AC_INIT(nettle.cmod) |
AC_CONFIG_HEADER(nettle_config.h) |
|
AC_SET_MAKE |
|
AC_MODULE_INIT() |
|
if test "$with_nettle" = "no"; then |
PIKE_FEATURE_WITHOUT(Nettle) |
else |
dnl GMP is required and tested for in Gmp module. We just want LIBS |
dnl updated here. |
AC_CHECK_LIB(gmp, main) |
AC_MSG_CHECKING(CryptAcquireContext in -ladvapi32) |
AC_CACHE_VAL(pike_cv_nettle_advapi32_CryptAcquireContext, |
[ |
OLDLIBS="$LIBS" |
LIBS="-ladvapi32 $LIBS" |
AC_TRY_LINK([#ifndef _WIN32_WINNT |
#define _WIN32_WINNT 0x0400 |
#endif |
#include <windows.h> |
#include <wincrypt.h> |
],[CryptAcquireContext(0,0,0,0,0);], |
[pike_cv_nettle_advapi32_CryptAcquireContext=yes], |
[pike_cv_nettle_advapi32_CryptAcquireContext=no]) |
LIBS="$OLDLIBS" |
]) |
AC_MSG_RESULT($pike_cv_nettle_advapi32_CryptAcquireContext) |
if test x"$pike_cv_nettle_advapi32_CryptAcquireContext" = xyes; then |
LIBS="-ladvapi32 $LIBS" |
fi |
AC_CHECK_LIB(nettle, nettle_ctr_crypt) dnl CTR came in Nettle 1.13 |
AC_CHECK_LIB(hogweed, nettle_rsa_generate_keypair) |
if test "x$ac_cv_lib_hogweed_nettle_rsa_generate_keypair" = "xyes" ; then |
AC_MSG_CHECKING([if nettle_*_generate_keypair takes qbits]) |
AC_CACHE_VAL(pike_cv_nettle_hogweed_keypair_args, [ |
pike_cv_nettle_hogweed_keypair_args=no |
AC_TRY_COMPILE([ |
#include <nettle/dsa.h> |
#include <nettle/rsa.h> |
], [ |
struct dsa_public_key pub; |
struct dsa_private_key key; |
nettle_dsa_generate_keypair(&pub, &key, 0, 0, 0, 0, 2048, 384); |
], [ |
pike_cv_nettle_hogweed_keypair_args=yes |
]) |
]) |
AC_MSG_RESULT($pike_cv_nettle_hogweed_keypair_args); |
if test "x$pike_cv_nettle_hogweed_keypair_args" = "xyes"; then |
AC_DEFINE(HAVE_DSA_QBITS_KEYPAIR_ARG, [], [Define if generate_dsa_keypair takes the qbits argument]) |
fi |
fi |
|
# NB: Some versions of RedHat have censored the weaker curves |
# (secp_192r1 and secp_224r1 (cf [LysLysKOM 21863021])), and |
# there are no identifying macros, so we need to probe for them. |
define(PIKE_CHECK_ECC_CURVE, [ |
AC_MSG_CHECKING(if curve $1 is available) |
AC_CACHE_VAL(pike_cv_have_curve_$1, [ |
AC_TRY_LINK([#include <nettle/ecc-curve.h>], |
[ struct ecc_curve *c = &$1; ], |
[ pike_cv_have_curve_$1=yes ], |
[ pike_cv_have_curve_$1=no ]) |
]) |
AC_MSG_RESULT($pike_cv_have_curve_$1); |
if test "x$pike_cv_have_curve_$1" = "xyes"; then |
AC_DEFINE(translit(HAVE_CURVE_$1,[a-z],[A-Z]), 1, |
[Define if your libnettle has the curve $1.]) |
fi |
]) |
|
PIKE_CHECK_ECC_CURVE(nettle_secp_192r1) |
PIKE_CHECK_ECC_CURVE(nettle_secp_224r1) |
PIKE_CHECK_ECC_CURVE(nettle_secp_256r1) |
PIKE_CHECK_ECC_CURVE(nettle_secp_384r1) |
PIKE_CHECK_ECC_CURVE(nettle_secp_521r1) |
|
AC_SUBST(IDEA_OBJ) |
|
if test "x$ac_cv_lib_nettle_nettle_ctr_crypt" = "xyes"; then |
PIKE_FEATURE_OK(Nettle) |
|
# camellia is available in Nettle 2.1 and later. |
# gcm is available in Nettle 2.2 and later. |
# ripemd160 is available in Nettle 2.3 and later. |
# sha3 and gosthash94 are available in Nettle 2.6 and later. |
# chacha, poly1305 and eax are available in Nettle 3.0 and later. |
# curve25519 and eddsa are available in Nettle 3.1 and later. |
# version.h was added in Nettle 3.1.1, but nettle_version_{major,minor}() |
# are first available in Nettle 3.2 and later. |
AC_CHECK_HEADERS(nettle/camellia.h \ |
