| OLD | NEW |
|---|
| (Empty) | |
| 1 # Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 # Use of this source code is governed by a BSD-style license that can be |
| 3 # found in the LICENSE file. |
| 4 |
| 5 import("//build/config/crypto.gni") |
| 6 import("//testing/test.gni") |
| 7 |
| 8 if (is_nacl) { |
| 9 component("crypto") { |
| 10 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. |
| 11 sources = [ |
| 12 "random.cc", |
| 13 "random.h", |
| 14 ] |
| 15 deps = [ |
| 16 "//base", |
| 17 ] |
| 18 } |
| 19 } else { |
| 20 component("crypto") { |
| 21 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. |
| 22 sources = [ |
| 23 "aead_openssl.cc", |
| 24 "aead_openssl.h", |
| 25 "aes_128_gcm_helpers_nss.cc", |
| 26 "aes_128_gcm_helpers_nss.h", |
| 27 "apple_keychain.h", |
| 28 "apple_keychain_ios.mm", |
| 29 "apple_keychain_mac.mm", |
| 30 "capi_util.cc", |
| 31 "capi_util.h", |
| 32 "crypto_export.h", |
| 33 "cssm_init.cc", |
| 34 "cssm_init.h", |
| 35 "curve25519-donna.c", |
| 36 "curve25519.cc", |
| 37 "curve25519.h", |
| 38 "ec_private_key.h", |
| 39 "ec_private_key_nss.cc", |
| 40 "ec_private_key_openssl.cc", |
| 41 "ec_signature_creator.cc", |
| 42 "ec_signature_creator.h", |
| 43 "ec_signature_creator_impl.h", |
| 44 "ec_signature_creator_nss.cc", |
| 45 "ec_signature_creator_openssl.cc", |
| 46 "encryptor.cc", |
| 47 "encryptor.h", |
| 48 "encryptor_nss.cc", |
| 49 "encryptor_openssl.cc", |
| 50 "ghash.cc", |
| 51 "ghash.h", |
| 52 "hkdf.cc", |
| 53 "hkdf.h", |
| 54 "hmac.cc", |
| 55 "hmac.h", |
| 56 "hmac_nss.cc", |
| 57 "hmac_openssl.cc", |
| 58 "mac_security_services_lock.cc", |
| 59 "mac_security_services_lock.h", |
| 60 |
| 61 # TODO(brettw) these mocks should be moved to a test_support_crypto target |
| 62 # if possible. |
| 63 "mock_apple_keychain.cc", |
| 64 "mock_apple_keychain.h", |
| 65 "mock_apple_keychain_ios.cc", |
| 66 "mock_apple_keychain_mac.cc", |
| 67 "nss_key_util.cc", |
| 68 "nss_key_util.h", |
| 69 "nss_util.cc", |
| 70 "nss_util.h", |
| 71 "nss_util_internal.h", |
| 72 "openssl_bio_string.cc", |
| 73 "openssl_bio_string.h", |
| 74 "openssl_util.cc", |
| 75 "openssl_util.h", |
| 76 "p224.cc", |
| 77 "p224.h", |
| 78 "p224_spake.cc", |
| 79 "p224_spake.h", |
| 80 "random.cc", |
| 81 "random.h", |
| 82 "rsa_private_key.cc", |
| 83 "rsa_private_key.h", |
| 84 "rsa_private_key_nss.cc", |
| 85 "rsa_private_key_openssl.cc", |
| 86 "scoped_capi_types.h", |
| 87 "scoped_nss_types.h", |
| 88 "secure_hash.h", |
| 89 "secure_hash_default.cc", |
| 90 "secure_hash_openssl.cc", |
| 91 "secure_util.cc", |
| 92 "secure_util.h", |
| 93 "sha2.cc", |
| 94 "sha2.h", |
| 95 "signature_creator.h", |
| 96 "signature_creator_nss.cc", |
| 97 "signature_creator_openssl.cc", |
| 98 "signature_verifier.h", |
| 99 "signature_verifier_nss.cc", |
| 100 "signature_verifier_openssl.cc", |
| 101 "symmetric_key.h", |
| 102 "symmetric_key_nss.cc", |
| 103 "symmetric_key_openssl.cc", |
| 104 "third_party/nss/chromium-blapi.h", |
| 105 "third_party/nss/chromium-blapit.h", |
| 106 "third_party/nss/chromium-nss.h", |
| 107 "third_party/nss/chromium-sha256.h", |
| 108 "third_party/nss/pk11akey.cc", |
| 109 "third_party/nss/rsawrapr.c", |
| 110 "third_party/nss/secsign.cc", |
| 111 "third_party/nss/sha512.cc", |
| 112 ] |
| 113 |
| 114 # TODO(jschuh): crbug.com/167187 fix size_t to int truncations. |
| 115 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] |
| 116 |
| 117 deps = [ |
| 118 ":platform", |
| 119 "//base", |
| 120 "//base/third_party/dynamic_annotations", |
| 121 ] |
| 122 |
| 123 if (!is_mac && !is_ios) { |
| 124 sources -= [ |
| 125 "apple_keychain.h", |
| 126 "mock_apple_keychain.cc", |
| 127 "mock_apple_keychain.h", |
| 128 ] |
| 129 } |
| 130 |
| 131 if (!is_mac) { |
| 132 sources -= [ |
| 133 "cssm_init.cc", |
