diff options
| author | naddy@openbsd.org <naddy@openbsd.org> | 2019-11-18 16:08:57 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-11-20 09:26:59 +1100 |
| commit | 723a5369864b338c48d22854bc2bb4ee5c083deb (patch) | |
| tree | f55fb04a9c29f05bed7eeb9ea881b7ab3b65d1cf /sk-usbhid.c | |
| parent | 478f4f98e4e93ae4ed1a8911dec4e5b75ea10f30 (diff) | |
upstream: add the missing WITH_OPENSSL ifdefs after the ED25519-SK
addition; ok djm@
OpenBSD-Commit-ID: a9545e1c273e506cf70e328cbb9d0129b6d62474
Diffstat (limited to 'sk-usbhid.c')
| -rw-r--r-- | sk-usbhid.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index 17b595367..594f5d890 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c | |||
| @@ -25,11 +25,13 @@ | |||
| 25 | #include <stddef.h> | 25 | #include <stddef.h> |
| 26 | #include <stdarg.h> | 26 | #include <stdarg.h> |
| 27 | 27 | ||
| 28 | #ifdef WITH_OPENSSL | ||
| 28 | #include <openssl/opensslv.h> | 29 | #include <openssl/opensslv.h> |
| 29 | #include <openssl/crypto.h> | 30 | #include <openssl/crypto.h> |
| 30 | #include <openssl/bn.h> | 31 | #include <openssl/bn.h> |
| 31 | #include <openssl/ec.h> | 32 | #include <openssl/ec.h> |
| 32 | #include <openssl/ecdsa.h> | 33 | #include <openssl/ecdsa.h> |
| 34 | #endif /* WITH_OPENSSL */ | ||
| 33 | 35 | ||
| 34 | #include <fido.h> | 36 | #include <fido.h> |
| 35 | 37 | ||
| @@ -271,6 +273,7 @@ find_device(const uint8_t *message, size_t message_len, const char *application, | |||
| 271 | return dev; | 273 | return dev; |
| 272 | } | 274 | } |
| 273 | 275 | ||
| 276 | #ifdef WITH_OPENSSL | ||
| 274 | /* | 277 | /* |
| 275 | * The key returned via fido_cred_pubkey_ptr() is in affine coordinates, | 278 | * The key returned via fido_cred_pubkey_ptr() is in affine coordinates, |
| 276 | * but the API expects a SEC1 octet string. | 279 | * but the API expects a SEC1 octet string. |
| @@ -343,6 +346,7 @@ pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) | |||
| 343 | BN_clear_free(y); | 346 | BN_clear_free(y); |
| 344 | return ret; | 347 | return ret; |
| 345 | } | 348 | } |
| 349 | #endif /* WITH_OPENSSL */ | ||
| 346 | 350 | ||
| 347 | static int | 351 | static int |
| 348 | pack_public_key_ed25519(fido_cred_t *cred, struct sk_enroll_response *response) | 352 | pack_public_key_ed25519(fido_cred_t *cred, struct sk_enroll_response *response) |
| @@ -379,8 +383,10 @@ static int | |||
| 379 | pack_public_key(int alg, fido_cred_t *cred, struct sk_enroll_response *response) | 383 | pack_public_key(int alg, fido_cred_t *cred, struct sk_enroll_response *response) |
| 380 | { | 384 | { |
| 381 | switch(alg) { | 385 | switch(alg) { |
| 386 | #ifdef WITH_OPENSSL | ||
| 382 | case SK_ECDSA: | 387 | case SK_ECDSA: |
| 383 | return pack_public_key_ecdsa(cred, response); | 388 | return pack_public_key_ecdsa(cred, response); |
| 389 | #endif /* WITH_OPENSSL */ | ||
| 384 | case SK_ED25519: | 390 | case SK_ED25519: |
| 385 | return pack_public_key_ed25519(cred, response); | 391 | return pack_public_key_ed25519(cred, response); |
| 386 | default: | 392 | default: |
| @@ -414,9 +420,11 @@ sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, | |||
| 414 | } | 420 | } |
| 415 | *enroll_response = NULL; | 421 | *enroll_response = NULL; |
| 416 | switch(alg) { | 422 | switch(alg) { |
| 423 | #ifdef WITH_OPENSSL | ||
| 417 | case SK_ECDSA: | 424 | case SK_ECDSA: |
| 418 | cose_alg = COSE_ES256; | 425 | cose_alg = COSE_ES256; |
| 419 | break; | 426 | break; |
| 427 | #endif /* WITH_OPENSSL */ | ||
| 420 | case SK_ED25519: | 428 | case SK_ED25519: |
| 421 | cose_alg = COSE_EDDSA; | 429 | cose_alg = COSE_EDDSA; |
| 422 | break; | 430 | break; |
| @@ -536,6 +544,7 @@ sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, | |||
| 536 | return ret; | 544 | return ret; |
| 537 | } | 545 | } |
| 538 | 546 | ||
| 547 | #ifdef WITH_OPENSSL | ||
| 539 | static int | 548 | static int |
| 540 | pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) | 549 | pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) |
| 541 | { | 550 | { |
| @@ -572,6 +581,7 @@ pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) | |||
| 572 | } | 581 | } |
| 573 | return ret; | 582 | return ret; |
| 574 | } | 583 | } |
| 584 | #endif /* WITH_OPENSSL */ | ||
| 575 | 585 | ||
| 576 | static int | 586 | static int |
| 577 | pack_sig_ed25519(fido_assert_t *assert, struct sk_sign_response *response) | 587 | pack_sig_ed25519(fido_assert_t *assert, struct sk_sign_response *response) |
| @@ -605,8 +615,10 @@ static int | |||
| 605 | pack_sig(int alg, fido_assert_t *assert, struct sk_sign_response *response) | 615 | pack_sig(int alg, fido_assert_t *assert, struct sk_sign_response *response) |
| 606 | { | 616 | { |
| 607 | switch(alg) { | 617 | switch(alg) { |
| 618 | #ifdef WITH_OPENSSL | ||
| 608 | case SK_ECDSA: | 619 | case SK_ECDSA: |
| 609 | return pack_sig_ecdsa(assert, response); | 620 | return pack_sig_ecdsa(assert, response); |
| 621 | #endif /* WITH_OPENSSL */ | ||
| 610 | case SK_ED25519: | 622 | case SK_ED25519: |
| 611 | return pack_sig_ed25519(assert, response); | 623 | return pack_sig_ed25519(assert, response); |
| 612 | default: | 624 | default: |