CVE-2023-4154 dsdb/tests: Speed up DirSync test by only checking positive matches...
[Samba.git] / third_party / heimdal / cf / crypto.m4
blob0f308ced8f959a4c52214f98296c5412d1d95e9c
1 dnl $Id$
2 dnl
3 dnl test for crypto libraries:
4 dnl - libcrypto (from openssl)
5 dnl - own-built libhcrypto
7 m4_define([test_headers], [
8                 #undef KRB5 /* makes md4.h et al unhappy */
9                 #ifdef HAVE_HCRYPTO_W_OPENSSL
10                 #ifdef HAVE_SYS_TYPES_H
11                 #include <sys/types.h>
12                 #endif
13                 #include <openssl/evp.h>
14                 #include <openssl/bn.h>
15                 #include <openssl/md4.h>
16                 #include <openssl/md5.h>
17                 #include <openssl/sha.h>
18                 #include <openssl/des.h>
19                 #include <openssl/rc4.h>
20                 #include <openssl/aes.h>
21                 #include <openssl/rsa.h>
22                 #include <openssl/dsa.h>
23                 #include <openssl/dh.h>
24                 #include <openssl/ec.h>
25                 #include <openssl/engine.h>
26                 #include <openssl/ui.h>
27                 #include <openssl/rand.h>
28                 #include <openssl/hmac.h>
29                 #include <openssl/pkcs12.h>
30                 #else
31                 #include <hcrypto/evp.h>
32                 #include <hcrypto/md4.h>
33                 #include <hcrypto/md5.h>
34                 #include <hcrypto/sha.h>
35                 #include <hcrypto/des.h>
36                 #include <hcrypto/rc4.h>
37                 #include <hcrypto/aes.h>
38                 #include <hcrypto/engine.h>
39                 #include <hcrypto/hmac.h>
40                 #include <hcrypto/pkcs12.h>
41                 #endif
42                 ])
43 m4_define([test_body], [
44                 void *schedule = 0;
45                 EVP_MD_CTX mdctx;
47                 EVP_md4();
48                 EVP_md5();
49                 EVP_sha1();
50                 EVP_sha256();
52                 EVP_MD_CTX_init(&mdctx);
53                 EVP_DigestInit_ex(&mdctx, EVP_sha1(), (ENGINE *)0);
54                 EVP_CIPHER_iv_length(((EVP_CIPHER*)0));
55                 UI_UTIL_read_pw_string(0,0,0,0);
56                 RAND_status();
57                 #ifdef HAVE_HCRYPTO_W_OPENSSL
58                 EC_KEY_new();
59                 #endif
61                 OpenSSL_add_all_algorithms();
62                 AES_encrypt(0,0,0);
63                 DES_cbc_encrypt(0, 0, 0, schedule, 0, 0);
64                 RC4(0, 0, 0, 0);])
66 AC_DEFUN([KRB_CRYPTO],[
67 AC_ARG_WITH([hcrypto-default-backend],
68             AS_HELP_STRING([--with-hcrypto-default-backend=cc|pkcs11_hcrypto|ossl|w32crypto|hcrypto],
69                            [specify the default hcrypto backend]),
70             [
71             CFLAGS="${CFLAGS} -DHCRYPTO_DEF_PROVIDER=${withval}"
72             case "$withval" in
73             cc) AC_DEFINE(HCRYPTO_DEF_PROVIDER, [cc], [Define to one of cc, pkcs11, ossl, w32crypto, or hcrypto to set a default hcrypto provider]);;
74             pkcs11_hcrypto) AC_DEFINE(HCRYPTO_DEF_PROVIDER, [pkcs11_hcrypto], [Define to one of cc, pkcs11, ossl, w32crypto, or hcrypto to set a default hcrypto provider]);;
75             ossl) AC_DEFINE(HCRYPTO_DEF_PROVIDER, [ossl], [Define to one of cc, pkcs11, ossl, w32crypto, or hcrypto to set a default hcrypto provider]);;
76             w32crypto) AC_DEFINE(HCRYPTO_DEF_PROVIDER, [w32crypto], [Define to one of cc, pkcs11, ossl, w32crypto, or hcrypto to set a default hcrypto provider]);;
77             hcrypto) AC_DEFINE(HCRYPTO_DEF_PROVIDER, [hcrypto], [Define to one of cc, pkcs11, ossl, w32crypto, or hcrypto to set a default hcrypto provider]);;
78             *) echo "Invalid hcrypto provider name ($withval)"; exit 5;;
79             esac
80             ],
81             [])
82 AC_ARG_WITH([hcrypto-fallback],
83             AS_HELP_STRING([--without-hcrypto-fallback],
84                            [disable fallback on hcrypto for unavailable algorithms]),
85             [AC_DEFINE([HCRYPTO_FALLBACK],0,[Set to 1 to allow fallback to hcrypto for unavailable algorithms])],
86             [AC_DEFINE([HCRYPTO_FALLBACK],1,[Set to 1 to allow fallback to hcrypto for unavailable algorithms])])
