mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 19:24:42 +02:00
wolfRand
Refactor the configure.ac script to make adding additional FIPS options easier.
This commit is contained in:
John Safranek
57
configure.ac
57
configure.ac
@@ -2252,34 +2252,10 @@ AC_ARG_ENABLE([fips],
|
|||||||
|
|
||||||
if test "x$ENABLED_FIPS" != "xno"
|
if test "x$ENABLED_FIPS" != "xno"
|
||||||
then
|
then
|
||||||
FIPS_VERSION=$ENABLED_FIPS
|
|
||||||
ENABLED_FIPS=yes
|
|
||||||
# requires thread local storage
|
|
||||||
if test "$thread_ls_on" = "no"
|
|
||||||
then
|
|
||||||
AC_MSG_ERROR([FIPS requires Thread Local Storage])
|
|
||||||
fi
|
|
||||||
# requires SHA512
|
|
||||||
if test "x$ENABLED_SHA512" = "xno"
|
|
||||||
then
|
|
||||||
ENABLED_SHA512="yes"
|
|
||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
|
|
||||||
fi
|
|
||||||
# requires AESGCM
|
|
||||||
if test "x$ENABLED_AESGCM" != "xyes"
|
|
||||||
then
|
|
||||||
ENABLED_AESGCM="yes"
|
|
||||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
|
|
||||||
fi
|
|
||||||
# requires DES3
|
|
||||||
if test "x$ENABLED_DES3" = "xno"
|
|
||||||
then
|
|
||||||
ENABLED_DES3="yes"
|
|
||||||
fi
|
|
||||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS"
|
||||||
# Add the FIPS flag.
|
AS_CASE([$ENABLED_FIPS],
|
||||||
AS_IF([test "x$FIPS_VERSION" = "xv2"],
|
["v2"],[FIPS_VERSION="v2"
|
||||||
[AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS_VERSION=2 -DWOLFSSL_KEY_GEN -DWOLFSSL_SHA224 -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DHAVE_ECC_CDH -DWC_RSA_NO_PADDING -DWOLFSSL_VALIDATE_FFC_IMPORT -DHAVE_FFDHE_Q"
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS_VERSION=2 -DWOLFSSL_KEY_GEN -DWOLFSSL_SHA224 -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DHAVE_ECC_CDH -DWC_RSA_NO_PADDING -DWOLFSSL_VALIDATE_FFC_IMPORT -DHAVE_FFDHE_Q"
|
||||||
ENABLED_KEYGEN="yes"
|
ENABLED_KEYGEN="yes"
|
||||||
ENABLED_SHA224="yes"
|
ENABLED_SHA224="yes"
|
||||||
AS_IF([test "x$ENABLED_AESCCM" != "xyes"],
|
AS_IF([test "x$ENABLED_AESCCM" != "xyes"],
|
||||||
@@ -2305,7 +2281,32 @@ then
|
|||||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF"])
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF"])
|
||||||
AS_IF([test "x$ENABLED_INTELASM" = "xyes"],
|
AS_IF([test "x$ENABLED_INTELASM" = "xyes"],
|
||||||
[AM_CFLAGS="$AM_CFLAGS -DFORCE_FAILURE_RDSEED"])
|
[AM_CFLAGS="$AM_CFLAGS -DFORCE_FAILURE_RDSEED"])
|
||||||
])
|
],
|
||||||
|
["rand"],[FIPS_VERSION="rand"],
|
||||||
|
[FIPS_VERSION="v1"])
|
||||||
|
ENABLED_FIPS=yes
|
||||||
|
# requires thread local storage
|
||||||
|
if test "$thread_ls_on" = "no"
|
||||||
|
then
|
||||||
|
AC_MSG_ERROR([FIPS requires Thread Local Storage])
|
||||||
|
fi
|
||||||
|
# requires SHA512
|
||||||
|
if test "x$ENABLED_SHA512" = "xno"
|
||||||
|
then
|
||||||
|
ENABLED_SHA512="yes"
|
||||||
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA512 -DWOLFSSL_SHA384"
|
||||||
|
fi
|
||||||
|
# requires AESGCM
|
||||||
|
if test "x$ENABLED_AESGCM" != "xyes"
|
||||||
|
then
|
||||||
|
ENABLED_AESGCM="yes"
|
||||||
|
AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM"
|
||||||
|
fi
|
||||||
|
# requires DES3
|
||||||
|
if test "x$ENABLED_DES3" = "xno"
|
||||||
|
then
|
||||||
|
ENABLED_DES3="yes"
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
if test "x$ENABLED_FORTRESS" = "xyes"
|
if test "x$ENABLED_FORTRESS" = "xyes"
|
||||||
then
|
then
|
||||||
|
|||||||
Reference in New Issue
Block a user