1 # Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 # Use of this source code is governed by a BSD-style license that can be 3 # found in the LICENSE file. 4 5 import("//build/config/crypto.gni") 6 7 component("crypto") { 8 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. 9 sources = [ 10 "apple_keychain.h", 11 "apple_keychain_ios.mm", 12 "apple_keychain_mac.mm", 13 "capi_util.cc", 14 "capi_util.h", 15 "crypto_export.h", 16 "cssm_init.cc", 17 "cssm_init.h", 18 "curve25519.cc", 19 "curve25519-donna.c", 20 "curve25519.h", 21 "ec_private_key.h", 22 "ec_private_key_nss.cc", 23 "ec_private_key_openssl.cc", 24 "ec_signature_creator.cc", 25 "ec_signature_creator.h", 26 "ec_signature_creator_impl.h", 27 "ec_signature_creator_nss.cc", 28 "ec_signature_creator_openssl.cc", 29 "encryptor.cc", 30 "encryptor.h", 31 "encryptor_nss.cc", 32 "encryptor_openssl.cc", 33 "ghash.cc", 34 "ghash.h", 35 "hkdf.cc", 36 "hkdf.h", 37 "hmac.cc", 38 "hmac.h", 39 "hmac_nss.cc", 40 "hmac_openssl.cc", 41 "mac_security_services_lock.cc", 42 "mac_security_services_lock.h", 43 # TODO(brettw) these mocks should be moved to a test_support_crypto target 44 # if possible. 45 "mock_apple_keychain.cc", 46 "mock_apple_keychain.h", 47 "mock_apple_keychain_ios.cc", 48 "mock_apple_keychain_mac.cc", 49 "nss_util.cc", 50 "nss_util.h", 51 "nss_util_internal.h", 52 "openssl_util.cc", 53 "openssl_util.h", 54 "p224.cc", 55 "p224.h", 56 "p224_spake.cc", 57 "p224_spake.h", 58 "random.cc", 59 "random.h", 60 "rsa_private_key.cc", 61 "rsa_private_key.h", 62 "rsa_private_key_nss.cc", 63 "rsa_private_key_openssl.cc", 64 "scoped_capi_types.h", 65 "scoped_nss_types.h", 66 "secure_hash_default.cc", 67 "secure_hash.h", 68 "secure_hash_openssl.cc", 69 "secure_util.cc", 70 "secure_util.h", 71 "sha2.cc", 72 "sha2.h", 73 "signature_creator.h", 74 "signature_creator_nss.cc", 75 "signature_creator_openssl.cc", 76 "signature_verifier.h", 77 "signature_verifier_nss.cc", 78 "signature_verifier_openssl.cc", 79 "symmetric_key.h", 80 "symmetric_key_nss.cc", 81 "symmetric_key_openssl.cc", 82 "third_party/nss/chromium-blapi.h", 83 "third_party/nss/chromium-blapit.h", 84 "third_party/nss/chromium-nss.h", 85 "third_party/nss/chromium-sha256.h", 86 "third_party/nss/pk11akey.cc", 87 "third_party/nss/rsawrapr.c", 88 "third_party/nss/secsign.cc", 89 "third_party/nss/sha512.cc", 90 ] 91 92 deps = [ 93 ":platform", 94 "//base", 95 "//base/third_party/dynamic_annotations", 96 ] 97 98 if (!is_mac && !is_ios) { 99 sources -= [ 100 "apple_keychain.h", 101 "mock_apple_keychain.cc", 102 "mock_apple_keychain.h", 103 ] 104 } 105 106 if (!is_mac) { 107 sources -= [ 108 "cssm_init.cc", 109 "cssm_init.h", 110 "mac_security_services_lock.cc", 111 "mac_security_services_lock.h", 112 ] 113 } 114 if (!is_win) { 115 sources -= [ 116 "capi_util.cc", 117 "capi_util.h", 118 ] 119 } 120 121 if (is_android) { 122 deps += [ "//third_party/android_tools:cpu_features" ] 123 } 124 125 if (use_openssl) { 126 # Remove NSS files when using OpenSSL 127 sources -= [ 128 "ec_private_key_nss.cc", 129 "ec_signature_creator_nss.cc", 130 "encryptor_nss.cc", 131 "hmac_nss.cc", 132 "nss_util.cc", 133 "nss_util.h", 134 "rsa_private_key_nss.cc", 135 "secure_hash_default.cc", 136 "signature_creator_nss.cc", 137 "signature_verifier_nss.cc", 138 "symmetric_key_nss.cc", 139 "third_party/nss/chromium-blapi.h", 140 "third_party/nss/chromium-blapit.h", 141 "third_party/nss/chromium-nss.h", 142 "third_party/nss/pk11akey.cc", 143 "third_party/nss/rsawrapr.c", 