87 AC_WITH_ALL([openssl])
89 AC_MSG_CHECKING([for crypto library])
91 openssl=no
93 if test "$with_openssl" = "yes"; then
94         with_openssl=/usr
96 if test "$with_openssl" != "no"; then
97         saved_CFLAGS="${CFLAGS}"
98         saved_LDFLAGS="${LDFLAGS}"
99         INCLUDE_openssl_crypto=
100         LIB_openssl_crypto=
101         if test "$with_openssl_include" != ""; then
102                 INCLUDE_openssl_crypto="-I${with_openssl_include}"
103         else
104                 INCLUDE_openssl_crypto="-I${with_openssl}/include"
105         fi
106         if test "$with_openssl_lib" != ""; then
107                 LIB_openssl_crypto="-L${with_openssl_lib}"
108         elif test "${with_openssl}" != "/usr" -a -d "${with_openssl}/lib"; then
109                 LIB_openssl_crypto="-L${with_openssl}/lib"
110         fi
111         CFLAGS="-DHAVE_HCRYPTO_W_OPENSSL ${INCLUDE_openssl_crypto} ${CFLAGS}"
112         LDFLAGS="${LIB_openssl_crypto} ${LDFLAGS}"
113         AC_CHECK_LIB([crypto], [OPENSSL_init],
114                      [LIB_openssl_crypto="${LIB_openssl_crypto} -lcrypto"; openssl=yes], [openssl=no], [])
115         if test "$openssl" = "yes"; then
116             AC_CHECK_LIB([crypto],
117                          [OSSL_EC_curve_nid2name],
118                          [AC_DEFINE_UNQUOTED([HAVE_OPENSSL_30], 1,
119                                              [whether OpenSSL is 3.0 or higher])]
120                          )
121             AC_CHECK_HEADERS([openssl/fips.h],
122                              [AC_DEFINE_UNQUOTED([HAVE_OPENSSL_FIPS_H], 1,
123                                                  [whether openssl/fips.h is available])]
124                              )
125             AC_CHECK_LIB([crypto],
126                          [FIPS_mode_set],
127                          [AC_DEFINE_UNQUOTED([HAVE_OPENSSL_FIPS_MODE_SET_API], 1,
128                                              [whether FIPS_mode_set API is available])]
129                          )
130         fi
131         # These cases are just for static linking on older OSes,
132         # presumably.
133         if test "$openssl" = "no"; then
134                 AC_CHECK_LIB([crypto], [OPENSSL_init],
135                              [LIB_openssl_crypto="${LIB_openssl_crypto} -lcrypto -ldl"; openssl=yes], [openssl=no], [-ldl])
136         fi
137         if test "$openssl" = "no"; then
138                 AC_CHECK_LIB([crypto], [OPENSSL_init],
139                              [LIB_openssl_crypto="${LIB_openssl_crypto} -lcrypto -ldl -lnsl"; openssl=yes], [openssl=no], [-ldl -lnsl])
140         fi
141         if test "$openssl" = "no"; then
142                 AC_CHECK_LIB([crypto], [OPENSSL_init],
143                              [LIB_openssl_crypto="${LIB_openssl_crypto} -lcrypto -ldl -lnsl -lsocket"; openssl=yes], [openssl=no], [-ldl -lnsl -lsocket])
144         fi
145         if test "$openssl" = "no"; then
146                 INCLUDE_openssl_crypto=
147                 LIB_openssl_crypto=
148         fi
149         CFLAGS="${saved_CFLAGS}"
150         LDFLAGS="${saved_LDFLAGS}"
153 LIB_hcrypto='$(top_builddir)/lib/hcrypto/libhcrypto.la'
154 LIB_hcrypto_a='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.a'
155 LIB_hcrypto_so='$(top_builddir)/lib/hcrypto/.libs/libhcrypto.so'
156 LIB_hcrypto_appl="-lhcrypto"
158 AC_MSG_RESULT([included libhcrypto])
160 AC_ARG_WITH(pkcs11-module,
161                        AS_HELP_STRING([--with-pkcs11-module=path],
162                                       [use PKCS11 module in path]),
163                        [pkcs11_module="$withval"],
164                        [])
166 if test "$pkcs11_module" != ""; then
167   AC_DEFINE_UNQUOTED(PKCS11_MODULE_PATH, "$pkcs11_module", [path to PKCS11 module])
168   openssl=no
171 if test "$openssl" = "yes"; then
172   AC_DEFINE([HAVE_HCRYPTO_W_OPENSSL], 1, [define to use openssl's libcrypto as the default backend for libhcrypto])
174 AM_CONDITIONAL(HAVE_HCRYPTO_W_OPENSSL, test "$openssl" = yes)dnl
176 AC_SUBST(INCLUDE_openssl_crypto)
177 AC_SUBST(LIB_openssl_crypto)
178 AC_SUBST(LIB_hcrypto)
179 AC_SUBST(LIB_hcrypto_a)
180 AC_SUBST(LIB_hcrypto_so)
181 AC_SUBST(LIB_hcrypto_appl)