS from the tree.
 260       deps += [
 261         "//third_party/nss:nspr",
 262         "//third_party/nss:nss",
 263       ]
 264     }
 265   }
 266 }