crypto/BUILD.gn

# Copyright (c) 2013 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

import("//build/config/crypto.gni")

component("crypto") {
  output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
  sources = [
    "apple_keychain.h",
    "apple_keychain_ios.mm",
    "apple_keychain_mac.mm",
    "capi_util.cc",
    "capi_util.h",
    "crypto_export.h",
    "cssm_init.cc",
    "cssm_init.h",
    "curve25519.cc",
    "curve25519-donna.c",
    "curve25519.h",
    "ec_private_key.h",
    "ec_private_key_nss.cc",
    "ec_private_key_openssl.cc",
    "ec_signature_creator.cc",
    "ec_signature_creator.h",
    "ec_signature_creator_impl.h",
    "ec_signature_creator_nss.cc",
    "ec_signature_creator_openssl.cc",
    "encryptor.cc",
    "encryptor.h",
    "encryptor_nss.cc",
    "encryptor_openssl.cc",
    "ghash.cc",
    "ghash.h",
    "hkdf.cc",
    "hkdf.h",
    "hmac.cc",
    "hmac.h",
    "hmac_nss.cc",
    "hmac_openssl.cc",
    "mac_security_services_lock.cc",
    "mac_security_services_lock.h",
    # TODO(brettw) these mocks should be moved to a test_support_crypto target
    # if possible.
    "mock_apple_keychain.cc",
    "mock_apple_keychain.h",
    "mock_apple_keychain_ios.cc",
    "mock_apple_keychain_mac.cc",
    "nss_util.cc",
    "nss_util.h",
    "nss_util_internal.h",
    "openssl_bio_string.cc",
    "openssl_bio_string.h",
    "openssl_util.cc",
    "openssl_util.h",
    "p224.cc",
    "p224.h",
    "p224_spake.cc",
    "p224_spake.h",
    "random.cc",
    "random.h",
    "rsa_private_key.cc",
    "rsa_private_key.h",
    "rsa_private_key_nss.cc",
    "rsa_private_key_openssl.cc",
    "scoped_capi_types.h",
    "scoped_nss_types.h",
    "secure_hash_default.cc",
    "secure_hash.h",
    "secure_hash_openssl.cc",
    "secure_util.cc",
    "secure_util.h",
    "sha2.cc",
    "sha2.h",
    "signature_creator.h",
    "signature_creator_nss.cc",
    "signature_creator_openssl.cc",
    "signature_verifier.h",
    "signature_verifier_nss.cc",
    "signature_verifier_openssl.cc",
    "symmetric_key.h",
    "symmetric_key_nss.cc",
    "symmetric_key_openssl.cc",
    "third_party/nss/chromium-blapi.h",
    "third_party/nss/chromium-blapit.h",
    "third_party/nss/chromium-nss.h",
    "third_party/nss/chromium-sha256.h",
    "third_party/nss/pk11akey.cc",
    "third_party/nss/rsawrapr.c",
    "third_party/nss/secsign.cc",
    "third_party/nss/sha512.cc",
  ]

  deps = [
    ":platform",
    "//base",
    "//base/third_party/dynamic_annotations",
  ]

  if (!is_mac && !is_ios) {
    sources -= [
      "apple_keychain.h",
      "mock_apple_keychain.cc",
      "mock_apple_keychain.h",
    ]
  }

  if (!is_mac) {
    sources -= [
      "cssm_init.cc",
      "cssm_init.h",
      "mac_security_services_lock.cc",
      "mac_security_services_lock.h",
    ]
  }
  if (!is_win) {
    sources -= [
      "capi_util.cc",
      "capi_util.h",
    ]
  }

  if (is_android) {
    deps += [ "//third_party/android_tools:cpu_features" ]
  }

  if (use_openssl) {
    # Remove NSS files when using OpenSSL
    sources -= [
      "ec_private_key_nss.cc",
      "ec_signature_creator_nss.cc",
      "encryptor_nss.cc",
      "hmac_nss.cc",
      "nss_util.cc",
      "nss_util.h",
      "nss_util_internal.h",
      "rsa_private_key_nss.cc",
      "secure_hash_default.cc",
      "signature_creator_nss.cc",
      "signature_verifier_nss.cc",
      "symmetric_key_nss.cc",
      "third_party/nss/chromium-blapi.h",
      "third_party/nss/chromium-blapit.h",
      "third_party/nss/chromium-nss.h",
      "third_party/nss/pk11akey.cc",
      "third_party/nss/rsawrapr.c",
      "third_party/nss/secsign.cc",
    ]
  } else {
    # Remove OpenSSL when using NSS.
    sources -= [
      "ec_private_key_openssl.cc",
      "ec_signature_creator_openssl.cc",
      "encryptor_openssl.cc",
      "hmac_openssl.cc",
      "openssl_bio_string.cc",
      "openssl_bio_string.h",
      "openssl_util.cc",
      "openssl_util.h",
      "rsa_private_key_openssl.cc",
      "secure_hash_openssl.cc",
      "signature_creator_openssl.cc",
      "signature_verifier_openssl.cc",
      "symmetric_key_openssl.cc",
    ]
  }

