| # Copyright 2017 The Fuchsia Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| import("//build/fuzzing/fuzzer.gni") |
| import("//build/test.gni") |
| import("BUILD.generated.gni") |
| import("BUILD.generated_tests.gni") |
| |
| if (is_fuchsia) { |
| import("//build/components.gni") |
| } |
| |
| ################################################################################ |
| # Public targets |
| |
| group("boringssl") { |
| public_deps = [ |
| ":crypto", |
| ":ssl", |
| ] |
| } |
| |
| group("boringssl-shared") { |
| public_deps = [ |
| ":crypto-shared", |
| ":ssl-shared", |
| ] |
| } |
| |
| group("boringssl-static") { |
| public_deps = [ |
| ":crypto-static", |
| ":ssl-static", |
| ] |
| } |
| |
| if (current_cpu == "arm64" && (is_fuchsia || is_linux)) { |
| crypto_sources += crypto_sources_linux_aarch64 |
| } else if (current_cpu == "x64" && (is_fuchsia || is_linux)) { |
| crypto_sources += crypto_sources_linux_x86_64 |
| } else if (current_cpu == "x64" && is_mac) { |
| crypto_sources += crypto_sources_apple_x86_64 |
| } else if (!is_kernel) { |
| assert(false, "unsupported OS or CPU: $current_os/$current_cpu") |
| } |
| |
| # TODO(46139): remove this added source. |
| crypto_sources += [ "src/decrepit/xts/xts.c" ] |
| |
| ################ |
| # libcrypto.so # |
| ################ |
| |
| if (is_kernel) { |
| lib_types = [] |
| lib_names = [] |
| } else { |
| lib_types = [ |
| "static", |
| "shared", |
| ] |
| lib_names = [ |
| "crypto", |
| "ssl", |
| ] |
| } |
| |
| foreach(lib_type, lib_types) { |
| target("${lib_type}_library", "crypto-${lib_type}") { |
| if (default_library_type == "${lib_type}_library") { |
| output_name = "crypto" |
| } |
| sources = crypto_sources |
| public = crypto_headers |
| public_configs = [ ":boringssl_config" ] |
| configs += [ ":internal_config" ] |
| |
| if (is_fuchsia) { |
| # TODO(46910): UBSan has found an instance of undefined behavior in this target. |
| # Disable UBSan for this target temporarily until it is migrated into CI/CQ. |
| configs += [ "//build/config:temporarily_disable_ubsan_do_not_use" ] |
| |
| # TODO(60545): profile instrumentation significantly affects performance. |
| configs += [ "//build/config:no_profile" ] |
| |
| # boringssl should always be optimized for speed because otherwise performance is significantly |
| # worse, impacting pave and boot times on debug builds (fxb/55456) |
| configs -= [ "//build/config:default_optimize" ] |
| configs += [ "//build/config:optimize_speed" ] |
| |
| # sysrand() uses Zircon system call. |
| deps = [ "//src/zircon/lib/zircon" ] |
| } |
| } |
| |
| target("${lib_type}_library", "ssl-${lib_type}") { |
| if (default_library_type == "${lib_type}_library") { |
| output_name = "ssl" |
| } |
| sources = ssl_sources |
| public = ssl_headers |
| public_configs = [ ":boringssl_config" ] |
| configs += [ ":internal_config" ] |
| deps = [ ":crypto-${lib_type}" ] |
| |
| if (is_fuchsia) { |
| # boringssl should always be optimized for speed because otherwise performance is significantly |
| # worse, impacting pave and boot times on debug builds (fxb/55456) |
| configs -= [ "//build/config:default_optimize" ] |
| configs += [ "//build/config:optimize_speed" ] |
| } |
| } |
| } |
| |
| foreach(lib_name, lib_names) { |
