| # Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import("//build/config/crypto.gni") |
| import("//testing/test.gni") |
| |
| component("crypto") { |
| output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. |
| sources = [ |
| "apple_keychain.h", |
| "apple_keychain_ios.mm", |
| "apple_keychain_mac.mm", |
| "capi_util.cc", |
| "capi_util.h", |
| "crypto_export.h", |
| "cssm_init.cc", |
| "cssm_init.h", |
| "curve25519.cc", |
| "curve25519-donna.c", |
| "curve25519.h", |
| "ec_private_key.h", |
| "ec_private_key_nss.cc", |
| "ec_private_key_openssl.cc", |
| "ec_signature_creator.cc", |
| "ec_signature_creator.h", |
| "ec_signature_creator_impl.h", |
| "ec_signature_creator_nss.cc", |
| "ec_signature_creator_openssl.cc", |
| "encryptor.cc", |
| "encryptor.h", |
| "encryptor_nss.cc", |
| "encryptor_openssl.cc", |
| "ghash.cc", |
| "ghash.h", |
| "hkdf.cc", |
| "hkdf.h", |
| "hmac.cc", |
| "hmac.h", |
| "hmac_nss.cc", |
| "hmac_openssl.cc", |
| "mac_security_services_lock.cc", |
| "mac_security_services_lock.h", |
| |
| # TODO(brettw) these mocks should be moved to a test_support_crypto target |
| # if possible. |
| "mock_apple_keychain.cc", |
| "mock_apple_keychain.h", |
| "mock_apple_keychain_ios.cc", |
| "mock_apple_keychain_mac.cc", |
| "nss_util.cc", |
| "nss_util.h", |
| "nss_util_internal.h", |
| "openssl_bio_string.cc", |
| "openssl_bio_string.h", |
| "openssl_util.cc", |
| "openssl_util.h", |
| "p224.cc", |
| "p224.h", |
| "p224_spake.cc", |
| "p224_spake.h", |
| "random.cc", |
| "random.h", |
| "rsa_private_key.cc", |
| "rsa_private_key.h", |
| "rsa_private_key_nss.cc", |
| "rsa_private_key_openssl.cc", |
| "scoped_capi_types.h", |
| "scoped_nss_types.h", |
| "secure_hash_default.cc", |
| "secure_hash.h", |
| "secure_hash_openssl.cc", |
| "secure_util.cc", |
| "secure_util.h", |
| "sha2.cc", |
| "sha2.h", |
| "signature_creator.h", |
| "signature_creator_nss.cc", |
| "signature_creator_openssl.cc", |
| "signature_verifier.h", |
| "signature_verifier_nss.cc", |
| "signature_verifier_openssl.cc", |
| "symmetric_key.h", |
| "symmetric_key_nss.cc", |
| "symmetric_key_openssl.cc", |
| "third_party/nss/chromium-blapi.h", |
| "third_party/nss/chromium-blapit.h", |
| "third_party/nss/chromium-nss.h", |
| "third_party/nss/chromium-sha256.h", |
| "third_party/nss/pk11akey.cc", |
| "third_party/nss/rsawrapr.c", |
| "third_party/nss/secsign.cc", |
| "third_party/nss/sha512.cc", |
| ] |
| |
| # TODO(jschuh): crbug.com/167187 fix size_t to int truncations. |
| configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] |
| |
| deps = [ |
| ":platform", |
| "//base", |
| "//base/third_party/dynamic_annotations", |
| ] |
| |
| if (!is_mac && !is_ios) { |
| sources -= [ |
| "apple_keychain.h", |
| "mock_apple_keychain.cc", |
| "mock_apple_keychain.h", |
| ] |
| } |
| |
| if (!is_mac) { |
| sources -= [ |
| "cssm_init.cc", |
| "cssm_init.h", |
| "mac_security_services_lock.cc", |
| "mac_security_services_lock.h", |
| ] |
| } |
| if (!is_win) { |
| sources -= [ |
| "capi_util.cc", |
| "capi_util.h", |
| ] |
| } |
| |
| if (is_android) { |
| deps += [ "//third_party/android_tools:cpu_features" ] |
| } |
| |
| if (use_openssl) { |
| # Remove NSS files when using OpenSSL |
| sources -= [ |
| "ec_private_key_nss.cc", |
| "ec_signature_creator_nss.cc", |
| "encryptor_nss.cc", |
| "hmac_nss.cc", |
| "nss_util.cc", |
| "nss_util.h", |
| "nss_util_internal.h", |
| "rsa_private_key_nss.cc", |
| "secure_hash_default.cc", |
| "signature_creator_nss.cc", |
| "signature_verifier_nss.cc", |
| "symmetric_key_nss.cc", |
| "third_party/nss/chromium-blapi.h", |
| "third_party/nss/chromium-blapit.h", |
| "third_party/nss/chromium-nss.h", |
| "third_party/nss/pk11akey.cc", |
| "third_party/nss/rsawrapr.c", |
| "third_party/nss/secsign.cc", |
| ] |
| } else { |
| # Remove OpenSSL when using NSS. |
| sources -= [ |
| "ec_private_key_openssl.cc", |
| "ec_signature_creator_openssl.cc", |
| "encryptor_openssl.cc", |
| "hmac_openssl.cc", |
| "openssl_bio_string.cc", |
| "openssl_bio_string.h", |
| "openssl_util.cc", |
| "openssl_util.h", |
| "rsa_private_key_openssl.cc", |
