crypto/BUILD.gn

   1 # Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 # Use of this source code is governed by a BSD-style license that can be
   3 # found in the LICENSE file.
   4
   5 import("//build/config/crypto.gni")
   6 import("//testing/test.gni")
   7
   8 if (is_nacl) {
   9   component("crypto") {
  10     output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
  11     sources = [
  12       "random.cc",
  13       "random.h",
  14     ]
  15     deps = [
  16       "//base",
  17     ]
  18   }
  19 } else {
  20   component("crypto") {
  21     output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
  22     sources = [
  23       "aead_openssl.cc",
  24       "aead_openssl.h",
  25       "aes_128_gcm_helpers_nss.cc",
  26       "aes_128_gcm_helpers_nss.h",
  27       "apple_keychain.h",
  28       "apple_keychain_ios.mm",
  29       "apple_keychain_mac.mm",
  30       "capi_util.cc",
  31       "capi_util.h",
  32       "crypto_export.h",
  33       "cssm_init.cc",
  34       "cssm_init.h",
  35       "curve25519-donna.c",
  36       "curve25519.cc",
  37       "curve25519.h",
  38       "ec_private_key.h",
  39       "ec_private_key_nss.cc",
  40       "ec_private_key_openssl.cc",
  41       "ec_signature_creator.cc",
  42       "ec_signature_creator.h",
  43       "ec_signature_creator_impl.h",
  44       "ec_signature_creator_nss.cc",
  45       "ec_signature_creator_openssl.cc",
  46       "encryptor.cc",
  47       "encryptor.h",
  48       "encryptor_nss.cc",
  49       "encryptor_openssl.cc",
  50       "ghash.cc",
  51       "ghash.h",
  52       "hkdf.cc",
  53       "hkdf.h",
  54       "hmac.cc",
  55       "hmac.h",
  56       "hmac_nss.cc",
  57       "hmac_openssl.cc",
  58       "mac_security_services_lock.cc",
  59       "mac_security_services_lock.h",
  60
  61       # TODO(brettw) these mocks should be moved to a test_support_crypto target
  62       # if possible.
  63       "mock_apple_keychain.cc",
  64       "mock_apple_keychain.h",
  65       "mock_apple_keychain_ios.cc",
  66       "mock_apple_keychain_mac.cc",
  67       "nss_key_util.cc",
  68       "nss_key_util.h",
  69       "nss_util.cc",
  70       "nss_util.h",
  71       "nss_util_internal.h",
  72       "openssl_bio_string.cc",
  73       "openssl_bio_string.h",
  74       "openssl_util.cc",
  75       "openssl_util.h",
  76       "p224.cc",
  77       "p224.h",
  78       "p224_spake.cc",
  79       "p224_spake.h",
  80       "random.cc",
  81       "random.h",
  82       "rsa_private_key.cc",
  83       "rsa_private_key.h",
  84       "rsa_private_key_nss.cc",
  85       "rsa_private_key_openssl.cc",
  86       "scoped_capi_types.h",
  87       "scoped_nss_types.h",
  88       "secure_hash.h",
  89       "secure_hash_default.cc",
  90       "secure_hash_openssl.cc",
  91       "secure_util.cc",
  92       "secure_util.h",
  93       "sha2.cc",
  94       "sha2.h",
  95       "signature_creator.h",
  96       "signature_creator_nss.cc",
  97       "signature_creator_openssl.cc",
  98       "signature_verifier.h",
  99       "signature_verifier_nss.cc",
 100       "signature_verifier_openssl.cc",
 101       "symmetric_key.h",
 102       "symmetric_key_nss.cc",
 103       "symmetric_key_openssl.cc",
 104       "third_party/nss/chromium-blapi.h",
 105       "third_party/nss/chromium-blapit.h",
 106       "third_party/nss/chromium-nss.h",
 107       "third_party/nss/chromium-sha256.h",
 108       "third_party/nss/pk11akey.cc",
 109       "third_party/nss/rsawrapr.c",
 110       "third_party/nss/secsign.cc",
 111       "third_party/nss/sha512.cc",
 112     ]
 113
 114     # TODO(jschuh): crbug.com/167187 fix size_t to int truncations.
