ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Added Ed25519 support (#44696)

Browse Source
This commit is contained in:
Francis Dupont
2017-07-31 15:26:00 +02:00
parent 93ae9a09a9
commit 9b9182fe00
57 changed files with 3462 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
win32utils/Configure
View File

@@ -406,9 +406,13 @@ my @substdefh = ("AES_CC",
"HAVE_OPENSSL_AES",
"HAVE_OPENSSL_DSA",
"HAVE_OPENSSL_ECDSA",
"HAVE_OPENSSL_ED25519",
"HAVE_OPENSSL_ED448",
"HAVE_OPENSSL_EVP_AES",
"HAVE_OPENSSL_GOST",
"HAVE_PKCS11_ECDSA",
"HAVE_PKCS11_ED25519",
"HAVE_PKCS11_ED448",
"HAVE_PKCS11_GOST",
"HAVE_READLINE",
"HAVE_ZLIB",
@@ -569,6 +573,7 @@ my @withlist = ("aes",
"cc-alg",
"cross-compile",
"ecdsa",
"eddsa",
"extra-tests",
"gssapi",
"geoip",
@@ -629,6 +634,7 @@ my @help = (
" with-openssl[=PATH] build with OpenSSL yes|no|path\n",
" with-pkcs11[=PATH] build with PKCS#11 support yes|no|provider-path\n",
" with-ecdsa crypto ECDSA\n",
" with-eddsa crypto EDDSA yes|all|no\n",
" with-gost[=ENC] crypto GOST yes|no|raw|ans1\n",
" with-aes crypto AES\n",
" with-cc-alg choose the algorithm for cookies aes|sha1|sha256\n",
@@ -673,6 +679,8 @@ my $openssl_path = "..\\..\\";
my $use_pkcs11 = "no";
my $pkcs11_path = "unknown";
my $use_ecdsa = "auto";
my $use_eddsa = "auto";
my $use_ed448 = "auto";
my $use_gost = "auto";
my $gost_encoding = "raw";
my $use_aes = "auto";
@@ -753,19 +761,19 @@ if ($legacy_only && ($want_x64 ne "yes")) {
}
if ($want_checkfiles eq "yes") {
foreach (@filelist) {
next if -r $_ . ".in";
s/\\/\//g;
next if -r $_ . ".in";
print "missing $_.in from filelist\n";
}
foreach (@projectlist) {
next if -r $_ . ".in";
s/\\/\//g;
next if -r $_ . ".in";
print "missing $_.in from projectlist\n";
}
exit(0);
foreach (@filelist) {
next if -r $_ . ".in";
s/\\/\//g;
next if -r $_ . ".in";
print "missing $_.in from filelist\n";
}
foreach (@projectlist) {
next if -r $_ . ".in";
s/\\/\//g;
next if -r $_ . ".in";
print "missing $_.in from projectlist\n";
}
exit(0);
}
# configure the platform
@@ -966,10 +974,19 @@ sub mywith {
} elsif ($val =~ /^yes$/i) {
$use_ecdsa = "yes";
}
} elsif ($key =~ /^eddsa$/i) {
if ($val =~ /^no$/i) {
$use_eddsa = "no";
} elsif ($val !~ /^no$/i) {
$use_eddsa = "yes";
if ($val =~ /^all$/i) {
$use_ed448 = "yes";
}
}
} elsif ($key =~ /^gost$/i) {
if ($val =~ /^no$/i) {
$use_gost = "no";
} elsif ($val =~ /^yes$/i) {
} elsif ($val !~ /^no$/i) {
$use_gost = "yes";
$gost_encoding = $val;
}
@@ -1204,6 +1221,16 @@ if ($verbose) {
} else {
print "ecdsa: enabled\n";
}
if ($use_eddsa eq "no") {
print "eddsa: disabled\n";
} else {
print "ed25519: enabled\n";
if ($use_ed448 eq "no") {
print "ed448: disabled\n";
} else {
print "ed448: enabled\n";
}
}
if ($use_gost eq "no") {
print "gost: disabled\n";
} else {
@@ -1497,6 +1524,26 @@ if ($enable_native_pkcs11 eq "yes") {
}
$configdefh{"HAVE_PKCS11_ECDSA"} = 1;
}
if ($use_eddsa eq "no") {
if ($verbose) {
