Fix CryptoBuildConfig.h usage (#20887)

* Fix CryptoBuildConfig.h usage PR #20824 moved some defines out of CryptoBuildConfig.h by mistake. This caused some defines to be globalized but only in GN builds. Fixes #20883 This PR brings back the defines in CryptoBuildConfig.h and fixes what's needed for that to build Testing done: - Unit tests still pass - Integration tests still pass * Add BoringSSL coverage to rotating ID build
project-chip · Jul 14, 2023 · 1142339 · 1142339
1 parent e0d93c9
commit 1142339
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 18 deletions.
diff --git a/.github/workflows/unit_integration_test.yaml b/.github/workflows/unit_integration_test.yaml
@@ -75,12 +75,13 @@ jobs:
                   if_true: "${{ github.sha }}"
                   if_false: "pull-${{ github.event.pull_request.number }}"
             - name: Setup Build
+              # TODO: If rotating_device_id is ever removed/combined, we have to cover boringssl otherwise
               run: |
                   case $BUILD_TYPE in
                      "main") GN_ARGS='';;
                      "clang") GN_ARGS='is_clang=true';;
                      "mbedtls") GN_ARGS='chip_crypto="mbedtls"';;
-                     "rotating_device_id") GN_ARGS='chip_enable_rotating_device_id=true';;
+                     "rotating_device_id") GN_ARGS='chip_crypto="boringssl" chip_enable_rotating_device_id=true';;
                      *) ;;
                   esac
 

diff --git a/src/crypto/BUILD.gn b/src/crypto/BUILD.gn
@@ -24,7 +24,15 @@ buildconfig_header("crypto_buildconfig") {
   header = "CryptoBuildConfig.h"
   header_dir = "crypto"
 
-  defines = []
+  chip_crypto_mbedtls = chip_crypto == "mbedtls"
+  chip_crypto_openssl = chip_crypto == "openssl"
+  chip_crypto_boringssl = chip_crypto == "boringssl"
+
+  defines = [
+    "CHIP_CRYPTO_MBEDTLS=${chip_crypto_mbedtls}",
+    "CHIP_CRYPTO_OPENSSL=${chip_crypto_openssl}",
+    "CHIP_CRYPTO_BORINGSSL=${chip_crypto_boringssl}",
+  ]
 
   if (chip_with_se05x == 1) {
     defines += [ "CHIP_CRYPTO_HSM=1" ]
@@ -39,18 +47,6 @@ buildconfig_header("crypto_buildconfig") {
   }
 }
 
-config("crypto_config") {
-  chip_crypto_mbedtls = chip_crypto == "mbedtls"
-  chip_crypto_openssl = chip_crypto == "openssl"
-  chip_crypto_boringssl = chip_crypto == "boringssl"
-
-  defines = [
-    "CHIP_CRYPTO_MBEDTLS=${chip_crypto_mbedtls}",
-    "CHIP_CRYPTO_OPENSSL=${chip_crypto_openssl}",
-    "CHIP_CRYPTO_BORINGSSL=${chip_crypto_boringssl}",
-  ]
-}
-
 if (chip_crypto == "openssl") {
   import("${build_root}/config/linux/pkg_config.gni")
 
@@ -76,6 +72,8 @@ static_library("crypto") {
     "RandUtils.h",
   ]
 
+  public_configs = []
+
   cflags = [ "-Wconversion" ]
 
   public_deps = [
@@ -86,8 +84,6 @@ static_library("crypto") {
     "${nlassert_root}:nlassert",
   ]
 
-  public_configs = [ ":crypto_config" ]
-
   if (chip_crypto == "mbedtls") {
     sources += [ "CHIPCryptoPALmbedTLS.cpp" ]
 

diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h
@@ -22,9 +22,9 @@
 
 #pragma once
 
-//#if CHIP_HAVE_CONFIG_H
+#if CHIP_HAVE_CONFIG_H
 #include <crypto/CryptoBuildConfig.h>
-//#endif
+#endif // CHIP_HAVE_CONFIG_H
 
 #include <system/SystemConfig.h>
 

diff --git a/src/crypto/tests/AES_CCM_128_test_vectors.h b/src/crypto/tests/AES_CCM_128_test_vectors.h
@@ -25,6 +25,10 @@
 
 #include <lib/core/CHIPError.h>
 
+#if CHIP_HAVE_CONFIG_H
+#include <crypto/CryptoBuildConfig.h>
+#endif // CHIP_HAVE_CONFIG_H
+
 struct ccm_128_test_vector
 {
     const uint8_t * pt;