 115     configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
 116
 117     deps = [
 118       ":platform",
 119       "//base",
 120       "//base/third_party/dynamic_annotations",
 121     ]
 122
 123     if (!is_mac && !is_ios) {
 124       sources -= [
 125         "apple_keychain.h",
 126         "mock_apple_keychain.cc",
 127         "mock_apple_keychain.h",
 128       ]
 129     }
 130
 131     if (!is_mac) {
 132       sources -= [
 133         "cssm_init.cc",
 134         "cssm_init.h",
 135         "mac_security_services_lock.cc",
 136         "mac_security_services_lock.h",
 137       ]
 138     }
 139     if (!is_win) {
 140       sources -= [
 141         "capi_util.cc",
 142         "capi_util.h",
 143       ]
 144     }
 145
 146     if (is_android) {
 147       deps += [ "//third_party/android_tools:cpu_features" ]
 148     }
 149
 150     if (use_openssl) {
 151       # Remove NSS files when using OpenSSL
 152       sources -= [
 153         "aes_128_gcm_helpers_nss.cc",
 154         "aes_128_gcm_helpers_nss.h",
 155         "ec_private_key_nss.cc",
 156         "ec_signature_creator_nss.cc",
 157         "encryptor_nss.cc",
 158         "hmac_nss.cc",
 159         "rsa_private_key_nss.cc",
 160         "secure_hash_default.cc",
 161         "signature_creator_nss.cc",
 162         "signature_verifier_nss.cc",
 163         "symmetric_key_nss.cc",
 164         "third_party/nss/chromium-blapi.h",
 165         "third_party/nss/chromium-blapit.h",
 166         "third_party/nss/chromium-nss.h",
 167         "third_party/nss/pk11akey.cc",
 168         "third_party/nss/rsawrapr.c",
 169         "third_party/nss/secsign.cc",
 170       ]
 171     } else {
 172       # Remove OpenSSL when using NSS.
 173       sources -= [
 174         "aead_openssl.cc",
 175         "aead_openssl.h",
 176         "ec_private_key_openssl.cc",
 177         "ec_signature_creator_openssl.cc",
 178         "encryptor_openssl.cc",
 179         "hmac_openssl.cc",
 180         "openssl_bio_string.cc",
 181         "openssl_bio_string.h",
 182         "openssl_util.cc",
 183         "openssl_util.h",
 184         "rsa_private_key_openssl.cc",
 185         "secure_hash_openssl.cc",
 186         "signature_creator_openssl.cc",
 187         "signature_verifier_openssl.cc",
 188         "symmetric_key_openssl.cc",
 189       ]
 190     }
 191
 192     # Some files are built when NSS is used at all, either for the internal crypto
 193     # library or the platform certificate library.
 194     if (use_openssl && !use_nss_certs) {
 195       sources -= [
 196         "nss_key_util.cc",
 197         "nss_key_util.h",
 198         "nss_util.cc",
 199         "nss_util.h",
 200         "nss_util_internal.h",
 201       ]
 202     }
 203
 204     defines = [ "CRYPTO_IMPLEMENTATION" ]
 205   }
 206 }
 207
 208 # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
 209 # and make it work.
 210 if (false && is_win) {
 211   # A minimal crypto subset for hmac-related stuff that small standalone
 212   # targets can use to reduce code size on Windows. This does not depend on
 213   # OpenSSL/NSS but will use Windows APIs for that functionality.
 214   source_set("crypto_minimal_win") {
 215     sources = [
 216       "crypto_export.h",
 217       "hmac.cc",
 218       "hmac.h",
 219       "hmac_win.cc",
 220       "scoped_capi_types.h",
 221       "scoped_nss_types.h",
 222       "secure_util.cc",
 223       "secure_util.h",
 224       "symmetric_key.h",
 225       "symmetric_key_win.cc",
 226       "third_party/nss/chromium-blapi.h",
 227       "third_party/nss/chromium-sha256.h",
 228       "third_party/nss/sha512.cc",
 229     ]
 230
 231     deps = [
 232       "//base",
 233       "//base/third_party/dynamic_annotations",
 234     ]
 235
 236     defines = [ "CRYPTO_IMPLEMENTATION" ]
 237   }
 238 }
 239
 240 test("crypto_unittests") {
 241   sources = [
 242     # Tests.
