OLD | NEW |
---|---|
1 # Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 # Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
4 | 4 |
5 import("//build/config/crypto.gni") | 5 import("//build/config/crypto.gni") |
6 import("//testing/test.gni") | 6 import("//testing/test.gni") |
7 | 7 |
8 component("crypto") { | 8 component("crypto") { |
9 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. | 9 output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto. |
10 sources = [ | 10 sources = [ |
11 "aead_openssl.cc", | 11 "aead_openssl.cc", |
12 "aead_openssl.h", | 12 "aead_openssl.h", |
13 "apple_keychain.h", | 13 "apple_keychain.h", |
14 "apple_keychain_ios.mm", | 14 "apple_keychain_ios.mm", |
15 "apple_keychain_mac.mm", | 15 "apple_keychain_mac.mm", |
16 "auto_cbb.h", | 16 "auto_cbb.h", |
17 "capi_util.cc", | 17 "capi_util.cc", |
18 "capi_util.h", | 18 "capi_util.h", |
19 "crypto_export.h", | 19 "crypto_export.h", |
20 "cssm_init.cc", | 20 "cssm_init.cc", |
21 "cssm_init.h", | 21 "cssm_init.h", |
22 "curve25519-donna.c", | |
23 "curve25519.h", | 22 "curve25519.h", |
24 "curve25519_nss.cc", | |
25 "curve25519_openssl.cc", | 23 "curve25519_openssl.cc", |
26 "ec_private_key.h", | 24 "ec_private_key.h", |
27 "ec_private_key_nss.cc", | |
28 "ec_private_key_openssl.cc", | 25 "ec_private_key_openssl.cc", |
29 "ec_signature_creator.cc", | 26 "ec_signature_creator.cc", |
30 "ec_signature_creator.h", | 27 "ec_signature_creator.h", |
31 "ec_signature_creator_impl.h", | 28 "ec_signature_creator_impl.h", |
32 "ec_signature_creator_nss.cc", | |
33 "ec_signature_creator_openssl.cc", | 29 "ec_signature_creator_openssl.cc", |
34 "encryptor.cc", | 30 "encryptor.cc", |
35 "encryptor.h", | 31 "encryptor.h", |
36 "encryptor_nss.cc", | |
37 "encryptor_openssl.cc", | 32 "encryptor_openssl.cc", |
38 "hkdf.cc", | 33 "hkdf.cc", |
39 "hkdf.h", | 34 "hkdf.h", |
40 "hmac.cc", | 35 "hmac.cc", |
41 "hmac.h", | 36 "hmac.h", |
42 "hmac_nss.cc", | |
43 "hmac_openssl.cc", | 37 "hmac_openssl.cc", |
44 "mac_security_services_lock.cc", | 38 "mac_security_services_lock.cc", |
45 "mac_security_services_lock.h", | 39 "mac_security_services_lock.h", |
46 | 40 |
47 # TODO(brettw) these mocks should be moved to a test_support_crypto target | 41 # TODO(brettw) these mocks should be moved to a test_support_crypto target |
48 # if possible. | 42 # if possible. |
49 "mock_apple_keychain.cc", | 43 "mock_apple_keychain.cc", |
50 "mock_apple_keychain.h", | 44 "mock_apple_keychain.h", |
51 "mock_apple_keychain_ios.cc", | 45 "mock_apple_keychain_ios.cc", |
52 "mock_apple_keychain_mac.cc", | 46 "mock_apple_keychain_mac.cc", |
53 "nss_key_util.cc", | 47 "nss_key_util.cc", |
54 "nss_key_util.h", | 48 "nss_key_util.h", |
55 "nss_util.cc", | 49 "nss_util.cc", |
56 "nss_util.h", | 50 "nss_util.h", |
57 "nss_util_internal.h", | 51 "nss_util_internal.h", |
58 "openssl_bio_string.cc", | 52 "openssl_bio_string.cc", |
59 "openssl_bio_string.h", | 53 "openssl_bio_string.h", |
60 "openssl_util.cc", | 54 "openssl_util.cc", |
61 "openssl_util.h", | 55 "openssl_util.h", |
62 "p224.cc", | 56 "p224.cc", |
63 "p224.h", | 57 "p224.h", |
64 "p224_spake.cc", | 58 "p224_spake.cc", |
65 "p224_spake.h", | 59 "p224_spake.h", |
66 "random.cc", | 60 "random.cc", |
67 "random.h", | 61 "random.h", |
