1 files changed, 270 insertions, 0 deletions

diff --git a/chromium/crypto/BUILD.gn b/chromium/crypto/BUILD.gn
new file mode 100644
index 00000000000..307842084cb
--- /dev/null
+++ b/chromium/crypto/BUILD.gn
@@ -0,0 +1,270 @@
+# Copyright (c) 2013 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import("//build/config/crypto.gni")
+
+component("crypto") {
+  output_name = "crcrypto"  # Avoid colliding with OpenSSL's libcrypto.
+  sources = [
+    "apple_keychain.h",
+    "apple_keychain_ios.mm",
+    "apple_keychain_mac.mm",
+    "capi_util.cc",
+    "capi_util.h",
+    "crypto_export.h",
+    "cssm_init.cc",
+    "cssm_init.h",
+    "curve25519.cc",
+    "curve25519-donna.c",
+    "curve25519.h",
+    "ec_private_key.h",
+    "ec_private_key_nss.cc",
+    "ec_private_key_openssl.cc",
+    "ec_signature_creator.cc",
+    "ec_signature_creator.h",
+    "ec_signature_creator_impl.h",
+    "ec_signature_creator_nss.cc",
+    "ec_signature_creator_openssl.cc",
+    "encryptor.cc",
+    "encryptor.h",
+    "encryptor_nss.cc",
+    "encryptor_openssl.cc",
+    "ghash.cc",
+    "ghash.h",
+    "hkdf.cc",
+    "hkdf.h",
+    "hmac.cc",
+    "hmac.h",
+    "hmac_nss.cc",
+    "hmac_openssl.cc",
+    "mac_security_services_lock.cc",
+    "mac_security_services_lock.h",
+    # TODO(brettw) these mocks should be moved to a test_support_crypto target
+    # if possible.
+    "mock_apple_keychain.cc",
+    "mock_apple_keychain.h",
+    "mock_apple_keychain_ios.cc",
+    "mock_apple_keychain_mac.cc",
+    "nss_util.cc",
+    "nss_util.h",
+    "nss_util_internal.h",
+    "openssl_util.cc",
+    "openssl_util.h",
+    "p224.cc",
+    "p224.h",
+    "p224_spake.cc",
+    "p224_spake.h",
+    "random.cc",
+    "random.h",
+    "rsa_private_key.cc",
+    "rsa_private_key.h",
+    "rsa_private_key_nss.cc",
+    "rsa_private_key_openssl.cc",
+    "scoped_capi_types.h",
+    "scoped_nss_types.h",
+    "secure_hash_default.cc",
+    "secure_hash.h",
+    "secure_hash_openssl.cc",
+    "secure_util.cc",
+    "secure_util.h",
+    "sha2.cc",
+    "sha2.h",
+    "signature_creator.h",
+    "signature_creator_nss.cc",
+    "signature_creator_openssl.cc",
+    "signature_verifier.h",
+    "signature_verifier_nss.cc",
+    "signature_verifier_openssl.cc",
+    "symmetric_key.h",
+    "symmetric_key_nss.cc",
+    "symmetric_key_openssl.cc",
+    "third_party/nss/chromium-blapi.h",
+    "third_party/nss/chromium-blapit.h",
+    "third_party/nss/chromium-nss.h",
+    "third_party/nss/chromium-sha256.h",
+    "third_party/nss/pk11akey.cc",
+    "third_party/nss/rsawrapr.c",
+    "third_party/nss/secsign.cc",
+    "third_party/nss/sha512.cc",
+  ]
+
+  deps = [
+    ":platform",
+    "//base",
+    "//base/third_party/dynamic_annotations",
+  ]
+
+  if (!is_mac && !is_ios) {
+    sources -= [
+      "apple_keychain.h",
+      "mock_apple_keychain.cc",
+      "mock_apple_keychain.h",
+    ]
+  }
+
+  if (!is_mac) {
+    sources -= [
+      "cssm_init.cc",
+      "cssm_init.h",
+      "mac_security_services_lock.cc",
+      "mac_security_services_lock.h",
+    ]
+  }
+  if (!is_win) {
+    sources -= [
+      "capi_util.cc",
+      "capi_util.h",
+    ]
+  }
+
+  if (is_android) {
+    deps += [ "//third_party/android_tools:cpu_features" ]
+  }
+
+  if (use_openssl) {
+    # Remove NSS files when using OpenSSL
+    sources -= [
+      "ec_private_key_nss.cc",
+      "ec_signature_creator_nss.cc",
+      "encryptor_nss.cc",
+      "hmac_nss.cc",
+      "nss_util.cc",
+      "nss_util.h",
+      "rsa_private_key_nss.cc",
+      "secure_hash_default.cc",
+      "signature_creator_nss.cc",
+      "signature_verifier_nss.cc",
+      "symmetric_key_nss.cc",
+      "third_party/nss/chromium-blapi.h",
+      "third_party/nss/chromium-blapit.h",
+      "third_party/nss/chromium-nss.h",
+      "third_party/nss/pk11akey.cc",
+      "third_party/nss/rsawrapr.c",
+      "third_party/nss/secsign.cc",
+    ]
+  } else {
+    # Remove OpenSSL when using NSS.
