diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c index e02b85b0b7eb..9545de5979cb 100644 --- a/lib/crypto/c_src/algorithms.c +++ b/lib/crypto/c_src/algorithms.c @@ -604,12 +604,16 @@ int init_curves(ErlNifEnv* env, int fips) { #endif if (!fips) { -#ifdef HAVE_EDDSA +#ifdef HAVE_ED25519 algo_curve[fips][cnt++] = enif_make_atom(env,"ed25519"); +#endif +#ifdef HAVE_ED448 algo_curve[fips][cnt++] = enif_make_atom(env,"ed448"); #endif -#ifdef HAVE_EDDH +#ifdef HAVE_X25519 algo_curve[fips][cnt++] = enif_make_atom(env,"x25519"); +#endif +#ifdef HAVE_X448 algo_curve[fips][cnt++] = enif_make_atom(env,"x448"); #endif } diff --git a/lib/crypto/c_src/atoms.c b/lib/crypto/c_src/atoms.c index a555ce12604c..2a9dfa74285a 100644 --- a/lib/crypto/c_src/atoms.c +++ b/lib/crypto/c_src/atoms.c @@ -94,19 +94,24 @@ ERL_NIF_TERM atom_rsa; ERL_NIF_TERM atom_dss; ERL_NIF_TERM atom_ecdsa; -#ifdef HAVE_EDDH +#ifdef HAVE_X25519 ERL_NIF_TERM atom_x25519; -ERL_NIF_TERM atom_x448; -ERL_NIF_TERM atom_ed25519; -ERL_NIF_TERM atom_ed448; #endif -ERL_NIF_TERM atom_eddsa; -#ifdef HAVE_EDDSA +#ifdef HAVE_ED25519 ERL_NIF_TERM atom_ed25519; +#endif + +#ifdef HAVE_X448 +ERL_NIF_TERM atom_x448; +#endif + +#ifdef HAVE_ED448 ERL_NIF_TERM atom_ed448; #endif +ERL_NIF_TERM atom_eddsa; + ERL_NIF_TERM atom_rsa_mgf1_md; ERL_NIF_TERM atom_rsa_oaep_label; ERL_NIF_TERM atom_rsa_oaep_md; @@ -221,17 +226,20 @@ int init_atoms(ErlNifEnv *env) { atom_dss = enif_make_atom(env,"dss"); atom_ecdsa = enif_make_atom(env,"ecdsa"); -#ifdef HAVE_EDDH +#ifdef HAVE_X25519 atom_x25519 = enif_make_atom(env,"x25519"); - atom_x448 = enif_make_atom(env,"x448"); - atom_ed25519 = enif_make_atom(env,"ed25519"); - atom_ed448 = enif_make_atom(env,"ed448"); #endif - atom_eddsa = enif_make_atom(env,"eddsa"); -#ifdef HAVE_EDDSA +#ifdef HAVE_ED25519 atom_ed25519 = enif_make_atom(env,"ed25519"); +#endif +#ifdef HAVE_X448 + atom_x448= enif_make_atom(env,"x448"); +#endif +#ifdef HAVE_ED448 atom_ed448 = enif_make_atom(env,"ed448"); #endif + + atom_eddsa = enif_make_atom(env,"eddsa"); atom_rsa_mgf1_md = enif_make_atom(env,"rsa_mgf1_md"); atom_rsa_oaep_label = enif_make_atom(env,"rsa_oaep_label"); atom_rsa_oaep_md = enif_make_atom(env,"rsa_oaep_md"); diff --git a/lib/crypto/c_src/atoms.h b/lib/crypto/c_src/atoms.h index 33f8a5ffaadf..df0b9c00c7ee 100644 --- a/lib/crypto/c_src/atoms.h +++ b/lib/crypto/c_src/atoms.h @@ -98,19 +98,24 @@ extern ERL_NIF_TERM atom_rsa; extern ERL_NIF_TERM atom_dss; extern ERL_NIF_TERM atom_ecdsa; -#ifdef HAVE_EDDH +#ifdef HAVE_X25519 extern ERL_NIF_TERM atom_x25519; -extern ERL_NIF_TERM atom_x448; -extern ERL_NIF_TERM atom_ed25519; -extern ERL_NIF_TERM atom_ed448; #endif -extern ERL_NIF_TERM