68 "rsa_private_key.h", | 62 "rsa_private_key.h", |
69 "rsa_private_key_nss.cc", | |
70 "rsa_private_key_openssl.cc", | 63 "rsa_private_key_openssl.cc", |
71 "scoped_capi_types.h", | 64 "scoped_capi_types.h", |
72 "scoped_nss_types.h", | 65 "scoped_nss_types.h", |
73 "secure_hash.h", | 66 "secure_hash.h", |
74 "secure_hash_default.cc", | |
75 "secure_hash_openssl.cc", | 67 "secure_hash_openssl.cc", |
76 "secure_util.cc", | 68 "secure_util.cc", |
77 "secure_util.h", | 69 "secure_util.h", |
78 "sha2.cc", | 70 "sha2.cc", |
79 "sha2.h", | 71 "sha2.h", |
80 "signature_creator.h", | 72 "signature_creator.h", |
81 "signature_creator_nss.cc", | |
82 "signature_creator_openssl.cc", | 73 "signature_creator_openssl.cc", |
83 "signature_verifier.h", | 74 "signature_verifier.h", |
84 "signature_verifier_nss.cc", | |
85 "signature_verifier_openssl.cc", | 75 "signature_verifier_openssl.cc", |
86 "symmetric_key.h", | 76 "symmetric_key.h", |
87 "symmetric_key_nss.cc", | |
88 "symmetric_key_openssl.cc", | 77 "symmetric_key_openssl.cc", |
89 "third_party/nss/chromium-blapi.h", | |
90 "third_party/nss/chromium-blapit.h", | |
91 "third_party/nss/chromium-nss.h", | |
92 "third_party/nss/chromium-sha256.h", | 78 "third_party/nss/chromium-sha256.h", |
Ryan Sleevi
2016/04/18 14:23:30
Why?
svaldez
2016/04/18 15:09:35
nacl_win64 seems to need it.
| |
93 "third_party/nss/pk11akey.cc", | |
94 "third_party/nss/rsawrapr.c", | |
95 "third_party/nss/secsign.cc", | |
96 "third_party/nss/sha512.cc", | 79 "third_party/nss/sha512.cc", |
Ryan Sleevi
2016/04/18 14:23:30
Why? Now that we're using BoringSSl, we shouldn't
svaldez
2016/04/18 15:09:35
nacl_win64 seems to need it.
Ryan Sleevi
2016/04/18 15:31:40
I guess put differently, should we have nacl_win64
davidben
2016/04/18 16:25:20
This should be excisable, yeah. Either by pulling
| |
97 ] | 80 ] |
98 | 81 |
99 # TODO(jschuh): crbug.com/167187 fix size_t to int truncations. | 82 # TODO(jschuh): crbug.com/167187 fix size_t to int truncations. |
100 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] | 83 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] |
101 | 84 |
102 deps = [ | 85 deps = [ |
103 ":platform", | 86 ":platform", |
104 "//base", | 87 "//base", |
105 "//base/third_party/dynamic_annotations", | 88 "//base/third_party/dynamic_annotations", |
106 ] | 89 ] |
(...skipping 16 matching lines...) Expand all Loading... | |
123 "mac_security_services_lock.h", | 106 "mac_security_services_lock.h", |
124 ] | 107 ] |
125 } | 108 } |
126 if (!is_win) { | 109 if (!is_win) { |
127 sources -= [ | 110 sources -= [ |
128 "capi_util.cc", | 111 "capi_util.cc", |
129 "capi_util.h", | 112 "capi_util.h", |
130 ] | 113 ] |
131 } | 114 } |
132 | 115 |
133 if (use_openssl) { | 116 # Some files are built when NSS is used for the platform certificate library. |
134 # Remove NSS files when using OpenSSL | 117 if (!use_nss_certs) { |
135 sources -= [ | |
136 "curve25519-donna.c", | |
137 "curve25519_nss.cc", | |
138 "ec_private_key_nss.cc", | |
139 "ec_signature_creator_nss.cc", | |
140 "encryptor_nss.cc", | |
141 "hmac_nss.cc", | |
142 "rsa_private_key_nss.cc", | |
143 "secure_hash_default.cc", | |
144 "signature_creator_nss.cc", | |
145 "signature_verifier_nss.cc", | |
146 "symmetric_key_nss.cc", | |
147 "third_party/nss/chromium-blapi.h", | |
148 "third_party/nss/chromium-blapit.h", | |
149 "third_party/nss/chromium-nss.h", | |
150 "third_party/nss/pk11akey.cc", | |
151 "third_party/nss/rsawrapr.c", | |
152 "third_party/nss/secsign.cc", | |
153 ] | |
154 } else { | |
155 # Remove OpenSSL when using NSS. | |
156 sources -= [ | |
157 "aead_openssl.cc", | |
158 "aead_openssl.h", | |
159 "auto_cbb.h", | |
160 "curve25519_openssl.cc", | |
161 "ec_private_key_openssl.cc", | |
162 "ec_signature_creator_openssl.cc", | |
163 "encryptor_openssl.cc", | |
164 "hmac_openssl.cc", | |
165 "openssl_bio_string.cc", | |
166 "openssl_bio_string.h", | |
167 "openssl_util.cc", | |
168 "openssl_util.h", | |
169 "rsa_private_key_openssl.cc", | |
170 "secure_hash_openssl.cc", | |
171 "signature_creator_openssl.cc", | |
172 "signature_verifier_openssl.cc", | |
173 "symmetric_key_openssl.cc", | |
174 ] | |
175 } | |
176 | |
177 # Some files are built when NSS is used at all, either for the internal crypto | |
178 # library or the platform certificate library. | |
179 if (use_openssl && !use_nss_certs) { | |
180 sources -= [ | 118 sources -= [ |
181 "nss_key_util.cc", | 119 "nss_key_util.cc", |
182 "nss_key_util.h", | 120 "nss_key_util.h", |
183 "nss_util.cc", | 121 "nss_util.cc", |
184 "nss_util.h", | 122 "nss_util.h", |
185 "nss_util_internal.h", | 123 "nss_util_internal.h", |
186 ] | 124 ] |
187 } | 125 } |
188 | 126 |
189 defines = [ "CRYPTO_IMPLEMENTATION" ] | 127 defines = [ "CRYPTO_IMPLEMENTATION" ] |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
241 "p224_unittest.cc", | 179 "p224_unittest.cc", |
242 "random_unittest.cc", | 180 "random_unittest.cc", |
243 "rsa_private_key_unittest.cc", | 181 "rsa_private_key_unittest.cc", |
244 "secure_hash_unittest.cc", | 182 "secure_hash_unittest.cc", |
245 "sha2_unittest.cc", | 183 "sha2_unittest.cc", |
246 "signature_creator_unittest.cc", | 184 "signature_creator_unittest.cc", |
247 "signature_verifier_unittest.cc", | 185 "signature_verifier_unittest.cc", |
248 "symmetric_key_unittest.cc", | 186 "symmetric_key_unittest.cc", |
249 ] | 187 ] |
250 | 188 |
251 # Some files are built when NSS is used at all, either for the internal crypto | 189 # Some files are built when NSS is used for the platform certificate library. |
252 # library or the platform certificate library. | 190 if (!use_nss_certs) { |
253 if (use_openssl && !use_nss_certs) { | |
254 sources -= [ | 191 sources -= [ |
255 "nss_key_util_unittest.cc", | 192 "nss_key_util_unittest.cc", |
256 "nss_util_unittest.cc", | 193 "nss_util_unittest.cc", |
257 ] | 194 ] |
258 } | 195 } |
259 | 196 |
260 if (!use_openssl) { | |
261 sources -= [ "openssl_bio_string_unittest.cc" ] | |
262 } | |
263 | |
264 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] | 197 configs += [ "//build/config/compiler:no_size_t_to_int_warning" ] |
265 | 198 |
266 deps = [ | 199 deps = [ |
267 ":crypto", | 200 ":crypto", |
268 ":platform", | 201 ":platform", |
269 ":test_support", | 202 ":test_support", |
270 "//base", | 203 "//base", |
271 "//base/test:run_all_unittests", | 204 "//base/test:run_all_unittests", |
272 "//base/test:test_support", | 205 "//base/test:test_support", |
273 "//testing/gmock", | 206 "//testing/gmock", |