| 134 "cssm_init.h", |
| 135 "mac_security_services_lock.cc", |
| 136 "mac_security_services_lock.h", |
| 137 ] |
| 138 } |
| 139 if (!is_win) { |
| 140 sources -= [ |
| 141 "capi_util.cc", |
| 142 "capi_util.h", |
| 143 ] |
| 144 } |
| 145 |
| 146 if (is_android) { |
| 147 deps += [ "//third_party/android_tools:cpu_features" ] |
| 148 } |
| 149 |
| 150 if (use_openssl) { |
| 151 # Remove NSS files when using OpenSSL |
| 152 sources -= [ |
| 153 "aes_128_gcm_helpers_nss.cc", |
| 154 "aes_128_gcm_helpers_nss.h", |
| 155 "ec_private_key_nss.cc", |
| 156 "ec_signature_creator_nss.cc", |
| 157 "encryptor_nss.cc", |
| 158 "hmac_nss.cc", |
| 159 "rsa_private_key_nss.cc", |
| 160 "secure_hash_default.cc", |
| 161 "signature_creator_nss.cc", |
| 162 "signature_verifier_nss.cc", |
| 163 "symmetric_key_nss.cc", |
| 164 "third_party/nss/chromium-blapi.h", |
| 165 "third_party/nss/chromium-blapit.h", |
| 166 "third_party/nss/chromium-nss.h", |
| 167 "third_party/nss/pk11akey.cc", |
| 168 "third_party/nss/rsawrapr.c", |
| 169 "third_party/nss/secsign.cc", |
| 170 ] |
| 171 } else { |
| 172 # Remove OpenSSL when using NSS. |
| 173 sources -= [ |
| 174 "aead_openssl.cc", |
| 175 "aead_openssl.h", |
| 176 "ec_private_key_openssl.cc", |
| 177 "ec_signature_creator_openssl.cc", |
| 178 "encryptor_openssl.cc", |
| 179 "hmac_openssl.cc", |
| 180 "openssl_bio_string.cc", |
| 181 "openssl_bio_string.h", |
| 182 "openssl_util.cc", |
| 183 "openssl_util.h", |
| 184 "rsa_private_key_openssl.cc", |
| 185 "secure_hash_openssl.cc", |
| 186 "signature_creator_openssl.cc", |
| 187 "signature_verifier_openssl.cc", |
| 188 "symmetric_key_openssl.cc", |
| 189 ] |
| 190 } |
| 191 |
| 192 # Some files are built when NSS is used at all, either for the internal cryp
to |
| 193 # library or the platform certificate library. |
| 194 if (use_openssl && !use_nss_certs) { |
| 195 sources -= [ |
| 196 "nss_key_util.cc", |
| 197 "nss_key_util.h", |
| 198 "nss_util.cc", |
| 199 "nss_util.h", |
| 200 "nss_util_internal.h", |
| 201 ] |
| 202 } |
| 203 |
| 204 defines = [ "CRYPTO_IMPLEMENTATION" ] |
| 205 } |
| 206 } |
| 207 |
| 208 # TODO(GYP): TODO(dpranke), fix the compile errors for this stuff |
| 209 # and make it work. |
| 210 if (false && is_win) { |
| 211 # A minimal crypto subset for hmac-related stuff that small standalone |
| 212 # targets can use to reduce code size on Windows. This does not depend on |
| 213 # OpenSSL/NSS but will use Windows APIs for that functionality. |
| 214 source_set("crypto_minimal_win") { |
| 215 sources = [ |
| 216 "crypto_export.h", |
| 217 "hmac.cc", |
| 218 "hmac.h", |
| 219 "hmac_win.cc", |
| 220 "scoped_capi_types.h", |
| 221 "scoped_nss_types.h", |
| 222 "secure_util.cc", |
| 223 "secure_util.h", |
| 224 "symmetric_key.h", |
| 225 "symmetric_key_win.cc", |
| 226 "third_party/nss/chromium-blapi.h", |
| 227 "third_party/nss/chromium-sha256.h", |
| 228 "third_party/nss/sha512.cc", |
| 229 ] |
| 230 |
| 231 deps = [ |
| 232 "//base", |
| 233 "//base/third_party/dynamic_annotations", |
| 234 ] |
| 235 |
| 236 defines = [ "CRYPTO_IMPLEMENTATION" ] |
| 237 } |
| 238 } |
| 239 |
| 240 test("crypto_unittests") { |
| 241 sources = [ |
| 242 # Tests. |
| 243 "aes_128_gcm_helpers_nss_unittest.cc", |
| 244 "curve25519_unittest.cc", |
| 245 "ec_private_key_unittest.cc", |
| 246 "ec_signature_creator_unittest.cc", |
| 247 "encryptor_unittest.cc", |
| 248 "ghash_unittest.cc", |
| 249 "hkdf_unittest.cc", |
| 250 "hmac_unittest.cc", |
| 251 "nss_key_util_unittest.cc", |
| 252 "nss_util_unittest.cc", |
| 253 "openssl_bio_string_unittest.cc", |
| 254 "p224_spake_unittest.cc", |
| 255 "p224_unittest.cc", |
| 256 "random_unittest.cc", |
| 257 "rsa_private_key_unittest.cc", |
| 258 "secure_hash_unittest.cc", |
| 259 "sha2_unittest.cc", |