| group("$lib_name") { |
| if (default_library_type == "shared_library") { |
| public_deps = [ ":${lib_name}-shared" ] |
| } else if (default_library_type == "static_library") { |
| public_deps = [ ":${lib_name}-static" ] |
| } else { |
| assert(false, "unsupported default_library_type: $default_library_type") |
| } |
| } |
| } |
| |
| if (!is_kernel) { |
| source_set("crypto_unsafe") { |
| testonly = true |
| visibility = [ ":*" ] |
| sources = crypto_sources |
| public = crypto_headers |
| configs += [ ":fuzz_config" ] |
| |
| if (is_fuchsia) { |
| # TODO(46910): UBSan has found an instance of undefined behavior in this target. |
| # Disable UBSan for this target temporarily until it is migrated into CI/CQ. |
| configs += [ "//build/config:temporarily_disable_ubsan_do_not_use" ] |
| |
| # sysrand() uses Zircon system call. |
| deps = [ "//src/zircon/lib/zircon" ] |
| } |
| } |
| |
| source_set("ssl_unsafe") { |
| testonly = true |
| visibility = [ ":*" ] |
| sources = ssl_sources |
| public = ssl_headers |
| configs += [ ":fuzz_config" ] |
| deps = [ ":crypto_unsafe" ] |
| } |
| |
| ########################## |
| # bssl command line tool # |
| ########################## |
| if (is_fuchsia) { |
| fuchsia_shell_package("boringssl_tool") { |
| deps = [ ":bssl" ] |
| } |
| } else { |
| group("boringssl_tool") { |
| deps = [ ":bssl" ] |
| } |
| } |
| |
| # See //third_party/boringssl/tool/CMakeLists.txt |
| executable("bssl") { |
| visibility = [ ":*" ] |
| sources = tool_sources |
| configs += [ "//third_party/boringssl:internal_config" ] |
| deps = [ |
| ":crypto", |
| ":ssl", |
| ] |
| } |
| |
| ############## |
| # Unit tests # |
| ############## |
| |
| crypto_tests = [] |
| common_crypto_test_sources = [ |
| "crypto_test_data.cc", |
| |
| # This test does nothing when BORINGSSL_SHARED_LIBRARY is defined and is |
| # needed to resolve missing symbols. /shrug |
| "src/crypto/test/abi_test.cc", |
| "src/crypto/test/file_test_gtest.cc", |
| "src/crypto/test/gtest_main.cc", |
| ] |
| _crypto_test_sources = crypto_test_sources - common_crypto_test_sources |
| foreach(crypto_test_source, _crypto_test_sources) { |
| name = get_path_info(crypto_test_source, "name") |
| target_name = "${name}_crypto_test" |
| crypto_tests += [ target_name ] |
| test(target_name) { |
| visibility = [ ":*" ] |
| sources = [ crypto_test_source ] + common_crypto_test_sources + |
| test_support_sources |
| configs += [ ":test_config" ] |
| deps = [ |
| ":crypto", |
| "//third_party/googletest:gtest", |
| ] |
| } |
| } |
| |
| test("ssl_test") { |
| visibility = [ ":*" ] |
| sources = ssl_test_sources + test_support_sources |
| configs += [ ":test_config" ] |
| deps = [ |
| ":crypto", |
| ":ssl", |
| "//third_party/googletest:gtest", |
| ] |
| } |
| |
| if (is_fuchsia) { |
| crypto_test_components = [] |
| needs_custom_component_manifest = [ "bio_test_crypto_test" ] |
| foreach(crypto_test, crypto_tests) { |
| _component_name = "${crypto_test}_component" |
| crypto_test_components += [ ":${_component_name}" ] |
| fuchsia_unittest_component(_component_name) { |
| if (needs_custom_component_manifest + [ crypto_test ] - |
| [ crypto_test ] != needs_custom_component_manifest) { |
| manifest = "meta/${crypto_test}.cml" |
| } |
| deps = [ ":${crypto_test}" ] |
| } |