| "secure_hash_openssl.cc", |
| "signature_creator_openssl.cc", |
| "signature_verifier_openssl.cc", |
| "symmetric_key_openssl.cc", |
| ] |
| } |
| |
| defines = [ "CRYPTO_IMPLEMENTATION" ] |
| } |
| |
| # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff |
| # and make it work. |
| if (false && is_win) { |
| # A minimal crypto subset for hmac-related stuff that small standalone |
| # targets can use to reduce code size on Windows. This does not depend on |
| # OpenSSL/NSS but will use Windows APIs for that functionality. |
| source_set("crypto_minimal_win") { |
| sources = [ |
| "crypto_export.h", |
| "hmac.cc", |
| "hmac.h", |
| "hmac_win.cc", |
| "scoped_capi_types.h", |
| "scoped_nss_types.h", |
| "secure_util.cc", |
| "secure_util.h", |
| "symmetric_key.h", |
| "symmetric_key_win.cc", |
| "third_party/nss/chromium-blapi.h", |
| "third_party/nss/chromium-sha256.h", |
| "third_party/nss/sha512.cc", |
| ] |
| |
| deps = [ |
| "//base", |
| "//base/third_party/dynamic_annotations", |
| ] |
| |
| defines = [ "CRYPTO_IMPLEMENTATION" ] |
| } |
| } |
| |
| # TODO(GYP): Make this link on win as well. |
| if (!is_win) { |
| test("crypto_unittests") { |
| sources = [ |
| # Tests. |
| "curve25519_unittest.cc", |
| "ec_private_key_unittest.cc", |
| "ec_signature_creator_unittest.cc", |
| "encryptor_unittest.cc", |
| "ghash_unittest.cc", |
| "hkdf_unittest.cc", |
| "hmac_unittest.cc", |
| "nss_util_unittest.cc", |
| "openssl_bio_string_unittest.cc", |
| "p224_unittest.cc", |
| "p224_spake_unittest.cc", |
| "random_unittest.cc", |
| "rsa_private_key_unittest.cc", |
| "rsa_private_key_nss_unittest.cc", |
| "secure_hash_unittest.cc", |
| "sha2_unittest.cc", |
| "signature_creator_unittest.cc", |
| "signature_verifier_unittest.cc", |
| "symmetric_key_unittest.cc", |
| ] |
| |
| if (use_openssl || !is_linux) { |
| sources -= [ "rsa_private_key_nss_unittest.cc" ] |
| } |
| |
| if (use_openssl) { |
| sources -= [ "nss_util_unittest.cc" ] |
| } else { |
| sources -= [ "openssl_bio_string_unittest.cc" ] |
| } |
| |
| deps = [ |
| ":crypto", |
| ":platform", |
| ":test_support", |
| "//base", |
| "//base/test:run_all_unittests", |
| "//base/test:test_support", |
| "//testing/gmock", |
| "//testing/gtest", |
| ] |
| } |
| } |
| |
| source_set("test_support") { |
| sources = [ |
| "scoped_test_nss_db.cc", |
| "scoped_test_nss_db.h", |
| "scoped_test_nss_chromeos_user.cc", |
| "scoped_test_nss_chromeos_user.h", |
| "scoped_test_system_nss_key_slot.cc", |
| "scoped_test_system_nss_key_slot.h", |
| ] |
| deps = [ |
| ":crypto", |
| ":platform", |
| "//base", |
| ] |
| |
| if (!use_nss_certs) { |
| sources -= [ |
| "scoped_test_nss_db.cc", |
| "scoped_test_nss_db.h", |
| ] |
| } |
| |
| if (!is_chromeos) { |
| sources -= [ |
| "scoped_test_nss_chromeos_user.cc", |
| "scoped_test_nss_chromeos_user.h", |
| "scoped_test_system_nss_key_slot.cc", |
| "scoped_test_system_nss_key_slot.h", |
| ] |
| } |
| } |
| |
| # This is a meta-target that forwards to NSS's SSL library or OpenSSL, |
| # according to the state of the crypto flags. A target just wanting to depend |
| # on the current SSL library should just depend on this. |
| group("platform") { |
| if (use_openssl) { |
| deps = [ |
| "//third_party/boringssl", |
| ] |
| } else { |
| deps = [ |
| "//net/third_party/nss/ssl:libssl", |
| ] |
| if (is_linux) { |
| # On Linux, we use the system NSS (excepting SSL where we always use our |
| # own). |
| # |
| # We always need our SSL header search path to come before the system one |
| # so our versions are used. The libssl target will add the search path we |
| # want, but according to GN's ordering rules, public_configs' search path |
| # will get applied before ones inherited from our dependencies. |
| # Therefore, we need to explicitly list our custom libssl's config here |
| # before the system one. |
| public_configs = [ |
| "//net/third_party/nss/ssl:ssl_config", |
| "//third_party/nss:system_nss_no_ssl_config", |
| ] |
| } else { |
| # Non-Linux platforms use the hermetic NSS from the tree. |
| deps += [ |
| "//third_party/nss:nspr", |
| "//third_party/nss:nss", |
| ] |
| } |
| } |
| } |