| Index: crypto/BUILD.gn
|
| diff --git a/crypto/BUILD.gn b/crypto/BUILD.gn
|
| index 78af75a96107a88bd73b537624a5a2ba4716fa50..f6c45aad72d3b55c99334d9c91bdca793a4699b1 100644
|
| --- a/crypto/BUILD.gn
|
| +++ b/crypto/BUILD.gn
|
| @@ -8,23 +8,120 @@ import("//testing/test.gni")
|
| component("crypto") {
|
| output_name = "crcrypto" # Avoid colliding with OpenSSL's libcrypto.
|
| sources = [
|
| + "apple_keychain.h",
|
| + "apple_keychain_ios.mm",
|
| + "apple_keychain_mac.mm",
|
| + "capi_util.cc",
|
| + "capi_util.h",
|
| "crypto_export.h",
|
| + "cssm_init.cc",
|
| + "cssm_init.h",
|
| + "curve25519.cc",
|
| + "curve25519-donna.c",
|
| + "curve25519.h",
|
| + "ec_private_key.h",
|
| + "ec_private_key_nss.cc",
|
| + "ec_private_key_openssl.cc",
|
| + "ec_signature_creator.cc",
|
| + "ec_signature_creator.h",
|
| + "ec_signature_creator_impl.h",
|
| + "ec_signature_creator_nss.cc",
|
| + "ec_signature_creator_openssl.cc",
|
| + "encryptor.cc",
|
| + "encryptor.h",
|
| + "encryptor_nss.cc",
|
| + "encryptor_openssl.cc",
|
| + "ghash.cc",
|
| + "ghash.h",
|
| + "hkdf.cc",
|
| + "hkdf.h",
|
| + "hmac.cc",
|
| + "hmac.h",
|
| + "hmac_nss.cc",
|
| + "hmac_openssl.cc",
|
| + "mac_security_services_lock.cc",
|
| + "mac_security_services_lock.h",
|
| +
|
| + # TODO(brettw) these mocks should be moved to a test_support_crypto target
|
| + # if possible.
|
| + "mock_apple_keychain.cc",
|
| + "mock_apple_keychain.h",
|
| + "mock_apple_keychain_ios.cc",
|
| + "mock_apple_keychain_mac.cc",
|
| + "nss_util.cc",
|
| + "nss_util.h",
|
| + "nss_util_internal.h",
|
| + "openssl_bio_string.cc",
|
| + "openssl_bio_string.h",
|
| "openssl_util.cc",
|
| "openssl_util.h",
|
| + "p224.cc",
|
| + "p224.h",
|
| + "p224_spake.cc",
|
| + "p224_spake.h",
|
| "random.cc",
|
| "random.h",
|
| + "rsa_private_key.cc",
|
| + "rsa_private_key.h",
|
| + "rsa_private_key_nss.cc",
|
| + "rsa_private_key_openssl.cc",
|
| + "scoped_capi_types.h",
|
| + "scoped_nss_types.h",
|
| + "secure_hash_default.cc",
|
| "secure_hash.h",
|
| "secure_hash_openssl.cc",
|
| + "secure_util.cc",
|
| + "secure_util.h",
|
| "sha2.cc",
|
| "sha2.h",
|
| + "signature_creator.h",
|
| + "signature_creator_nss.cc",
|
| + "signature_creator_openssl.cc",
|
| + "signature_verifier.h",
|
| + "signature_verifier_nss.cc",
|
| + "signature_verifier_openssl.cc",
|
| + "symmetric_key.h",
|
| + "symmetric_key_nss.cc",
|
| + "symmetric_key_openssl.cc",
|
| + "third_party/nss/chromium-blapi.h",
|
| + "third_party/nss/chromium-blapit.h",
|
| + "third_party/nss/chromium-nss.h",
|
| + "third_party/nss/chromium-sha256.h",
|
| + "third_party/nss/pk11akey.cc",
|
| + "third_party/nss/rsawrapr.c",
|
| + "third_party/nss/secsign.cc",
|
| + "third_party/nss/sha512.cc",
|
| ]
|
|
|
| deps = [
|
| + ":platform",
|
| "//base",
|
| "//base/third_party/dynamic_annotations",
|
| - "//third_party/boringssl",
|
| ]
|
|
|
| + if (!is_mac && !is_ios) {
