Commit fb507b95 authored by Mark Andrews's avatar Mark Andrews

test for AES_encrypt and fall back to sha256

parent 0a5927a1
......@@ -15644,7 +15644,7 @@ fi
if test "${with_sit_alg+set}" = set; then :
withval=$with_sit_alg; with_sit_alg="$withval"
else
with_sit_alg="aes"
with_sit_alg="auto"
fi
......@@ -15662,6 +15662,37 @@ $as_echo "#define HMAC_SHA1_SIT 1" >>confdefs.h
$as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h
;;
auto)
saved_libs="$LIBS"
LIBS="$LIBS $DNS_CRYPTO_LIBS"
for ac_func in AES_encrypt
do :
ac_fn_c_check_func "$LINENO" "AES_encrypt" "ac_cv_func_AES_encrypt"
if test "x$ac_cv_func_AES_encrypt" = xyes; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_AES_ENCRYPT 1
_ACEOF
fi
done
LIBS="$saved_libs"
if test "$ac_cv_func_AES_encrypt" = "yes"
then
with_sit_alg="aes"
want_openssl_aes="yes"
$as_echo "#define AES_SIT 1" >>confdefs.h
else
with_sit_alg="sha256"
want_openssl_hash="yes"
$as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h
fi
;;
*)
with_sit_alg="aes"
......
......@@ -1534,7 +1534,7 @@ AC_ARG_ENABLE(openssl-aes,
#
AC_ARG_WITH(sit-alg,
[ --with-sit-alg=ALG choose the algorithm for SIT [[aes|sha1|sha256]]],
with_sit_alg="$withval", with_sit_alg="aes")
with_sit_alg="$withval", with_sit_alg="auto")
case $with_sit_alg in
*1)
......@@ -1549,6 +1549,25 @@ case $with_sit_alg in
AC_DEFINE(HMAC_SHA256_SIT, 1,
[Use HMAC-SHA256 for Source Identity Token generation])
;;
auto)
saved_libs="$LIBS"
LIBS="$LIBS $DNS_CRYPTO_LIBS"
AC_CHECK_FUNCS(AES_encrypt)
LIBS="$saved_libs"
if test "$ac_cv_func_AES_encrypt" = "yes"
then
with_sit_alg="aes"
want_openssl_aes="yes"
AC_DEFINE(AES_SIT, 1,
[Use AES for Source Identity Token generation])
else
with_sit_alg="sha256"
want_openssl_hash="yes"
AC_DEFINE(HMAC_SHA256_SIT, 1,
[Use HMAC-SHA256 for Source Identity Token generation])
fi
;;
*)
with_sit_alg="aes"
want_openssl_aes="yes"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment