| blob | 307842084cb20418010cc3439c0f5a8f02321458 |
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
5 import("//build/config/crypto.gni")
7 component("crypto") {
8 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
9 sources = [
10 "apple_keychain.h",
11 "apple_keychain_ios.mm",
12 "apple_keychain_mac.mm",
13 "capi_util.cc",
14 "capi_util.h",
15 "crypto_export.h",
16 "cssm_init.cc",
17 "cssm_init.h",
18 "curve25519.cc",
19 "curve25519-donna.c",
20 "curve25519.h",
21 "ec_private_key.h",
22 "ec_private_key_nss.cc",
23 "ec_private_key_openssl.cc",
24 "ec_signature_creator.cc",
25 "ec_signature_creator.h",
26 "ec_signature_creator_impl.h",
27 "ec_signature_creator_nss.cc",
28 "ec_signature_creator_openssl.cc",
29 "encryptor.cc",
30 "encryptor.h",
31 "encryptor_nss.cc",
32 "encryptor_openssl.cc",
33 "ghash.cc",
34 "ghash.h",
35 "hkdf.cc",
36 "hkdf.h",
37 "hmac.cc",
38 "hmac.h",
39 "hmac_nss.cc",
40 "hmac_openssl.cc",
41 "mac_security_services_lock.cc",
42 "mac_security_services_lock.h",
43 # TODO(brettw) these mocks should be moved to a test_support_crypto target
44 # if possible.
45 "mock_apple_keychain.cc",
46 "mock_apple_keychain.h",
47 "mock_apple_keychain_ios.cc",
48 "mock_apple_keychain_mac.cc",
49 "nss_util.cc",
50 "nss_util.h",
51 "nss_util_internal.h",
52 "openssl_util.cc",
53 "openssl_util.h",
54 "p224.cc",
55 "p224.h",
56 "p224_spake.cc",
57 "p224_spake.h",
58 "random.cc",
59 "random.h",
60 "rsa_private_key.cc",
61 "rsa_private_key.h",
62 "rsa_private_key_nss.cc",
63 "rsa_private_key_openssl.cc",
64 "scoped_capi_types.h",
65 "scoped_nss_types.h",
66 "secure_hash_default.cc",
67 "secure_hash.h",
68 "secure_hash_openssl.cc",
69 "secure_util.cc",
70 "secure_util.h",
71 "sha2.cc",
72 "sha2.h",
73 "signature_creator.h",
74 "signature_creator_nss.cc",
75 "signature_creator_openssl.cc",
76 "signature_verifier.h",
77 "signature_verifier_nss.cc",
78 "signature_verifier_openssl.cc",
79 "symmetric_key.h",
80 "symmetric_key_nss.cc",
81 "symmetric_key_openssl.cc",
82 "third_party/nss/chromium-blapi.h",
83 "third_party/nss/chromium-blapit.h",
84 "third_party/nss/chromium-nss.h",
85 "third_party/nss/chromium-sha256.h",
86 "third_party/nss/pk11akey.cc",
87 "third_party/nss/rsawrapr.c",
88 "third_party/nss/secsign.cc",
89 "third_party/nss/sha512.cc",
90 ]
92 deps = [
93 ":platform",
94 "//base",
95 "//base/third_party/dynamic_annotations",
96 ]
98 if (!is_mac && !is_ios) {
99 sources -= [
100 "apple_keychain.h",
101 "mock_apple_keychain.cc",
102 "mock_apple_keychain.h",
103 ]
104 }
106 if (!is_mac) {
107 sources -= [
108 "cssm_init.cc",
109 "cssm_init.h",
110 "mac_security_services_lock.cc",
111 "mac_security_services_lock.h",
112 ]
113 }
114 if (!is_win) {
115 sources -= [
116 "capi_util.cc",
117 "capi_util.h",
118 ]
119 }
121 if (is_android) {
122 deps += [ "//third_party/android_tools:cpu_features" ]
123 }
125 if (use_openssl) {
126 # Remove NSS files when using OpenSSL
127 sources -= [
128 "ec_private_key_nss.cc",
129 "ec_signature_creator_nss.cc",
130 "encryptor_nss.cc",
131 "hmac_nss.cc",
132 "nss_util.cc",
133 "nss_util.h",
134 "rsa_private_key_nss.cc",
135 "secure_hash_default.cc",
136 "signature_creator_nss.cc",
137 "signature_verifier_nss.cc",
138 "symmetric_key_nss.cc",
139 "third_party/nss/chromium-blapi.h",
140 "third_party/nss/chromium-blapit.h",
141 "third_party/nss/chromium-nss.h",
142 "third_party/nss/pk11akey.cc",
143 "third_party/nss/rsawrapr.c",
144 "third_party/nss/secsign.cc",
145 ]
146 } else {
147 # Remove OpenSSL when using NSS.
148 sources -= [
149 "ec_private_key_openssl.cc",
150 "ec_signature_creator_openssl.cc",
151 "encryptor_openssl.cc",
152 "hmac_openssl.cc",
153 "openssl_util.cc",
154 "openssl_util.h",
155 "rsa_private_key_openssl.cc",
156 "secure_hash_openssl.cc",
157 "signature_creator_openssl.cc",
158 "signature_verifier_openssl.cc",
159 "symmetric_key_openssl.cc",
160 ]
161 }
163 defines = [ "CRYPTO_IMPLEMENTATION" ]
164 }
166 if (is_win) {
167 # A minimal crypto subset for hmac-related stuff that small standalone
168 # targets can use to reduce code size on Windows. This does not depend on
169 # OpenSSL/NSS but will use Windows APIs for that functionality.
170 source_set("crypto_minimal_win") {
171 sources = [
172 "crypto_export.h",
173 "hmac.cc",
174 "hmac.h",
175 "hmac_win.cc",
176 "scoped_capi_types.h",
177 "scoped_nss_types.h",
178 "secure_util.cc",
179 "secure_util.h",
180 "symmetric_key.h",
181 "symmetric_key_win.cc",
182 "third_party/nss/chromium-blapi.h",
183 "third_party/nss/chromium-sha256.h",
184 "third_party/nss/sha512.cc",
185 ]
187 deps = [
188 "//base",
189 "//base/third_party/dynamic_annotations",
190 ]
192 defines = [ "CRYPTO_IMPLEMENTATION" ]
193 }
194 }
196 test("crypto_unittests") {
197 sources = [
198 # Tests.
199 "curve25519_unittest.cc",
200 "ec_private_key_unittest.cc",
201 "ec_signature_creator_unittest.cc",
202 "encryptor_unittest.cc",
203 "ghash_unittest.cc",
204 "hkdf_unittest.cc",
205 "hmac_unittest.cc",
206 "nss_util_unittest.cc",
207 "p224_unittest.cc",
208 "p224_spake_unittest.cc",
209 "random_unittest.cc",
210 "rsa_private_key_unittest.cc",
211 "rsa_private_key_nss_unittest.cc",
212 "secure_hash_unittest.cc",
213 "sha2_unittest.cc",
214 "signature_creator_unittest.cc",
215 "signature_verifier_unittest.cc",
216 "symmetric_key_unittest.cc",
217 ]
219 if (use_openssl || !is_linux) {
220 sources -= [
221 "rsa_private_key_nss_unittest.cc",
222 ]
223 }
225 if (use_openssl) {
226 sources -= [ "nss_util_unittest.cc" ]
227 }
229 deps = [
230 ":crypto",
231 ":platform",
232 "//base",
233 "//base/test:run_all_unittests",
234 "//base/test:test_support",
235 "//testing/gmock",
236 "//testing/gtest",
237 ]
238 }
240 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
241 # according to the state of the crypto flags. A target just wanting to depend
242 # on the current SSL library should just depend on this.
243 group("platform") {
244 if (use_openssl) {
245 deps = [ "//third_party/openssl" ]
246 } else {
247 deps = [ "//net/third_party/nss/ssl:libssl" ]
248 if (is_linux) {
249 # On Linux, we use the system NSS (excepting SSL where we always use our
250 # own).
251 #
252 # We always need our SSL header search path to come before the system one
253 # so our versions are used. The libssl target will add the search path we
254 # want, but according to GN's ordering rules, direct_dependent_configs'
255 # search path will get applied before ones inherited from our
256 # dependencies. Therefore, we need to explicitly list our custom libssl's
257 # config here before the system one.
258 direct_dependent_configs = [
259 "//net/third_party/nss/ssl:ssl_config",
260 "//third_party/nss:system_nss_no_ssl_config",
261 ]
262 } else {
263 # Non-Linux platforms use the hermetic NSS from the tree.
264 deps += [
265 "//third_party/nss:nspr",
266 "//third_party/nss:nss",
267 ]
268 }
269 }
270 }