144 "third_party/nss/secsign.cc", 145 ] 146 } else { 147 # Remove OpenSSL when using NSS. 148 sources -= [ 149 "ec_private_key_openssl.cc", 150 "ec_signature_creator_openssl.cc", 151 "encryptor_openssl.cc", 152 "hmac_openssl.cc", 153 "openssl_util.cc", 154 "openssl_util.h", 155 "rsa_private_key_openssl.cc", 156 "secure_hash_openssl.cc", 157 "signature_creator_openssl.cc", 158 "signature_verifier_openssl.cc", 159 "symmetric_key_openssl.cc", 160 ] 161 } 162 163 defines = [ "CRYPTO_IMPLEMENTATION" ] 164 } 165 166 if (is_win) { 167 # A minimal crypto subset for hmac-related stuff that small standalone 168 # targets can use to reduce code size on Windows. This does not depend on 169 # OpenSSL/NSS but will use Windows APIs for that functionality. 170 source_set("crypto_minimal_win") { 171 sources = [ 172 "crypto_export.h", 173 "hmac.cc", 174 "hmac.h", 175 "hmac_win.cc", 176 "scoped_capi_types.h", 177 "scoped_nss_types.h", 178 "secure_util.cc", 179 "secure_util.h", 180 "symmetric_key.h", 181 "symmetric_key_win.cc", 182 "third_party/nss/chromium-blapi.h", 183 "third_party/nss/chromium-sha256.h", 184 "third_party/nss/sha512.cc", 185 ] 186 187 deps = [ 188 "//base", 189 "//base/third_party/dynamic_annotations", 190 ] 191 192 defines = [ "CRYPTO_IMPLEMENTATION" ] 193 } 194 } 195 196 test("crypto_unittests") { 197 sources = [ 198 # Tests. 199 "curve25519_unittest.cc", 200 "ec_private_key_unittest.cc", 201 "ec_signature_creator_unittest.cc", 202 "encryptor_unittest.cc", 203 "ghash_unittest.cc", 204 "hkdf_unittest.cc", 205 "hmac_unittest.cc", 206 "nss_util_unittest.cc", 207 "p224_unittest.cc", 208 "p224_spake_unittest.cc", 209 "random_unittest.cc", 210 "rsa_private_key_unittest.cc", 211 "rsa_private_key_nss_unittest.cc", 212 "secure_hash_unittest.cc", 213 "sha2_unittest.cc", 214 "signature_creator_unittest.cc", 215 "signature_verifier_unittest.cc", 216 "symmetric_key_unittest.cc", 217 ] 218 219 if (use_openssl || !is_linux) { 220 sources -= [ 221 "rsa_private_key_nss_unittest.cc", 222 ] 223 } 224 225 if (use_openssl) { 226 sources -= [ "nss_util_unittest.cc" ] 227 } 228 229 deps = [ 230 ":crypto", 231 ":platform", 232 "//base", 233 "//base/test:run_all_unittests", 234 "//base/test:test_support", 235 "//testing/gmock", 236 "//testing/gtest", 237 ] 238 } 239 240 # This is a meta-target that forwards to NSS's SSL library or OpenSSL, 241 # according to the state of the crypto flags. A target just wanting to depend 242 # on the current SSL library should just depend on this. 243 group("platform") { 244 if (use_openssl) { 245 deps = [ "//third_party/openssl" ] 246 } else { 247 deps = [ "//net/third_party/nss/ssl:libssl" ] 248 if (is_linux) { 249 # On Linux, we use the system NSS (excepting SSL where we always use our 250 # own). 251 # 252 # We always need our SSL header search path to come before the system one 253 # so our versions are used. The libssl target will add the search path we 254 # want, but according to GN's ordering rules, direct_dependent_configs' 255 # search path will get applied before ones inherited from our 256 # dependencies. Therefore, we need to explicitly list our custom libssl's 257 # config here before the system one. 258 direct_dependent_configs = [ 259 "//net/third_party/nss/ssl:ssl_config", 260 "//third_party/nss:system_nss_no_ssl_config", 261 ] 262 } else { 263 # Non-Linux platforms use the hermetic NSS from the tree. 264 deps += [ 265 "//third_party/nss:nspr", 266 "//third_party/nss:nss", 267 ] 268 } 269 } 270 } 271
