1 AC_DEFUN([ACX_CRYPTO_BACKEND],[
3 # First check if we want to support ECC and GOST
6 AC_HELP_STRING([--enable-ecc],
7 [Enable support for ECC (default enabled)]
9 [enable_ecc="${enableval}"],
12 AC_MSG_CHECKING(for ECC support)
13 if test "x${enable_ecc}" = "xyes"; then
18 [Compile with ECC support]
23 AM_CONDITIONAL([WITH_ECC], [test "x${enable_ecc}" = "xyes"])
26 AC_HELP_STRING([--enable-gost],
27 [Enable support for GOST (default enabled)]
29 [enable_gost="${enableval}"],
32 AC_MSG_CHECKING(for GOST support)
33 if test "x${enable_gost}" = "xyes"; then
38 [Compile with GOST support]
43 AM_CONDITIONAL([WITH_GOST], [test "x${enable_gost}" = "xyes"])
48 AC_HELP_STRING([--enable-eddsa],
49 [Enable support for EDDSA (default disabled)]
51 [enable_eddsa="${enableval}"],
54 AC_MSG_CHECKING(for EDDSA support)
55 if test "x${enable_eddsa}" = "xyes"; then
60 [Compile with EDDSA support]
65 AM_CONDITIONAL([WITH_EDDSA], [test "x${enable_eddsa}" = "xyes"])
67 # Second check for the FIPS 140-2 mode
70 AC_HELP_STRING([--enable-fips],
71 [Enable support for FIPS 140-2 mode (default disabled)]
73 [enable_fips="${enableval}"],
76 AC_MSG_CHECKING(for FIPS 140-2 mode)
77 if test "x${enable_fips}" = "xyes"; then
82 [Compile with FIPS 140-2 mode]
87 AM_CONDITIONAL([WITH_GOST], [test "x${enable_fips}" = "xyes"])
89 # Then check what crypto library we want to use
91 AC_ARG_WITH(crypto-backend,
92 AC_HELP_STRING([--with-crypto-backend],
93 [Select crypto backend (openssl|botan)]
95 [crypto_backend="${withval}"],
96 [crypto_backend="openssl"]
99 AC_MSG_CHECKING(for crypto backend)
101 if test "x${crypto_backend}" = "xopenssl"; then
102 AC_MSG_RESULT(OpenSSL)
104 if test "x${enable_fips}" = "xyes"; then
110 CRYPTO_INCLUDES=$OPENSSL_INCLUDES
111 CRYPTO_LIBS=$OPENSSL_LIBS
113 if test "x${enable_ecc}" = "xyes"; then
117 if test "x${enable_eddsa}" = "xyes"; then
121 if test "x${enable_gost}" = "xyes"; then
122 if test "x${enable_fips}" = "xyes"; then
123 AC_MSG_ERROR([GOST is not FIPS approved])
128 if test "x${enable_fips}" = "xyes"; then
131 ACX_OPENSSL_EVPAESWRAP
137 [Compile with raw RSA PKCS PSS]
142 [Compile with AES_GCM]
147 [Compile with OpenSSL support]
150 elif test "x${crypto_backend}" = "xbotan"; then
155 CRYPTO_INCLUDES=$BOTAN_CFLAGS
156 CRYPTO_LIBS=$BOTAN_LIBS
158 if test "x${enable_ecc}" = "xyes"; then
162 if test "x${enable_eddsa}" = "xyes"; then
166 if test "x${enable_fips}" = "xyes"; then
167 AC_MSG_ERROR([Botan does not support FIPS 140-2 mode])
170 if test "x${enable_gost}" = "xyes"; then
174 if test "x${BOTAN_VERSION_MAJOR}" = "x1" -a "x${BOTAN_VERSION_MINOR}" = "x10"; then
185 [Compile with Botan support]
189 AC_MSG_RESULT(Unknown)
190 AC_MSG_ERROR([Crypto backend ${crypto_backend} not supported. Use openssl or botan.])
193 AC_SUBST(CRYPTO_INCLUDES)
194 AC_SUBST(CRYPTO_LIBS)
195 AM_CONDITIONAL([WITH_OPENSSL], [test "x${crypto_backend}" = "xopenssl"])
196 AM_CONDITIONAL([WITH_BOTAN], [test "x${crypto_backend}" = "xbotan"])