 243     "aes_128_gcm_helpers_nss_unittest.cc",
 244     "curve25519_unittest.cc",
 245     "ec_private_key_unittest.cc",
 246     "ec_signature_creator_unittest.cc",
 247     "encryptor_unittest.cc",
 248     "ghash_unittest.cc",
 249     "hkdf_unittest.cc",
 250     "hmac_unittest.cc",
 251     "nss_key_util_unittest.cc",
 252     "nss_util_unittest.cc",
 253     "openssl_bio_string_unittest.cc",
 254     "p224_spake_unittest.cc",
 255     "p224_unittest.cc",
 256     "random_unittest.cc",
 257     "rsa_private_key_unittest.cc",
 258     "secure_hash_unittest.cc",
 259     "sha2_unittest.cc",
 260     "signature_creator_unittest.cc",
 261     "signature_verifier_unittest.cc",
 262     "symmetric_key_unittest.cc",
 263   ]
 264
 265   # Some files are built when NSS is used at all, either for the internal crypto
 266   # library or the platform certificate library.
 267   if (use_openssl && !use_nss_certs) {
 268     sources -= [
 269       "nss_key_util_unittest.cc",
 270       "nss_util_unittest.cc",
 271     ]
 272   }
 273
 274   if (use_openssl) {
 275     sources -= [ "aes_128_gcm_helpers_nss_unittest.cc" ]
 276   } else {
 277     sources -= [ "openssl_bio_string_unittest.cc" ]
 278   }
 279
 280   configs += [ "//build/config/compiler:no_size_t_to_int_warning" ]
 281
 282   deps = [
 283     ":crypto",
 284     ":platform",
 285     ":test_support",
 286     "//base",
 287     "//base/test:run_all_unittests",
 288     "//base/test:test_support",
 289     "//testing/gmock",
 290     "//testing/gtest",
 291   ]
 292 }
 293
 294 source_set("test_support") {
 295   sources = [
 296     "scoped_test_nss_chromeos_user.cc",
 297     "scoped_test_nss_chromeos_user.h",
 298     "scoped_test_nss_db.cc",
 299     "scoped_test_nss_db.h",
 300     "scoped_test_system_nss_key_slot.cc",
 301     "scoped_test_system_nss_key_slot.h",
 302   ]
 303   deps = [
 304     ":crypto",
 305     ":platform",
 306     "//base",
 307   ]
 308
 309   if (!use_nss_certs) {
 310     sources -= [
 311       "scoped_test_nss_db.cc",
 312       "scoped_test_nss_db.h",
 313     ]
 314   }
 315
 316   if (!is_chromeos) {
 317     sources -= [
 318       "scoped_test_nss_chromeos_user.cc",
 319       "scoped_test_nss_chromeos_user.h",
 320       "scoped_test_system_nss_key_slot.cc",
 321       "scoped_test_system_nss_key_slot.h",
 322     ]
 323   }
 324 }
 325
 326 config("platform_config") {
 327   if ((!use_openssl || use_nss_certs) && is_clang) {
 328     # There is a broken header guard in /usr/include/nss/secmod.h:
 329     # https://bugzilla.mozilla.org/show_bug.cgi?id=884072
 330     cflags = [ "-Wno-header-guard" ]
 331   }
 332 }
 333
 334 # This is a meta-target that forwards to NSS's SSL library or OpenSSL,
 335 # according to the state of the crypto flags. A target just wanting to depend
 336 # on the current SSL library should just depend on this.
 337 group("platform") {
 338   if (use_openssl) {
 339     deps = [
 340       "//third_party/boringssl",
 341     ]
 342   } else {
 343     deps = [
 344       "//net/third_party/nss/ssl:libssl",
 345     ]
 346   }
 347
 348   # Link in NSS if it is used for either the internal crypto library
 349   # (!use_openssl) or platform certificate library (use_nss_certs).
 350   if (!use_openssl || use_nss_certs) {
 351     if (is_linux) {
 352       # On Linux, we use the system NSS (excepting SSL where we always use our
 353       # own).
 354       public_configs = [ ":platform_config" ]
 355       if (!use_openssl) {
 356         # If using a bundled copy of NSS's SSL library, ensure the bundled SSL
 357         # header search path comes before the system one so our versions are
 358         # used. The libssl target will add the search path we want, but
 359         # according to GN's ordering rules, public_configs' search path will get
 360         # applied before ones inherited from our dependencies.  Therefore, we
 361         # need to explicitly list our custom libssl's config here before the
 362         # system one.
 363         public_configs += [ "//net/third_party/nss/ssl:ssl_config" ]
 364       }
 365       public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ]
 366     } else {
 367       # Non-Linux platforms use the hermetic NSS from the tree.
 368       deps += [
 369         "//third_party/nss:nspr",
 370         "//third_party/nss:nss",
 371       ]
 372     }
 373   }
 374 }