chromium/crypto/BUILD.gn

# Copyright 2013 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

import("//build/buildflag_header.gni")
import("//build/config/chromeos/ui_mode.gni")
import("//components/nacl/toolchain.gni")
import("//crypto/features.gni")
import("//testing/test.gni")

buildflag_header("buildflags") {
  header = "crypto_buildflags.h"
  flags = [ "USE_NSS_CERTS=$use_nss_certs" ]
}

component("crypto") {
  output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
  sources = [
    "aead.cc",
    "aead.h",
    "crypto_export.h",
    "ec_private_key.cc",
    "ec_private_key.h",
    "ec_signature_creator.cc",
    "ec_signature_creator.h",
    "ec_signature_creator_impl.cc",
    "ec_signature_creator_impl.h",
    "encryptor.cc",
    "encryptor.h",
    "features.cc",
    "features.h",
    "hkdf.cc",
    "hkdf.h",
    "hmac.cc",
    "hmac.h",
    "openssl_util.cc",
    "openssl_util.h",
    "p224_spake.cc",
    "p224_spake.h",
    "random.cc",
    "random.h",
    "rsa_private_key.cc",
    "rsa_private_key.h",
    "scoped_nss_types.h",
    "secure_hash.cc",
    "secure_hash.h",
    "secure_util.cc",
    "secure_util.h",
    "sha2.cc",
    "sha2.h",
    "signature_creator.cc",
    "signature_creator.h",
    "signature_verifier.cc",
    "signature_verifier.h",
    "symmetric_key.cc",
    "symmetric_key.h",
    "unexportable_key.cc",
    "unexportable_key.h",
    "unexportable_key_metrics.cc",
    "unexportable_key_metrics.h",
    "unexportable_key_software_unsecure.cc",
    "user_verifying_key.cc",
    "user_verifying_key.h",
  ]

  deps = []

  public_deps = [
    ":buildflags",
    "//base",
    "//third_party/boringssl",
  ]

  if (is_apple) {
    sources += [
      "apple_keychain.h",
      "apple_keychain_util.h",
      "apple_keychain_util.mm",
      "apple_keychain_v2.h",
      "apple_keychain_v2.mm",
    ]

    if (is_mac) {
      sources += [
        "apple_keychain_mac.cc",
        "mac_security_services_lock.cc",
        "mac_security_services_lock.h",
        "scoped_lacontext.h",
        "scoped_lacontext.mm",
        "unexportable_key_mac.h",
        "unexportable_key_mac.mm",
        "user_verifying_key_mac.mm",
      ]
    } else if (is_ios) {
      sources += [ "apple_keychain_ios.mm" ]
    }

    frameworks = [
      "LocalAuthentication.framework",
      "CoreFoundation.framework",
      "CryptoTokenKit.framework",
      "Foundation.framework",
      "Security.framework",
    ]
  }

  if (is_win) {
    sources += [
      "scoped_capi_types.h",
      "scoped_cng_types.h",
      "unexportable_key_win.cc",
      "unexportable_key_win.h",
      "user_verifying_key_win.cc",
    ]
    libs = [ "ncrypt.lib" ]
  }

  # Some files are built when NSS is used for the platform certificate library.
  if (use_nss_certs) {
    sources += [
      "nss_crypto_module_delegate.h",
      "nss_key_util.cc",
      "nss_key_util.h",
      "nss_util.cc",
      "nss_util.h",
      "nss_util_internal.h",
    ]
    deps += [
      "//build:chromeos_buildflags",
      "//components/nacl/common:buildflags",
    ]
    configs += [ "//build/config/linux/nss" ]
  }

  if (is_chromeos_ash && !is_minimal_toolchain) {
    sources += [ "nss_util_chromeos.cc" ]
  }

  if (is_chromeos && !is_minimal_toolchain) {
    sources += [
      "chaps_support.cc",
      "chaps_support.h",
    ]
  }

  defines = [ "CRYPTO_IMPLEMENTATION" ]
}

if (is_apple) {
  source_set("mock_apple_keychain") {
    sources = [
      "mock_apple_keychain.cc",
      "mock_apple_keychain.h",
    ]

    if (is_mac) {
      sources += [ "mock_apple_keychain_mac.cc" ]
    } else if (is_ios) {
      sources += [ "mock_apple_keychain_ios.cc" ]
    }

    deps = [
      ":crypto",
      "//base",
    ]
  }
}

test("crypto_unittests") {
  sources = [
    "aead_unittest.cc",
    "ec_private_key_unittest.cc",
    "ec_signature_creator_unittest.cc",
    "encryptor_unittest.cc",
    "hmac_unittest.cc",
    "p224_spake_unittest.cc",
    "random_unittest.cc",
    "rsa_private_key_unittest.cc",
    "secure_hash_unittest.cc",
    "sha2_unittest.cc",
    "signature_creator_unittest.cc",
    "signature_verifier_unittest.cc",
    "symmetric_key_unittest.cc",
    "unexportable_key_unittest.cc",
  ]

  if (is_win || is_mac) {
    sources += [ "unexportable_key_metrics_unittest.cc" ]
  }

  if (is_apple) {
    sources += [ "mock_apple_keychain_unittest.cc" ]
  }

  if (is_mac) {
    sources += [
      "apple_keychain_util_unittest.mm",
      "unexportable_key_mac_unittest.mm",
      "user_verifying_key_mac_unittest.mm",
    ]
  }

  # Some files are built when NSS is used for the platform certificate library.
  if (use_nss_certs) {
    sources += [
      "nss_key_util_unittest.cc",
      "nss_util_unittest.cc",
    ]
    configs += [ "//build/config/linux/nss" ]
  }

  deps = [
    ":crypto",
    ":test_support",
    "//base",
    "//base/test:run_all_unittests",
    "//base/test:test_support",
    "//testing/gmock",
    "//testing/gtest",
  ]

  if (is_apple) {
    deps += [ ":mock_apple_keychain" ]
  }
}

static_library("test_support") {
  testonly = true
  sources = [
    "scoped_fake_user_verifying_key_provider.cc",
    "scoped_fake_user_verifying_key_provider.h",
    "scoped_mock_unexportable_key_provider.cc",
    "scoped_mock_unexportable_key_provider.h",
  ]

  if (use_nss_certs) {
    sources += [
      "scoped_test_nss_db.cc",
      "scoped_test_nss_db.h",
    ]
    configs += [ "//build/config/linux/nss" ]
  }

  if (is_chromeos_ash) {
    sources += [
      "scoped_test_nss_chromeos_user.cc",
      "scoped_test_nss_chromeos_user.h",
      "scoped_test_system_nss_key_slot.cc",
      "scoped_test_system_nss_key_slot.h",
    ]
  }

  if (is_mac) {
    sources += [
      "fake_apple_keychain_v2.h",
      "fake_apple_keychain_v2.mm",
      "scoped_fake_apple_keychain_v2.h",
      "scoped_fake_apple_keychain_v2.mm",
    ]
    frameworks = [
      "CoreFoundation.framework",
      "Foundation.framework",
      "LocalAuthentication.framework",
      "Security.framework",
    ]
  }

  deps = [
    ":crypto",
    "//base",
  ]
}