|
| + sources -= [
|
| + "apple_keychain.h",
|
| + "mock_apple_keychain.cc",
|
| + "mock_apple_keychain.h",
|
| + ]
|
| + }
|
| +
|
| + if (!is_mac) {
|
| + sources -= [
|
| + "cssm_init.cc",
|
| + "cssm_init.h",
|
| + "mac_security_services_lock.cc",
|
| + "mac_security_services_lock.h",
|
| + ]
|
| + }
|
| + if (!is_win) {
|
| + sources -= [
|
| + "capi_util.cc",
|
| + "capi_util.h",
|
| + ]
|
| + }
|
| +
|
| if (is_android) {
|
| deps += [ "//third_party/android_tools:cpu_features" ]
|
| }
|
| @@ -34,27 +131,195 @@ component("crypto") {
|
| cflags = [ "/wd4267" ]
|
| }
|
|
|
| + if (use_openssl) {
|
| + # Remove NSS files when using OpenSSL
|
| + sources -= [
|
| + "ec_private_key_nss.cc",
|
| + "ec_signature_creator_nss.cc",
|
| + "encryptor_nss.cc",
|
| + "hmac_nss.cc",
|
| + "nss_util.cc",
|
| + "nss_util.h",
|
| + "nss_util_internal.h",
|
| + "rsa_private_key_nss.cc",
|
| + "secure_hash_default.cc",
|
| + "signature_creator_nss.cc",
|
| + "signature_verifier_nss.cc",
|
| + "symmetric_key_nss.cc",
|
| + "third_party/nss/chromium-blapi.h",
|
| + "third_party/nss/chromium-blapit.h",
|
| + "third_party/nss/chromium-nss.h",
|
| + "third_party/nss/pk11akey.cc",
|
| + "third_party/nss/rsawrapr.c",
|
| + "third_party/nss/secsign.cc",
|
| + ]
|
| + } else {
|
| + # Remove OpenSSL when using NSS.
|
| + sources -= [
|
| + "ec_private_key_openssl.cc",
|
| + "ec_signature_creator_openssl.cc",
|
| + "encryptor_openssl.cc",
|
| + "hmac_openssl.cc",
|
| + "openssl_bio_string.cc",
|
| + "openssl_bio_string.h",
|
| + "openssl_util.cc",
|
| + "openssl_util.h",
|
| + "rsa_private_key_openssl.cc",
|
| + "secure_hash_openssl.cc",
|
| + "signature_creator_openssl.cc",
|
| + "signature_verifier_openssl.cc",
|
| + "symmetric_key_openssl.cc",
|
| + ]
|
| + }
|
| +
|
| defines = [ "CRYPTO_IMPLEMENTATION" ]
|
| }
|
|
|
| +# TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
|
| +# and make it work.
|
| +if (false && is_win) {
|
| + # A minimal crypto subset for hmac-related stuff that small standalone
|
| + # targets can use to reduce code size on Windows. This does not depend on
|
| + # OpenSSL/NSS but will use Windows APIs for that functionality.
|
| + source_set("crypto_minimal_win") {
|
| + sources = [
|
| + "crypto_export.h",
|
| + "hmac.cc",
|
| + "hmac.h",
|
| + "hmac_win.cc",
|
| + "scoped_capi_types.h",
|
| + "scoped_nss_types.h",
|
| + "secure_util.cc",
|
| + "secure_util.h",
|
| + "symmetric_key.h",
|
| + "symmetric_key_win.cc",
|
| + "third_party/nss/chromium-blapi.h",
|
| + "third_party/nss/chromium-sha256.h",
|
| + "third_party/nss/sha512.cc",
|
| + ]
|
| +
|
| + deps = [
|
| + "//base",
|
| + "//base/third_party/dynamic_annotations",
|
| + ]
|
| +
|
| + defines = [ "CRYPTO_IMPLEMENTATION" ]
|
| + }
|
| +}
|
| +
|
| # TODO(GYP): Make this link on win as well.
|
| if (!is_win) {
|
| test("crypto_unittests") {
|
| sources = [
|
| # Tests.