| 260 "signature_creator_unittest.cc", |
| 261 "signature_verifier_unittest.cc", |
| 262 "symmetric_key_unittest.cc", |
| 263 ] |
| 264 |
| 265 # Some files are built when NSS is used at all, either for the internal crypto |
| 266 # library or the platform certificate library. |
| 267 if (use_openssl && !use_nss_certs) { |
| 268 sources -= [ |
| 269 "nss_key_util_unittest.cc", |
| 270 "nss_util_unittest.cc", |
| 271 ] |
| 272 } |
| 273 |
| 274 if (use_openssl) { |
| 275 sources -= [ "aes_128_gcm_helpers_nss_unittest.cc" ] |
| 276 } else { |
| 277 sources -= [ "openssl_bio_string_unittest.cc" ] |
| 278 } |
| 279 |
| 280 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] |
| 281 |
| 282 deps = [ |
| 283 ":crypto", |
| 284 ":platform", |
| 285 ":test_support", |
| 286 "//base", |
| 287 "//base/test:run_all_unittests", |
| 288 "//base/test:test_support", |
| 289 "//testing/gmock", |
| 290 "//testing/gtest", |
| 291 ] |
| 292 } |
| 293 |
| 294 source_set("test_support") { |
| 295 sources = [ |
| 296 "scoped_test_nss_chromeos_user.cc", |
| 297 "scoped_test_nss_chromeos_user.h", |
| 298 "scoped_test_nss_db.cc", |
| 299 "scoped_test_nss_db.h", |
| 300 "scoped_test_system_nss_key_slot.cc", |
| 301 "scoped_test_system_nss_key_slot.h", |
| 302 ] |
| 303 deps = [ |
| 304 ":crypto", |
| 305 ":platform", |
| 306 "//base", |
| 307 ] |
| 308 |
| 309 if (!use_nss_certs) { |
| 310 sources -= [ |
| 311 "scoped_test_nss_db.cc", |
| 312 "scoped_test_nss_db.h", |
| 313 ] |
| 314 } |
| 315 |
| 316 if (!is_chromeos) { |
| 317 sources -= [ |
| 318 "scoped_test_nss_chromeos_user.cc", |
| 319 "scoped_test_nss_chromeos_user.h", |
| 320 "scoped_test_system_nss_key_slot.cc", |
| 321 "scoped_test_system_nss_key_slot.h", |
| 322 ] |
| 323 } |
| 324 } |
| 325 |
| 326 config("platform_config") { |
| 327 if ((!use_openssl || use_nss_certs) && is_clang) { |
| 328 # There is a broken header guard in /usr/include/nss/secmod.h: |
| 329 # https://bugzilla.mozilla.org/show_bug.cgi?id=884072 |
| 330 cflags = [ "-Wno-header-guard" ] |
| 331 } |
| 332 } |
| 333 |
| 334 # This is a meta-target that forwards to NSS's SSL library or OpenSSL, |
| 335 # according to the state of the crypto flags. A target just wanting to depend |
| 336 # on the current SSL library should just depend on this. |
| 337 group("platform") { |
| 338 if (use_openssl) { |
| 339 public_deps = [ |
| 340 "//third_party/boringssl", |
| 341 ] |
| 342 } else { |
| 343 deps = [ |
| 344 "//net/third_party/nss/ssl:libssl", |
| 345 ] |
| 346 } |
| 347 |
| 348 # Link in NSS if it is used for either the internal crypto library |
| 349 # (!use_openssl) or platform certificate library (use_nss_certs). |
| 350 if (!use_openssl || use_nss_certs) { |
| 351 if (is_linux) { |
| 352 # On Linux, we use the system NSS (excepting SSL where we always use our |
| 353 # own). |
| 354 public_configs = [ ":platform_config" ] |
| 355 if (!use_openssl) { |
| 356 # If using a bundled copy of NSS's SSL library, ensure the bundled SSL |
| 357 # header search path comes before the system one so our versions are |
| 358 # used. The libssl target will add the search path we want, but |
| 359 # according to GN's ordering rules, public_configs' search path will get |
| 360 # applied before ones inherited from our dependencies. Therefore, we |
| 361 # need to explicitly list our custom libssl's config here before the |
| 362 # system one. |
| 363 public_configs += [ "//net/third_party/nss/ssl:ssl_config" ] |
| 364 } |
| 365 public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ] |
| 366 } else { |
| 367 # Non-Linux platforms use the hermetic NSS from the tree. |
| 368 public_deps = [ |
| 369 "//third_party/nss:nspr", |
| 370 "//third_party/nss:nss", |
| 371 ] |
| 372 } |
| 373 } |
| 374 } |
| OLD | NEW |
|---|
Chromium Code Reviews
