diff options
Diffstat (limited to 'sk-usbhid.c')
-rw-r--r-- | sk-usbhid.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index 17b595367..594f5d890 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c | |||
@@ -25,11 +25,13 @@ | |||
25 | #include <stddef.h> | 25 | #include <stddef.h> |
26 | #include <stdarg.h> | 26 | #include <stdarg.h> |
27 | 27 | ||
28 | #ifdef WITH_OPENSSL | ||
28 | #include <openssl/opensslv.h> | 29 | #include <openssl/opensslv.h> |
29 | #include <openssl/crypto.h> | 30 | #include <openssl/crypto.h> |
30 | #include <openssl/bn.h> | 31 | #include <openssl/bn.h> |
31 | #include <openssl/ec.h> | 32 | #include <openssl/ec.h> |
32 | #include <openssl/ecdsa.h> | 33 | #include <openssl/ecdsa.h> |
34 | #endif /* WITH_OPENSSL */ | ||
33 | 35 | ||
34 | #include <fido.h> | 36 | #include <fido.h> |
35 | 37 | ||
@@ -271,6 +273,7 @@ find_device(const uint8_t *message, size_t message_len, const char *application, | |||
271 | return dev; | 273 | return dev; |
272 | } | 274 | } |
273 | 275 | ||
276 | #ifdef WITH_OPENSSL | ||
274 | /* | 277 | /* |
275 | * The key returned via fido_cred_pubkey_ptr() is in affine coordinates, | 278 | * The key returned via fido_cred_pubkey_ptr() is in affine coordinates, |
276 | * but the API expects a SEC1 octet string. | 279 | * but the API expects a SEC1 octet string. |
@@ -343,6 +346,7 @@ pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) | |||
343 | BN_clear_free(y); | 346 | BN_clear_free(y); |
344 | return ret; | 347 | return ret; |
345 | } | 348 | } |
349 | #endif /* WITH_OPENSSL */ | ||
346 | 350 | ||
347 | static int | 351 | static int |
348 | pack_public_key_ed25519(fido_cred_t *cred, struct sk_enroll_response *response) | 352 | pack_public_key_ed25519(fido_cred_t *cred, struct sk_enroll_response *response) |
@@ -379,8 +383,10 @@ static int | |||
379 | pack_public_key(int alg, fido_cred_t *cred, struct sk_enroll_response *response) | 383 | pack_public_key(int alg, fido_cred_t *cred, struct sk_enroll_response *response) |
380 | { | 384 | { |
381 | switch(alg) { | 385 | switch(alg) { |
386 | #ifdef WITH_OPENSSL | ||
382 | case SK_ECDSA: | 387 | case SK_ECDSA: |
383 | return pack_public_key_ecdsa(cred, response); | 388 | return pack_public_key_ecdsa(cred, response); |
389 | #endif /* WITH_OPENSSL */ | ||
384 | case SK_ED25519: | 390 | case SK_ED25519: |
385 | return pack_public_key_ed25519(cred, response); | 391 | return pack_public_key_ed25519(cred, response); |
386 | default: | 392 | default: |
@@ -414,9 +420,11 @@ sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, | |||
414 | } | 420 | } |
415 | *enroll_response = NULL; | 421 | *enroll_response = NULL; |
416 | switch(alg) { | 422 | switch(alg) { |
423 | #ifdef WITH_OPENSSL | ||
417 | case SK_ECDSA: | 424 | case SK_ECDSA: |
418 | cose_alg = COSE_ES256; | 425 | cose_alg = COSE_ES256; |
419 | break; | 426 | break; |
427 | #endif /* WITH_OPENSSL */ | ||
420 | case SK_ED25519: | 428 | case SK_ED25519: |
421 | cose_alg = COSE_EDDSA; | 429 | cose_alg = COSE_EDDSA; |
422 | break; | 430 | break; |
@@ -536,6 +544,7 @@ sk_enroll(int alg, const uint8_t *challenge, size_t challenge_len, | |||
536 | return ret; | 544 | return ret; |
537 | } | 545 | } |
538 | 546 | ||
547 | #ifdef WITH_OPENSSL | ||
539 | static int | 548 | static int |
540 | pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) | 549 | pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) |
541 | { | 550 | { |
@@ -572,6 +581,7 @@ pack_sig_ecdsa(fido_assert_t *assert, struct sk_sign_response *response) | |||
572 | } | 581 | } |
573 | return ret; | 582 | return ret; |
574 | } | 583 | } |
584 | #endif /* WITH_OPENSSL */ | ||
575 | 585 | ||
576 | static int | 586 | static int |
577 | pack_sig_ed25519(fido_assert_t *assert, struct sk_sign_response *response) | 587 | pack_sig_ed25519(fido_assert_t *assert, struct sk_sign_response *response) |
@@ -605,8 +615,10 @@ static int | |||
605 | pack_sig(int alg, fido_assert_t *assert, struct sk_sign_response *response) | 615 | pack_sig(int alg, fido_assert_t *assert, struct sk_sign_response *response) |
606 | { | 616 | { |
607 | switch(alg) { | 617 | switch(alg) { |
618 | #ifdef WITH_OPENSSL | ||
608 | case SK_ECDSA: | 619 | case SK_ECDSA: |
609 | return pack_sig_ecdsa(assert, response); | 620 | return pack_sig_ecdsa(assert, response); |
621 | #endif /* WITH_OPENSSL */ | ||
610 | case SK_ED25519: | 622 | case SK_ED25519: |
611 | return pack_sig_ed25519(assert, response); | 623 | return pack_sig_ed25519(assert, response); |
612 | default: | 624 | default: |