src/crypto/BUILD.gn

   1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 # Use of this source code is governed by a BSD-style license that can be
   3 # found in the LICENSE file.
   4
   5 import("//build/config/crypto.gni")
   6
   7 component("crypto") {
   8   output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
   9   sources = [
  10     "apple_keychain.h",
  11     "apple_keychain_ios.mm",
  12     "apple_keychain_mac.mm",
  13     "capi_util.cc",
  14     "capi_util.h",
  15     "crypto_export.h",
  16     "cssm_init.cc",
  17     "cssm_init.h",
  18     "curve25519.cc",
  19     "curve25519-donna.c",
  20     "curve25519.h",
  21     "ec_private_key.h",
  22     "ec_private_key_nss.cc",
  23     "ec_private_key_openssl.cc",
  24     "ec_signature_creator.cc",
  25     "ec_signature_creator.h",
  26     "ec_signature_creator_impl.h",
  27     "ec_signature_creator_nss.cc",
  28     "ec_signature_creator_openssl.cc",
  29     "encryptor.cc",
  30     "encryptor.h",
  31     "encryptor_nss.cc",
  32     "encryptor_openssl.cc",
  33     "ghash.cc",
  34     "ghash.h",
  35     "hkdf.cc",
  36     "hkdf.h",
  37     "hmac.cc",
  38     "hmac.h",
  39     "hmac_nss.cc",
  40     "hmac_openssl.cc",
  41     "mac_security_services_lock.cc",
  42     "mac_security_services_lock.h",
  43     # TODO(brettw) these mocks should be moved to a test_support_crypto target
  44     # if possible.
  45     "mock_apple_keychain.cc",
  46     "mock_apple_keychain.h",
  47     "mock_apple_keychain_ios.cc",
  48     "mock_apple_keychain_mac.cc",
  49     "nss_util.cc",
  50     "nss_util.h",
  51     "nss_util_internal.h",
  52     "openssl_util.cc",
  53     "openssl_util.h",
  54     "p224.cc",
  55     "p224.h",
  56     "p224_spake.cc",
  57     "p224_spake.h",
  58     "random.cc",
  59     "random.h",
  60     "rsa_private_key.cc",
  61     "rsa_private_key.h",
  62     "rsa_private_key_nss.cc",
  63     "rsa_private_key_openssl.cc",
  64     "scoped_capi_types.h",
  65     "scoped_nss_types.h",
  66     "secure_hash_default.cc",
  67     "secure_hash.h",
  68     "secure_hash_openssl.cc",
  69     "secure_util.cc",
  70     "secure_util.h",
  71     "sha2.cc",
  72     "sha2.h",
  73     "signature_creator.h",
  74     "signature_creator_nss.cc",
  75     "signature_creator_openssl.cc",
  76     "signature_verifier.h",
  77     "signature_verifier_nss.cc",
  78     "signature_verifier_openssl.cc",
  79     "symmetric_key.h",
  80     "symmetric_key_nss.cc",
  81     "symmetric_key_openssl.cc",
  82     "third_party/nss/chromium-blapi.h",
  83     "third_party/nss/chromium-blapit.h",
  84     "third_party/nss/chromium-nss.h",
  85     "third_party/nss/chromium-sha256.h",
  86     "third_party/nss/pk11akey.cc",
  87     "third_party/nss/rsawrapr.c",
  88     "third_party/nss/secsign.cc",
  89     "third_party/nss/sha512.cc",
  90   ]
  91
  92   deps = [
  93     ":platform",
  94     "//base",
  95     "//base/third_party/dynamic_annotations",
  96   ]
  97
  98   if (!is_mac && !is_ios) {
  99     sources -= [
 100       "apple_keychain.h",
 101       "mock_apple_keychain.cc",
 102       "mock_apple_keychain.h",
 103     ]
 104   }
 105
 106   if (!is_mac) {
 107     sources -= [
 108       "cssm_init.cc",
 109       "cssm_init.h",
 110       "mac_security_services_lock.cc",
 111       "mac_security_services_lock.h",
 112     ]
 113   }
 114   if (!is_win) {
 115     sources -= [
 116       "capi_util.cc",
 117       "capi_util.h",
 118     ]
 119   }
 120
 121   if (is_android) {
 122     deps += [ "//third_party/android_tools:cpu_features" ]
 123   }
 124
 125   if (use_openssl) {
 126     # Remove NSS files when using OpenSSL
 127     sources -= [
 128       "ec_private_key_nss.cc",
 129       "ec_signature_creator_nss.cc",
 130       "encryptor_nss.cc",
 131       "hmac_nss.cc",
 132       "nss_util.cc",
 133       "nss_util.h",
 134       "nss_util_internal.h",
 135       "rsa_private_key_nss.cc",
 136       "secure_hash_default.cc",
 137       "signature_creator_nss.cc",
 138       "signature_verifier_nss.cc",
 139       "symmetric_key_nss.cc",
 140       "third_party/nss/chromium-blapi.h",
 141       "third_party/nss/chromium-blapit.h",
 142       "third_party/nss/chromium-nss.h",
 143       "third_party/nss/pk11akey.cc",
 144       "third_party/nss/rsawrapr.c",
 145       "third_party/nss/secsign.cc",
 146     ]
 147   } else {
 148     # Remove OpenSSL when using NSS.