  defines = [ "CRYPTO_IMPLEMENTATION" ]
}

# TODO(GYP): TODO(dpranke), fix the compile errors for this stuff
# and make it work.
if (false && is_win) {
  # A minimal crypto subset for hmac-related stuff that small standalone
  # targets can use to reduce code size on Windows. This does not depend on
  # OpenSSL/NSS but will use Windows APIs for that functionality.
  source_set("crypto_minimal_win") {
    sources = [
      "crypto_export.h",
      "hmac.cc",
      "hmac.h",
      "hmac_win.cc",
      "scoped_capi_types.h",
      "scoped_nss_types.h",
      "secure_util.cc",
      "secure_util.h",
      "symmetric_key.h",
      "symmetric_key_win.cc",
      "third_party/nss/chromium-blapi.h",
      "third_party/nss/chromium-sha256.h",
      "third_party/nss/sha512.cc",
    ]

    deps = [
      "//base",
      "//base/third_party/dynamic_annotations",
    ]

    defines = [ "CRYPTO_IMPLEMENTATION" ]
  }
}

# TODO(GYP): Make this link on win as well.
if (!is_win) {
  test("crypto_unittests") {
    sources = [
      # Tests.
      "curve25519_unittest.cc",
      "ec_private_key_unittest.cc",
      "ec_signature_creator_unittest.cc",
      "encryptor_unittest.cc",
      "ghash_unittest.cc",
      "hkdf_unittest.cc",
      "hmac_unittest.cc",
      "nss_util_unittest.cc",
      "openssl_bio_string_unittest.cc",
      "p224_unittest.cc",
      "p224_spake_unittest.cc",
      "random_unittest.cc",
      "rsa_private_key_unittest.cc",
      "rsa_private_key_nss_unittest.cc",
      "secure_hash_unittest.cc",
      "sha2_unittest.cc",
      "signature_creator_unittest.cc",
      "signature_verifier_unittest.cc",
      "symmetric_key_unittest.cc",
    ]

    if (use_openssl || !is_linux) {
      sources -= [
        "rsa_private_key_nss_unittest.cc",
      ]
    }

    if (use_openssl) {
      sources -= [ "nss_util_unittest.cc" ]
    } else {
      sources -= [ "openssl_bio_string_unittest.cc" ]
    }

    deps = [
      ":crypto",
      ":platform",
      ":test_support",
      "//base",
      "//base/test:run_all_unittests",
      "//base/test:test_support",
      "//testing/gmock",
      "//testing/gtest",
    ]
  }
}

source_set("test_support") {
  sources = [
    "scoped_test_nss_db.cc",
    "scoped_test_nss_db.h",
    "scoped_test_nss_chromeos_user.cc",
    "scoped_test_nss_chromeos_user.h",
    "scoped_test_system_nss_key_slot.cc",
    "scoped_test_system_nss_key_slot.h",
  ]
  deps = [
    ":crypto",
    ":platform",
    "//base",
  ]

  if (!use_nss_certs) {
    sources -= [
      "scoped_test_nss_db.cc",
      "scoped_test_nss_db.h",
    ]
  }

  if (!is_chromeos) {
    sources -= [
      "scoped_test_nss_chromeos_user.cc",
      "scoped_test_nss_chromeos_user.h",
      "scoped_test_system_nss_key_slot.cc",
      "scoped_test_system_nss_key_slot.h",
    ]
  }
}

# This is a meta-target that forwards to NSS's SSL library or OpenSSL,
# according to the state of the crypto flags. A target just wanting to depend
# on the current SSL library should just depend on this.
group("platform") {
  if (use_openssl) {
    deps = [ "//third_party/boringssl" ]
  } else {
    deps = [ "//net/third_party/nss/ssl:libssl" ]
    if (is_linux) {
      # On Linux, we use the system NSS (excepting SSL where we always use our
      # own).
      #
      # We always need our SSL header search path to come before the system one
      # so our versions are used. The libssl target will add the search path we
      # want, but according to GN's ordering rules, public_configs' search path
      # will get applied before ones inherited from our dependencies.
      # Therefore, we need to explicitly list our custom libssl's config here
      # before the system one.
      public_configs = [
        "//net/third_party/nss/ssl:ssl_config",
        "//third_party/nss:system_nss_no_ssl_config",
      ]
    } else {
      # Non-Linux platforms use the hermetic NSS from the tree.
      deps += [
        "//third_party/nss:nspr",
        "//third_party/nss:nss",
      ]
    }
  }
}