atom_eddsa; -#ifdef HAVE_EDDSA +#ifdef HAVE_ED25519 extern ERL_NIF_TERM atom_ed25519; +#endif + +#ifdef HAVE_X448 +extern ERL_NIF_TERM atom_x448; +#endif + +#ifdef HAVE_ED448 extern ERL_NIF_TERM atom_ed448; #endif +extern ERL_NIF_TERM atom_eddsa; + extern ERL_NIF_TERM atom_rsa_mgf1_md; extern ERL_NIF_TERM atom_rsa_oaep_label; extern ERL_NIF_TERM atom_rsa_oaep_md; diff --git a/lib/crypto/c_src/eddsa.c b/lib/crypto/c_src/eddsa.c index 83fef6141b21..91945496a41c 100644 --- a/lib/crypto/c_src/eddsa.c +++ b/lib/crypto/c_src/eddsa.c @@ -40,8 +40,10 @@ int get_eddsa_key(ErlNifEnv* env, int public, ERL_NIF_TERM key, EVP_PKEY **pkey) if (algo == atom_ed25519) { type = EVP_PKEY_ED25519; +#ifdef HAVE_ED448 } else if (algo == atom_ed448) { type = EVP_PKEY_ED448; +#endif } else { goto err; } diff --git a/lib/crypto/c_src/evp.c b/lib/crypto/c_src/evp.c index 3a3f384a6026..802ead28e3ea 100644 --- a/lib/crypto/c_src/evp.c +++ b/lib/crypto/c_src/evp.c @@ -37,8 +37,10 @@ ERL_NIF_TERM evp_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar /* Arg 0, Curve */ if (argv[0] == atom_x25519) type = EVP_PKEY_X25519; +#ifdef HAVE_X448 else if (argv[0] == atom_x448) type = EVP_PKEY_X448; +#endif else assign_goto(ret, bad_arg, EXCP_BADARG_N(env, 0, "Bad curve")); @@ -122,12 +124,16 @@ ERL_NIF_TERM evp_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM a if (argv[0] == atom_x25519) type = EVP_PKEY_X25519; +#ifdef HAVE_X448 else if (argv[0] == atom_x448) type = EVP_PKEY_X448; +#endif else if (argv[0] == atom_ed25519) type = EVP_PKEY_ED25519; +#ifdef HAVE_ED448 else if (argv[0] == atom_ed448) type = EVP_PKEY_ED448; +#endif else assign_goto(ret, bad_arg, EXCP_BADARG_N(env, 0, "Bad curve")); diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h index 9ec5f447ef56..0a8af3f1aa5c 100644 --- a/lib/crypto/c_src/openssl_config.h +++ b/lib/crypto/c_src/openssl_config.h @@ -288,10 +288,12 @@ && !defined(HAS_LIBRESSL) \ && defined(HAVE_EC) # ifdef HAVE_DH -# define HAVE_EDDH +# define HAVE_X25519 +# define HAVE_X448 # endif # if OPENSSL_VERSION_NUMBER >= (PACKED_OPENSSL_VERSION_PLAIN(1,1,1)) -# define HAVE_EDDSA +# define HAVE_ED25519 +# define HAVE_ED448 # endif #endif @@ -342,6 +344,8 @@ # if LIBRESSL_VERSION_NUMBER >= 0x3070000fL # define HAVE_CHACHA20_POLY1305 # define HAVE_CHACHA20 +# define HAVE_ED25519 +# define HAVE_X25519 # endif #endif @@ -504,6 +508,14 @@ do { \ # define FIPS_MODE() 0 #endif +#if defined(HAVE_ED448) || defined(HAVE_ED25519) +# define HAVE_EDDSA +#endif + +#if defined(HAVE_X448) || defined(HAVE_X25519) +# define HAVE_EDDH +#endif + #ifdef HAS_3_0_API /* Set CRYPTO_DEVELOP_ERRORS to make error messages more verbose, that is, include the error msg from cryptolib.