 149     sources -= [
 150       "ec_private_key_openssl.cc",
 151       "ec_signature_creator_openssl.cc",
 152       "encryptor_openssl.cc",
 153       "hmac_openssl.cc",
 154       "openssl_util.cc",
 155       "openssl_util.h",
 156       "rsa_private_key_openssl.cc",
 157       "secure_hash_openssl.cc",
 158       "signature_creator_openssl.cc",
 159       "signature_verifier_openssl.cc",
 160       "symmetric_key_openssl.cc",
 161     ]
 162   }
 163
 164   defines = [ "CRYPTO_IMPLEMENTATION" ]
 165 }
 166
 167 if (is_win) {
 168   # A minimal crypto subset for hmac-related stuff that small standalone
 169   # targets can use to reduce code size on Windows. This does not depend on
 170   # OpenSSL/NSS but will use Windows APIs for that functionality.
 171   source_set("crypto_minimal_win") {
 172     sources = [
 173       "crypto_export.h",
 174       "hmac.cc",
 175       "hmac.h",
 176       "hmac_win.cc",
 177       "scoped_capi_types.h",
 178       "scoped_nss_types.h",
 179       "secure_util.cc",
 180       "secure_util.h",
 181       "symmetric_key.h",
 182       "symmetric_key_win.cc",
 183       "third_party/nss/chromium-blapi.h",
 184       "third_party/nss/chromium-sha256.h",
 185       "third_party/nss/sha512.cc",
 186     ]
 187
 188     deps = [
 189       "//base",
 190       "//base/third_party/dynamic_annotations",
 191     ]
 192
 193     defines = [ "CRYPTO_IMPLEMENTATION" ]
 194   }
 195 }
 196
 197 test("crypto_unittests") {
 198   sources = [
 199     # Tests.
 200     "curve25519_unittest.cc",
 201     "ec_private_key_unittest.cc",
 202     "ec_signature_creator_unittest.cc",
 203     "encryptor_unittest.cc",
 204     "ghash_unittest.cc",
 205     "hkdf_unittest.cc",
 206     "hmac_unittest.cc",
 207     "nss_util_unittest.cc",
 208     "p224_unittest.cc",
 209     "p224_spake_unittest.cc",
 210     "random_unittest.cc",
 211     "rsa_private_key_unittest.cc",
 212     "rsa_private_key_nss_unittest.cc",
 213     "secure_hash_unittest.cc",
 214     "sha2_unittest.cc",
 215     "signature_creator_unittest.cc",
 216     "signature_verifier_unittest.cc",
 217     "symmetric_key_unittest.cc",
 218   ]
 219
 220   if (use_openssl || !is_linux) {
 221     sources -= [
 222       "rsa_private_key_nss_unittest.cc",
 223     ]
 224   }
 225
 226   if (use_openssl) {
 227     sources -= [ "nss_util_unittest.cc" ]
 228   }
 229
 230   deps = [
 231     ":crypto",
 232     ":platform",
 233     ":test_support",
 234     "//base",
 235     "//base/test:run_all_unittests",
 236     "//base/test:test_support",
 237     "//testing/gmock",
 238     "//testing/gtest",
 239   ]
 240 }
 241
 242 source_set("test_support") {
 243   sources = [
 244     "scoped_test_nss_db.cc",
 245     "scoped_test_nss_db.h",
 246     "scoped_test_nss_chromeos_user.cc",
 247     "scoped_test_nss_chromeos_user.h",
 248     "scoped_test_system_nss_key_slot.cc",
 249     "scoped_test_system_nss_key_slot.h",
 250   ]
 251   deps = [
 252     ":crypto",
 253     ":platform",
 254     "//base",
 255   ]
 256
 257   if (!use_nss_certs) {
 258     sources -= [
 259       "scoped_test_nss_db.cc",
 260       "scoped_test_nss_db.h",
 261     ]
 262   }
 263
 264   if (!is_chromeos) {
 265     sources -= [
 266       "scoped_test_nss_chromeos_user.cc",
 267       "scoped_test_nss_chromeos_user.h",
 268       "scoped_test_system_nss_key_slot.cc",
 269       "scoped_test_system_nss_key_slot.h",
 270     ]
 271   }
 272 }
 273
 274 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
 275 # according to the state of the crypto flags. A target just wanting to depend
 276 # on the current SSL library should just depend on this.
 277 group("platform") {
 278   if (use_openssl) {
 279     deps = [ "//third_party/boringssl" ]
 280   } else {
 281     deps = [ "//net/third_party/nss/ssl:libssl" ]
 282     if (is_linux) {
 283       # On Linux, we use the system NSS (excepting SSL where we always use our
 284       # own).
 285       #
 286       # We always need our SSL header search path to come before the system one
 287       # so our versions are used. The libssl target will add the search path we
 288       # want, but according to GN's ordering rules, direct_dependent_configs'
 289       # search path will get applied before ones inherited from our
 290       # dependencies. Therefore, we need to explicitly list our custom libssl's
 291       # config here before the system one.
 292       direct_dependent_configs = [
 293         "//net/third_party/nss/ssl:ssl_config",
 294         "//third_party/nss:system_nss_no_ssl_config",
 295       ]
 296     } else {
 297       # Non-Linux platforms use the hermetic NSS from the tree.
 298       deps += [
 299         "//third_party/nss:nspr",
 300         "//third_party/nss:nss",
 301       ]
 302     }
 303   }
 304 }