print "no EDDSA support in native PKCS#11\n";
}
} else {
if ($verbose) {
print "enabled Ed25519 support in native PKCS#11\n";
}
$configdefh{"HAVE_PKCS11_ED25519"} = 1;
if ($use_ed448 eq "no") {
if ($verbose) {
print "no Ed448 support in native PKCS#11\n";
}
} else {
if ($verbose) {
print "enabled Ed448 support in native PKCS#11\n";
}
$configdefh{"HAVE_PKCS11_ED448"} = 1;
}
}
if ($use_gost eq "no") {
if ($verbose) {
print "no GOST support in native PKCS#11\n";
@@ -1831,6 +1878,7 @@ EOF
if ($verbose) {
print "EVP_sha512 test failed: disabling EVP_sha512\n";
}
$use_eddsa = "no";
} else {
$configdefh{"HAVE_EVP_SHA512"} = 1;
}
@@ -1839,6 +1887,7 @@ EOF
print "can't compile EVP_sha512 test: $compret\n";
print "disabling EVP_sha512\n";
}
$use_eddsa = "no";
}
}
@@ -1893,6 +1942,104 @@ if ($use_ecdsa ne "no") {
$configdefh{"HAVE_OPENSSL_ECDSA"} = 1;
}
# with-eddsa
if ($use_openssl eq "no") {
$use_eddsa = "no";
}
if ($use_eddsa eq "auto") {
if ($verbose) {
print "checking for OpenSSL ED25519 support\n";
}
open F, ">tested25519.c" || die $!;
print F << 'EOF';
#include <openssl/evp.h>
#include <openssl/objects.h>
int
main(void)
{
EVP_PKEY_CTX *ctx;
ctx = EVP_PKEY_CTX_new_id(NID_ED25519, NULL);
if (ctx == NULL)
return (2);
return (0);
}
EOF
close F;
my $include = $configinc{"OPENSSL_INC"};
my $library = $configlib{"OPENSSL_LIB"};
$compret = `cl /nologo /MD /I "$include" tested25519.c "$library"`;
if (grep { -f and -x } ".\\tested25519.exe") {
`.\\tested25519.exe`;
if ($? != 0) {
if ($verbose) {
print "EDDSA test failed: disabling EDDSA\n";
}
$use_eddsa = "no";
}
} else {
if ($verbose) {
print "can't compile EDDSA test: $compret\n";
print "disabling EDDSA\n";
}
$use_eddsa = "no";
}
}
if ($use_eddsa ne "no") {
$use_eddsa = "yes";
$configdefh{"HAVE_OPENSSL_ED25519"} = 1;
} else {
$use_ed448 = "no";
}
if ($use_ed448 eq "auto") {
if ($verbose) {
print "checking for OpenSSL ED448 support\n";
}
open F, ">tested448.c" || die $!;
print F << 'EOF';
#include <openssl/evp.h>
#include <openssl/objects.h>
int
main(void)
{
EVP_PKEY_CTX *ctx;
ctx = EVP_PKEY_CTX_new_id(NID_ED448, NULL);
if (ctx == NULL)
return (2);
return (0);
}
EOF
close F;
my $include = $configinc{"OPENSSL_INC"};
my $library = $configlib{"OPENSSL_LIB"};
$compret = `cl /nologo /MD /I "$include" tested448.c "$library"`;
if (grep { -f and -x } ".\\tested448.exe") {
`.\\tested448.exe`;
if ($? != 0) {
if ($verbose) {
print "ED448 test failed: disabling ED448\n";
}
$use_ed448 = "no";
}
} else {
if ($verbose) {
print "can't compile ED448 test: $compret\n";
print "disabling ED448\n";
}
$use_ed448 = "no";
}
}
if ($use_ed448 ne "no") {
$use_ed448 = "yes";
$configdefh{"HAVE_OPENSSL_ED448"} = 1;
}
# with-gost
if ($use_openssl eq "no") {
$use_gost = "no";
@@ -3425,6 +3572,7 @@ exit 0;
# --with-openssl supported
# --with-pkcs11 supported
# --with-ecdsa supported
# --with-eddsa supported
# --with-gost supported
# --with-aes supported
# --with-cc-alg supported