(...skipping 27 matching lines...) Expand all Loading... | |
301 sources -= [ | 234 sources -= [ |
302 "scoped_test_nss_chromeos_user.cc", | 235 "scoped_test_nss_chromeos_user.cc", |
303 "scoped_test_nss_chromeos_user.h", | 236 "scoped_test_nss_chromeos_user.h", |
304 "scoped_test_system_nss_key_slot.cc", | 237 "scoped_test_system_nss_key_slot.cc", |
305 "scoped_test_system_nss_key_slot.h", | 238 "scoped_test_system_nss_key_slot.h", |
306 ] | 239 ] |
307 } | 240 } |
308 } | 241 } |
309 | 242 |
310 config("platform_config") { | 243 config("platform_config") { |
311 if ((!use_openssl || use_nss_certs) && is_clang) { | 244 if (use_nss_certs && is_clang) { |
312 # There is a broken header guard in /usr/include/nss/secmod.h: | 245 # There is a broken header guard in /usr/include/nss/secmod.h: |
313 # https://bugzilla.mozilla.org/show_bug.cgi?id=884072 | 246 # https://bugzilla.mozilla.org/show_bug.cgi?id=884072 |
314 cflags = [ "-Wno-header-guard" ] | 247 cflags = [ "-Wno-header-guard" ] |
315 } | 248 } |
316 } | 249 } |
317 | 250 |
318 # This is a meta-target that forwards to NSS's SSL library or OpenSSL, | 251 # This is a meta-target that forwards to NSS's SSL library or OpenSSL, |
319 # according to the state of the crypto flags. A target just wanting to depend | 252 # according to the state of the crypto flags. A target just wanting to depend |
320 # on the current SSL library should just depend on this. | 253 # on the current SSL library should just depend on this. |
321 group("platform") { | 254 group("platform") { |
322 if (use_openssl) { | 255 public_deps = [ |
323 public_deps = [ | 256 "//third_party/boringssl", |
324 "//third_party/boringssl", | 257 ] |
325 ] | |
326 } else { | |
327 public_deps = [ | |
328 "//net/third_party/nss/ssl:libssl", | |
329 ] | |
330 } | |
331 | 258 |
332 # Link in NSS if it is used for either the internal crypto library | 259 # Link in NSS if it is used for the platform certificate library |
333 # (!use_openssl) or platform certificate library (use_nss_certs). | 260 # (use_nss_certs). |
334 if (!use_openssl || use_nss_certs) { | 261 if (use_nss_certs) { |
335 if (is_linux) { | 262 public_configs = [ ":platform_config" ] |
336 # On Linux, we use the system NSS (excepting SSL where we always use our | 263 public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ] |
337 # own). | |
338 public_configs = [ ":platform_config" ] | |
339 if (!use_openssl) { | |
340 # If using a bundled copy of NSS's SSL library, ensure the bundled SSL | |
341 # header search path comes before the system one so our versions are | |
342 # used. The libssl target will add the search path we want, but | |
343 # according to GN's ordering rules, public_configs' search path will get | |
344 # applied before ones inherited from our dependencies. Therefore, we | |
345 # need to explicitly list our custom libssl's config here before the | |
346 # system one. | |
347 public_configs += [ "//net/third_party/nss/ssl:ssl_config" ] | |
348 } | |
349 public_configs += [ "//third_party/nss:system_nss_no_ssl_config" ] | |
350 } else { | |
351 # Non-Linux platforms use the hermetic NSS from the tree. | |
352 public_deps += [ | |
353 "//third_party/nss:nspr", | |
354 "//third_party/nss:nss", | |
355 ] | |
356 } | |
357 } | 264 } |
358 } | 265 } |
OLD | NEW |