From dbcc5e98b26eeeb7c44ad339b9a59edbf0a2e62f Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Sat, 23 Oct 2010 22:12:30 +0000 Subject: [PATCH] Need to check for openssl EC support. --- configure.ac | 3 +++ xmltooling/security/impl/SecurityHelper.cpp | 20 +++++++++++++------- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/configure.ac b/configure.ac index 851c477..dac0572 100644 --- a/configure.ac +++ b/configure.ac @@ -267,6 +267,9 @@ if test x_$with_xmlsec != x_no; then AC_CHECK_DECL(EVP_sha512, [AC_DEFINE([XMLTOOLING_OPENSSL_HAVE_SHA2],[1],[Define to 1 if OpenSSL supports the SHA-2 hash family.])], ,[#include ]) + AC_CHECK_DECL(EVP_PKEY_set1_EC_KEY, + [AC_DEFINE([XMLTOOLING_OPENSSL_HAVE_EC],[1],[Define to 1 if OpenSSL has EC support.])], + ,[#include ]) # restore master libs LIBS="$save_LIBS" diff --git a/xmltooling/security/impl/SecurityHelper.cpp b/xmltooling/security/impl/SecurityHelper.cpp index 9bbe7cc..a4ac4f2 100644 --- a/xmltooling/security/impl/SecurityHelper.cpp +++ b/xmltooling/security/impl/SecurityHelper.cpp @@ -37,11 +37,17 @@ #include #include #include -#ifdef XMLTOOLING_XMLSEC_ECC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) # include #endif #include +#ifdef WIN32 +# if (OPENSSL_VERSION_NUMBER >= 0x00907000) +# define XMLTOOLING_OPENSSL_HAVE_EC 1 +# endif +#endif + using namespace xmltooling::logging; using namespace xmltooling; using namespace std; @@ -203,7 +209,7 @@ XSECCryptoKey* SecurityHelper::loadKeyFromFile(const char* pathname, const char* ret=new OpenSSLCryptoKeyDSA(pkey); break; -#ifdef XSEC_OPENSSL_HAVE_EC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) case EVP_PKEY_EC: ret=new OpenSSLCryptoKeyEC(pkey); break; @@ -505,7 +511,7 @@ bool SecurityHelper::matches(const XSECCryptoKey& key1, const XSECCryptoKey& key return (dsa1 && dsa2 && BN_cmp(dsa1->priv_key,dsa2->priv_key) == 0); } -#ifdef XMLTOOLING_XMLSEC_ECC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) // If one key is public or both, just compare the public key half. if (key1.getKeyType()==XSECCryptoKey::KEY_EC_PUBLIC || key1.getKeyType()==XSECCryptoKey::KEY_EC_PAIR) { if (key2.getKeyType()!=XSECCryptoKey::KEY_EC_PUBLIC && key2.getKeyType()!=XSECCryptoKey::KEY_EC_PAIR) @@ -585,7 +591,7 @@ string SecurityHelper::getDEREncoding(const XSECCryptoKey& key, const char* hash const RSA* rsa = nullptr; const DSA* dsa = nullptr; -#ifdef XMLTOOLING_XMLSEC_ECC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) const EC_KEY* ec = nullptr; #endif @@ -603,7 +609,7 @@ string SecurityHelper::getDEREncoding(const XSECCryptoKey& key, const char* hash return ret; } } -#ifdef XMLTOOLING_XMLSEC_ECC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) else if (key.getKeyType() == XSECCryptoKey::KEY_EC_PUBLIC || key.getKeyType() == XSECCryptoKey::KEY_EC_PAIR) { ec = static_cast(key).getOpenSSLEC(); if (!ec) { @@ -641,7 +647,7 @@ string SecurityHelper::getDEREncoding(const XSECCryptoKey& key, const char* hash i2d_RSA_PUBKEY_bio(chain, const_cast(rsa)); else if (dsa) i2d_DSA_PUBKEY_bio(chain, const_cast(dsa)); -#ifdef XMLTOOLING_XMLSEC_ECC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) else i2d_EC_PUBKEY_bio(chain, const_cast(ec)); #endif @@ -787,7 +793,7 @@ XSECCryptoKey* SecurityHelper::fromDEREncoding(const char* buf, unsigned long bu ret = new OpenSSLCryptoKeyDSA(pkey); break; -#ifdef XMLTOOLING_XMLSEC_ECC +#if defined(XMLTOOLING_XMLSEC_ECC) && defined(XMLTOOLING_OPENSSL_HAVE_EC) case EVP_PKEY_EC: ret = new OpenSSLCryptoKeyEC(pkey); break; -- 2.1.4