1# Copyright (c) 2013 The Chromium Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5import("//build/config/crypto.gni") 6 7component("crypto") { 8 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. 9 sources = [ 10 "apple_keychain.h", 11 "apple_keychain_ios.mm", 12 "apple_keychain_mac.mm", 13 "capi_util.cc", 14 "capi_util.h", 15 "crypto_export.h", 16 "cssm_init.cc", 17 "cssm_init.h", 18 "curve25519.cc", 19 "curve25519-donna.c", 20 "curve25519.h", 21 "ec_private_key.h", 22 "ec_private_key_nss.cc", 23 "ec_private_key_openssl.cc", 24 "ec_signature_creator.cc", 25 "ec_signature_creator.h", 26 "ec_signature_creator_impl.h", 27 "ec_signature_creator_nss.cc", 28 "ec_signature_creator_openssl.cc", 29 "encryptor.cc", 30 "encryptor.h", 31 "encryptor_nss.cc", 32 "encryptor_openssl.cc", 33 "ghash.cc", 34 "ghash.h", 35 "hkdf.cc", 36 "hkdf.h", 37 "hmac.cc", 38 "hmac.h", 39 "hmac_nss.cc", 40 "hmac_openssl.cc", 41 "mac_security_services_lock.cc", 42 "mac_security_services_lock.h", 43 # TODO(brettw) these mocks should be moved to a test_support_crypto target 44 # if possible. 45 "mock_apple_keychain.cc", 46 "mock_apple_keychain.h", 47 "mock_apple_keychain_ios.cc", 48 "mock_apple_keychain_mac.cc", 49 "nss_util.cc", 50 "nss_util.h", 51 "nss_util_internal.h", 52 "openssl_util.cc", 53 "openssl_util.h", 54 "p224.cc", 55 "p224.h", 56 "p224_spake.cc", 57 "p224_spake.h", 58 "random.cc", 59 "random.h", 60 "rsa_private_key.cc", 61 "rsa_private_key.h", 62 "rsa_private_key_nss.cc", 63 "rsa_private_key_openssl.cc", 64 "scoped_capi_types.h", 65 "scoped_nss_types.h", 66 "secure_hash_default.cc", 67 "secure_hash.h", 68 "secure_hash_openssl.cc", 69 "secure_util.cc", 70 "secure_util.h", 71 "sha2.cc", 72 "sha2.h", 73 "signature_creator.h", 74 "signature_creator_nss.cc", 75 "signature_creator_openssl.cc", 76 "signature_verifier.h", 77 "signature_verifier_nss.cc", 78 "signature_verifier_openssl.cc", 79 "symmetric_key.h", 80 "symmetric_key_nss.cc", 81 "symmetric_key_openssl.cc", 82 "third_party/nss/chromium-blapi.h", 83 "third_party/nss/chromium-blapit.h", 84 "third_party/nss/chromium-nss.h", 85 "third_party/nss/chromium-sha256.h", 86 "third_party/nss/pk11akey.cc", 87 "third_party/nss/rsawrapr.c", 88 "third_party/nss/secsign.cc", 89 "third_party/nss/sha512.cc", 90 ] 91 92 deps = [ 93 ":platform", 94 "//base", 95 "//base/third_party/dynamic_annotations", 96 ] 97 98 if (!is_mac && !is_ios) { 99 sources -= [ 100 "apple_keychain.h", 101 "mock_apple_keychain.cc", 102 "mock_apple_keychain.h", 103 ] 104 } 105 106 if (!is_mac) { 107 sources -= [ 108 "cssm_init.cc", 109 "cssm_init.h", 110 "mac_security_services_lock.cc", 111 "mac_security_services_lock.h", 112 ] 113 } 114 if (!is_win) { 115 sources -= [ 116 "capi_util.cc", 117 "capi_util.h", 118 ] 119 } 120 121 if (is_android) { 122 deps += [ "//third_party/android_tools:cpu_features" ] 123 } 124 125 if (use_openssl) { 126 # Remove NSS files when using OpenSSL 127 sources -= [ 128 "ec_private_key_nss.cc", 129 "ec_signature_creator_nss.cc", 130 "encryptor_nss.cc", 131 "hmac_nss.cc", 132 "nss_util.cc", 133 "nss_util.h", 134 "nss_util_internal.h", 135 "rsa_private_key_nss.cc", 136 "secure_hash_default.cc", 137 "signature_creator_nss.cc", 138 "signature_verifier_nss.cc", 139 "symmetric_key_nss.cc", 140 "third_party/nss/chromium-blapi.h", 141 "third_party/nss/chromium-blapit.h", 142 "third_party/nss/chromium-nss.h", 143 "third_party/nss/pk11akey.cc", 144 "third_party/nss/rsawrapr.c", 145 "third_party/nss/secsign.cc", 146 ] 147 } else { 148 # Remove OpenSSL when using NSS. 149 sources -= [ 150 "ec_private_key_openssl.cc", 151 "ec_signature_creator_openssl.cc", 152 "encryptor_openssl.cc", 153 "hmac_openssl.cc", 154 "openssl_util.cc", 155 "openssl_util.h", 156 "rsa_private_key_openssl.cc", 157 "secure_hash_openssl.cc", 158 "signature_creator_openssl.cc", 159 "signature_verifier_openssl.cc", 160 "symmetric_key_openssl.cc", 161 ] 162 } 163 164 defines = [ "CRYPTO_IMPLEMENTATION" ] 165} 166 167if (is_win) { 168 # A minimal crypto subset for hmac-related stuff that small standalone 169 # targets can use to reduce code size on Windows. This does not depend on 170 # OpenSSL/NSS but will use Windows APIs for that functionality. 