if test "${with_sit_alg+set}" = set; then :
withval=$with_sit_alg; with_sit_alg="$withval"
else
- with_sit_alg="aes"
+ with_sit_alg="auto"
fi
$as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h
+ ;;
+ auto)
+ saved_libs="$LIBS"
+ LIBS="$LIBS $DNS_CRYPTO_LIBS"
+ for ac_func in AES_encrypt
+do :
+ ac_fn_c_check_func "$LINENO" "AES_encrypt" "ac_cv_func_AES_encrypt"
+if test "x$ac_cv_func_AES_encrypt" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_AES_ENCRYPT 1
+_ACEOF
+
+fi
+done
+
+ LIBS="$saved_libs"
+
+ if test "$ac_cv_func_AES_encrypt" = "yes"
+ then
+ with_sit_alg="aes"
+ want_openssl_aes="yes"
+
+$as_echo "#define AES_SIT 1" >>confdefs.h
+
+ else
+ with_sit_alg="sha256"
+ want_openssl_hash="yes"
+
+$as_echo "#define HMAC_SHA256_SIT 1" >>confdefs.h
+
+ fi
;;
*)
with_sit_alg="aes"
#
AC_ARG_WITH(sit-alg,
[ --with-sit-alg=ALG choose the algorithm for SIT [[aes|sha1|sha256]]],
- with_sit_alg="$withval", with_sit_alg="aes")
+ with_sit_alg="$withval", with_sit_alg="auto")
case $with_sit_alg in
*1)
AC_DEFINE(HMAC_SHA256_SIT, 1,
[Use HMAC-SHA256 for Source Identity Token generation])
;;
+ auto)
+ saved_libs="$LIBS"
+ LIBS="$LIBS $DNS_CRYPTO_LIBS"
+ AC_CHECK_FUNCS(AES_encrypt)
+ LIBS="$saved_libs"
+
+ if test "$ac_cv_func_AES_encrypt" = "yes"
+ then
+ with_sit_alg="aes"
+ want_openssl_aes="yes"
+ AC_DEFINE(AES_SIT, 1,
+ [Use AES for Source Identity Token generation])
+ else
+ with_sit_alg="sha256"
+ want_openssl_hash="yes"
+ AC_DEFINE(HMAC_SHA256_SIT, 1,
+ [Use HMAC-SHA256 for Source Identity Token generation])
+ fi
+ ;;
*)
with_sit_alg="aes"
want_openssl_aes="yes"