nettle/gcm.h \ |
nettle/ripemd160.h \ |
nettle/sha3.h nettle/gosthash94.h \ |
nettle/chacha.h nettle/chacha-poly1305.h \ |
nettle/poly1305.h nettle/eax.h \ |
nettle/dsa.h nettle/umac.h nettle/ecdsa.h \ |
nettle/curve25519.h nettle/eddsa.h \ |
nettle/version.h \ |
) |
# Check that the libraries match. |
# |
# Note that there can be false positives in the test above |
# when multiple versions of Nettle are installed concurrently. |
AC_CHECK_FUNCS(nettle_camellia128_crypt \ |
nettle_gcm_encrypt \ |
nettle_ripemd160_init \ |
nettle_sha3_256_init nettle_gosthash94_init \ |
nettle_chacha_crypt nettle_chacha_poly1305_encrypt \ |
nettle_poly1305_digest nettle_eax_encrypt \ |
nettle_dsa_sign nettle_umac128_digest nettle_ecdsa_sign \ |
nettle_curve25519_mul nettle_ed25519_sha512_sign \ |
nettle_version_major \ |
) |
|
AC_MSG_CHECKING([for idea.c]) |
# Have the patent-encumbered idea files been purged? |
if test -f "$srcdir/idea.c" ; then |
AC_MSG_RESULT([found]) |
AC_DEFINE([WITH_IDEA], 1, [idea.c available]) |
IDEA_OBJ=idea.o |
else |
AC_MSG_RESULT([no]) |
IDEA_OBJ="" |
fi |
|
# These may have been purged from the Nettle lib to avoid GPL |
# contamination. |
AC_CHECK_FUNCS(nettle_blowfish_decrypt nettle_serpent_decrypt) |
|
# This is the recomended interface in Nettle 2.0. |
AC_CHECK_FUNCS(nettle_yarrow256_slow_reseed) |
|
# nettle_salsa20_crypt was added in Nettle 2.5. |
# nettle_sha224_init was added in Nettle 2.1. |
# nettle_memxor3 replaced memxor3 in Nettle 3.0 |
AC_CHECK_FUNCS(nettle_salsa20_crypt nettle_sha224_init \ |
memxor3 nettle_memxor3) |
|
# This was added in Nettle 3.0. |
AC_CHECK_FUNCS(nettle_ecc_bit_size) |
|
# nettle_crypt_func was changed in Nettle 2.0. |
AC_MSG_CHECKING([whether nettle_crypt_func is a pointer type]) |
AC_CACHE_VAL(pike_cv_nettle_crypt_func_is_pointer, [ |
pike_cv_nettle_crypt_func_is_pointer=no |
AC_TRY_COMPILE([ |
#include <nettle/nettle-meta.h> |
], [ |
nettle_crypt_func foo = (nettle_crypt_func)(void *)0; |
return (int)foo; |
], [ |
pike_cv_nettle_crypt_func_is_pointer=yes |
]) |
]) |
AC_MSG_RESULT($pike_cv_nettle_crypt_func_is_pointer); |
if test "x$pike_cv_nettle_crypt_func_is_pointer" = "xyes"; then |
AC_DEFINE(HAVE_NETTLE_CRYPT_FUNC_IS_POINTER) |
fi |
else |
AC_ERROR([Cannot compile --with-nettle without the Nettle library. |
It is highly recommended that you install a working Nettle, 1.13 or |
later, library on your system as that will add features to Pike |
required by many applications. These features include ciphers, hash |
algorithms and random generators. If you know that you do not need |
cryptographic functions, you can re-run configure with the option |
--without-nettle instead. Nettle is available at |
http://www.lysator.liu.se/~nisse/nettle/. |
]) |
PIKE_FEATURE_NODEP(Nettle) |
fi |
fi |
|
AC_OUTPUT(Makefile,echo FOO >stamp-h ) |
|