| } |
| fuchsia_unittest_component("ssl_test_component") { |
| deps = [ ":ssl_test" ] |
| } |
| fuchsia_test_package("boringssl_tests") { |
| test_components = crypto_test_components + [ ":ssl_test_component" ] |
| deps = [ |
| "//src/connectivity/network/netstack:component", |
| "//src/sys/stash:stash_secure_v2", |
| ] |
| } |
| } |
| |
| group("tests") { |
| testonly = true |
| if (is_fuchsia) { |
| deps = [ ":boringssl_tests" ] |
| } else { |
| deps = [ ":ssl_test" ] |
| foreach(crypto_test, crypto_tests) { |
| deps += [ ":${crypto_test}" ] |
| } |
| } |
| } |
| |
| ################################################################################ |
| # Fuzzers |
| |
| # Upstream BoringSSL defines a `fuzzers` global variable in the generated |
| # GNI files; we rename it to avoid colliding with the similarly-named parameter |
| # on the fuzzers_package. |
| fuzzer_names = fuzzers |
| |
| # Explicitly remove the arm_cpuinfo fuzzer, which tests Linux-specific routines |
| if (is_fuchsia) { |
| fuzzer_names -= [ "arm_cpuinfo" ] |
| } |
| |
| foreach(name, fuzzer_names) { |
| fuzzer("${name}_fuzzer") { |
| visibility = [ ":*" ] |
| sources = [ "src/fuzz/${name}.cc" ] |
| configs += [ ":fuzz_config" ] |
| deps = [ |
| ":crypto_unsafe", |
| ":ssl_unsafe", |
| ] |
| } |
| } |
| |
| fuzzers_package("boringssl_fuzzers") { |
| fuzzers = [] |
| foreach(name, fuzzer_names) { |
| fuzzers += [ ":${name}_fuzzer" ] |
| } |
| } |
| } |
| |
| ################################################################################ |
| # Configs |
| |
| # Note that //zircon/kernel/lib/crypto/boringssl/BUILD.gn uses this config but |
| # it doesn't use the rest of this file's targets or configs for kernel cases. |
| config("boringssl_config") { |
| include_dirs = [ "src/include" ] |
| |
| cflags = [ |
| "-Wno-conversion", |
| "-Wno-unused-but-set-variable", |
| "-Wno-unused-function", |
| ] |
| |
| cflags_cc = [ "-Wno-deprecated-copy" ] |
| |
| if (is_gcc) { |
| cflags_cc += [ "-Wno-extra-semi" ] |
| } else { |
| cflags += [ "-Wno-extra-semi" ] |
| } |
| } |
| |
| config("internal_config") { |
| visibility = [ ":*" ] |
| defines = [ |
| "BORINGSSL_ALLOW_CXX_RUNTIME", |
| "BORINGSSL_IMPLEMENTATION", |
| "BORINGSSL_NO_STATIC_INITIALIZER", |
| "BORINGSSL_SHARED_LIBRARY", |
| "OPENSSL_SMALL", |
| ] |
| if (is_linux) { |
| # pthread_rwlock_t on Linux requires a feature flag. |
| defines += [ "_XOPEN_SOURCE=700" ] |
| } |
| configs = [ |
| ":boringssl_config", |
| "//build/config:shared_library_config", |
| ] |
| if (is_fuchsia) { |
| configs += [ "//build/config/fuchsia:static_cpp_standard_library" ] |
| } |
| } |
| |
| config("test_config") { |
| visibility = [ ":*" ] |
| include_dirs = [ |
| "src/crypto/test", |
| "src/ssl/test", |
| ] |
| configs = [ ":internal_config" ] |
| |
| # TODO(fxbug.dev/11049): Newer googletest's are spamming about an API rename, but |
| # BoringSSL hasn't updated yet. |
| cflags = [ "-Wno-deprecated-declarations" ] |
| } |
| |
| config("fuzz_config") { |
| visibility = [ ":*" ] |
| |
| # BoringSSL explicitly decided against using the common LLVM fuzzing macro: |
| # https://boringssl-review.googlesource.com/c/boringssl/+/31244 |
| defines = [ "BORINGSSL_UNSAFE_DETERMINISTIC_MODE" ] |
| configs = [ ":internal_config" ] |
| } |