+    sources -= [
+      "ec_private_key_openssl.cc",
+      "ec_signature_creator_openssl.cc",
+      "encryptor_openssl.cc",
+      "hmac_openssl.cc",
+      "openssl_util.cc",
+      "openssl_util.h",
+      "rsa_private_key_openssl.cc",
+      "secure_hash_openssl.cc",
+      "signature_creator_openssl.cc",
+      "signature_verifier_openssl.cc",
+      "symmetric_key_openssl.cc",
+    ]
+  }
+
+  defines = [ "CRYPTO_IMPLEMENTATION" ]
+}
+
+if (is_win) {
+  # A minimal crypto subset for hmac-related stuff that small standalone
+  # targets can use to reduce code size on Windows. This does not depend on
+  # OpenSSL/NSS but will use Windows APIs for that functionality.
+  source_set("crypto_minimal_win") {
+    sources = [
+      "crypto_export.h",
+      "hmac.cc",
+      "hmac.h",
+      "hmac_win.cc",
+      "scoped_capi_types.h",
+      "scoped_nss_types.h",
+      "secure_util.cc",
+      "secure_util.h",
+      "symmetric_key.h",
+      "symmetric_key_win.cc",
+      "third_party/nss/chromium-blapi.h",
+      "third_party/nss/chromium-sha256.h",
+      "third_party/nss/sha512.cc",
+    ]
+
+    deps = [
+      "//base",
+      "//base/third_party/dynamic_annotations",
+    ]
+
+    defines = [ "CRYPTO_IMPLEMENTATION" ]
+  }
+}
+
+test("crypto_unittests") {
+  sources = [
+    # Tests.
+    "curve25519_unittest.cc",
+    "ec_private_key_unittest.cc",
+    "ec_signature_creator_unittest.cc",
+    "encryptor_unittest.cc",
+    "ghash_unittest.cc",
+    "hkdf_unittest.cc",
+    "hmac_unittest.cc",
+    "nss_util_unittest.cc",
+    "p224_unittest.cc",
+    "p224_spake_unittest.cc",
+    "random_unittest.cc",
+    "rsa_private_key_unittest.cc",
+    "rsa_private_key_nss_unittest.cc",
+    "secure_hash_unittest.cc",
+    "sha2_unittest.cc",
+    "signature_creator_unittest.cc",
+    "signature_verifier_unittest.cc",
+    "symmetric_key_unittest.cc",
+  ]
+
+  if (use_openssl || !is_linux) {
+    sources -= [
+      "rsa_private_key_nss_unittest.cc",
+    ]
+  }
+
+  if (use_openssl) {
+    sources -= [ "nss_util_unittest.cc" ]
+  }
+
+  deps = [
+    ":crypto",
+    ":platform",
+    "//base",
+    "//base/test:run_all_unittests",
+    "//base/test:test_support",
+    "//testing/gmock",
+    "//testing/gtest",
+  ]
+}
+
+# This is a meta-target that forwards to NSS's SSL library or OpenSSL,
+# according to the state of the crypto flags. A target just wanting to depend
+# on the current SSL library should just depend on this.
+group("platform") {
+  if (use_openssl) {
+    deps = [ "//third_party/openssl" ]
+  } else {
+    deps = [ "//net/third_party/nss/ssl:libssl" ]
+    if (is_linux) {
+      # On Linux, we use the system NSS (excepting SSL where we always use our
+      # own).
+      #
+      # We always need our SSL header search path to come before the system one
+      # so our versions are used. The libssl target will add the search path we
+      # want, but according to GN's ordering rules, direct_dependent_configs'
+      # search path will get applied before ones inherited from our
+      # dependencies. Therefore, we need to explicitly list our custom libssl's
+      # config here before the system one.
+      direct_dependent_configs = [
+        "//net/third_party/nss/ssl:ssl_config",
+        "//third_party/nss:system_nss_no_ssl_config",
+      ]
+    } else {
+      # Non-Linux platforms use the hermetic NSS from the tree.
+      deps += [
+        "//third_party/nss:nspr",
+        "//third_party/nss:nss",
+      ]
+    }
+  }
+}