|
| + "curve25519_unittest.cc",
|
| + "ec_private_key_unittest.cc",
|
| + "ec_signature_creator_unittest.cc",
|
| + "encryptor_unittest.cc",
|
| + "ghash_unittest.cc",
|
| + "hkdf_unittest.cc",
|
| + "hmac_unittest.cc",
|
| + "nss_util_unittest.cc",
|
| + "openssl_bio_string_unittest.cc",
|
| + "p224_unittest.cc",
|
| + "p224_spake_unittest.cc",
|
| "random_unittest.cc",
|
| + "rsa_private_key_unittest.cc",
|
| + "rsa_private_key_nss_unittest.cc",
|
| "secure_hash_unittest.cc",
|
| "sha2_unittest.cc",
|
| + "signature_creator_unittest.cc",
|
| + "signature_verifier_unittest.cc",
|
| + "symmetric_key_unittest.cc",
|
| ]
|
|
|
| + if (use_openssl || !is_linux) {
|
| + sources -= [ "rsa_private_key_nss_unittest.cc" ]
|
| + }
|
| +
|
| + if (use_openssl) {
|
| + sources -= [ "nss_util_unittest.cc" ]
|
| + } else {
|
| + sources -= [ "openssl_bio_string_unittest.cc" ]
|
| + }
|
| +
|
| deps = [
|
| ":crypto",
|
| + ":platform",
|
| + ":test_support",
|
| "//base",
|
| "//base/test:run_all_unittests",
|
| "//base/test:test_support",
|
| "//testing/gmock",
|
| "//testing/gtest",
|
| + ]
|
| + }
|
| +}
|
| +
|
| +source_set("test_support") {
|
| + sources = [
|
| + "scoped_test_nss_db.cc",
|
| + "scoped_test_nss_db.h",
|
| + "scoped_test_nss_chromeos_user.cc",
|
| + "scoped_test_nss_chromeos_user.h",
|
| + "scoped_test_system_nss_key_slot.cc",
|
| + "scoped_test_system_nss_key_slot.h",
|
| + ]
|
| + deps = [
|
| + ":crypto",
|
| + ":platform",
|
| + "//base",
|
| + ]
|
| +
|
| + if (!use_nss_certs) {
|
| + sources -= [
|
| + "scoped_test_nss_db.cc",
|
| + "scoped_test_nss_db.h",
|
| + ]
|
| + }
|
| +
|
| + if (!is_chromeos) {
|
| + sources -= [
|
| + "scoped_test_nss_chromeos_user.cc",
|
| + "scoped_test_nss_chromeos_user.h",
|
| + "scoped_test_system_nss_key_slot.cc",
|
| + "scoped_test_system_nss_key_slot.h",
|
| + ]
|
| + }
|
| +}
|
| +
|
| +# This is a meta-target that forwards to NSS's SSL library or OpenSSL,
|
| +# according to the state of the crypto flags. A target just wanting to depend
|
| +# on the current SSL library should just depend on this.
|
| +group("platform") {
|
| + if (use_openssl) {
|
| + deps = [
|
| "//third_party/boringssl",
|
| ]
|
| + } else {
|
| + deps = [
|
| + "//net/third_party/nss/ssl:libssl",
|
| + ]
|
| + if (is_linux) {
|
| + # On Linux, we use the system NSS (excepting SSL where we always use our
|
| + # own).
|
| + #
|
| + # We always need our SSL header search path to come before the system one
|
| + # so our versions are used. The libssl target will add the search path we
|
| + # want, but according to GN's ordering rules, public_configs' search path
|
| + # will get applied before ones inherited from our dependencies.
|
| + # Therefore, we need to explicitly list our custom libssl's config here
|
| + # before the system one.
|
| + public_configs = [
|
| + "//net/third_party/nss/ssl:ssl_config",
|
| + "//third_party/nss:system_nss_no_ssl_config",
|
| + ]
|
| + } else {
|
| + # Non-Linux platforms use the hermetic NSS from the tree.
|
| + deps += [
|
| + "//third_party/nss:nspr",
|
| + "//third_party/nss:nss",
|
| + ]
|
| + }
|
| }
|
| }
|
|
|
Chromium Code Reviews
Issue 951893002:
Revert "Cut down /crypto and switch what is left of it to boringssl." (Closed)
Base URL: git@github.com:domokit/mojo.git@master