171 source_set("crypto_minimal_win") { 172 sources = [ 173 "crypto_export.h", 174 "hmac.cc", 175 "hmac.h", 176 "hmac_win.cc", 177 "scoped_capi_types.h", 178 "scoped_nss_types.h", 179 "secure_util.cc", 180 "secure_util.h", 181 "symmetric_key.h", 182 "symmetric_key_win.cc", 183 "third_party/nss/chromium-blapi.h", 184 "third_party/nss/chromium-sha256.h", 185 "third_party/nss/sha512.cc", 186 ] 187 188 deps = [ 189 "//base", 190 "//base/third_party/dynamic_annotations", 191 ] 192 193 defines = [ "CRYPTO_IMPLEMENTATION" ] 194 } 195} 196 197test("crypto_unittests") { 198 sources = [ 199 # Tests. 200 "curve25519_unittest.cc", 201 "ec_private_key_unittest.cc", 202 "ec_signature_creator_unittest.cc", 203 "encryptor_unittest.cc", 204 "ghash_unittest.cc", 205 "hkdf_unittest.cc", 206 "hmac_unittest.cc", 207 "nss_util_unittest.cc", 208 "p224_unittest.cc", 209 "p224_spake_unittest.cc", 210 "random_unittest.cc", 211 "rsa_private_key_unittest.cc", 212 "rsa_private_key_nss_unittest.cc", 213 "secure_hash_unittest.cc", 214 "sha2_unittest.cc", 215 "signature_creator_unittest.cc", 216 "signature_verifier_unittest.cc", 217 "symmetric_key_unittest.cc", 218 ] 219 220 if (use_openssl || !is_linux) { 221 sources -= [ 222 "rsa_private_key_nss_unittest.cc", 223 ] 224 } 225 226 if (use_openssl) { 227 sources -= [ "nss_util_unittest.cc" ] 228 } 229 230 deps = [ 231 ":crypto", 232 ":platform", 233 ":test_support", 234 "//base", 235 "//base/test:run_all_unittests", 236 "//base/test:test_support", 237 "//testing/gmock", 238 "//testing/gtest", 239 ] 240} 241 242source_set("test_support") { 243 sources = [ 244 "scoped_test_nss_db.cc", 245 "scoped_test_nss_db.h", 246 "scoped_test_nss_chromeos_user.cc", 247 "scoped_test_nss_chromeos_user.h", 248 "scoped_test_system_nss_key_slot.cc", 249 "scoped_test_system_nss_key_slot.h", 250 ] 251 deps = [ 252 ":crypto", 253 ":platform", 254 "//base", 255 ] 256 257 if (!use_nss_certs) { 258 sources -= [ 259 "scoped_test_nss_db.cc", 260 "scoped_test_nss_db.h", 261 ] 262 } 263 264 if (!is_chromeos) { 265 sources -= [ 266 "scoped_test_nss_chromeos_user.cc", 267 "scoped_test_nss_chromeos_user.h", 268 "scoped_test_system_nss_key_slot.cc", 269 "scoped_test_system_nss_key_slot.h", 270 ] 271 } 272} 273 274# This is a meta-target that forwards to NSS's SSL library or OpenSSL, 275# according to the state of the crypto flags. A target just wanting to depend 276# on the current SSL library should just depend on this. 277group("platform") { 278 if (use_openssl) { 279 deps = [ "//third_party/boringssl" ] 280 } else { 281 deps = [ "//net/third_party/nss/ssl:libssl" ] 282 if (is_linux) { 283 # On Linux, we use the system NSS (excepting SSL where we always use our 284 # own). 285 # 286 # We always need our SSL header search path to come before the system one 287 # so our versions are used. The libssl target will add the search path we 288 # want, but according to GN's ordering rules, public_configs' search path 289 # will get applied before ones inherited from our dependencies. 290 # Therefore, we need to explicitly list our custom libssl's config here 291 # before the system one. 292 public_configs = [ 293 "//net/third_party/nss/ssl:ssl_config", 294 "//third_party/nss:system_nss_no_ssl_config", 295 ] 296 } else { 297 # Non-Linux platforms use the hermetic NSS from the tree. 298 deps += [ 299 "//third_party/nss:nspr", 300 "//third_party/nss:nss", 301 ] 302 } 303 } 304} 305