erlang · sverker · Dec 16, 2024 · Dec 3, 2024
diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c
@@ -604,12 +604,16 @@ int init_curves(ErlNifEnv* env, int fips) {
 #endif
 
     if (!fips) {
-#ifdef HAVE_EDDSA
+#ifdef HAVE_ED25519
         algo_curve[fips][cnt++] = enif_make_atom(env,"ed25519");
+#endif
+#ifdef HAVE_ED448
         algo_curve[fips][cnt++] = enif_make_atom(env,"ed448");
 #endif
-#ifdef HAVE_EDDH
+#ifdef HAVE_X25519
         algo_curve[fips][cnt++] = enif_make_atom(env,"x25519");
+#endif
+#ifdef HAVE_X448
         algo_curve[fips][cnt++] = enif_make_atom(env,"x448");
 #endif
     }

diff --git a/lib/crypto/c_src/atoms.c b/lib/crypto/c_src/atoms.c
@@ -94,19 +94,24 @@ ERL_NIF_TERM atom_rsa;
 ERL_NIF_TERM atom_dss;
 ERL_NIF_TERM atom_ecdsa;
 
-#ifdef HAVE_EDDH
+#ifdef HAVE_X25519
 ERL_NIF_TERM atom_x25519;
-ERL_NIF_TERM atom_x448;
-ERL_NIF_TERM atom_ed25519;
-ERL_NIF_TERM atom_ed448;
 #endif
 
-ERL_NIF_TERM atom_eddsa;
-#ifdef HAVE_EDDSA
+#ifdef HAVE_ED25519
 ERL_NIF_TERM atom_ed25519;
+#endif
+
+#ifdef HAVE_X448
+ERL_NIF_TERM atom_x448;
+#endif
+
+#ifdef HAVE_ED448
 ERL_NIF_TERM atom_ed448;
 #endif
 
+ERL_NIF_TERM atom_eddsa;
+
 ERL_NIF_TERM atom_rsa_mgf1_md;
 ERL_NIF_TERM atom_rsa_oaep_label;
 ERL_NIF_TERM atom_rsa_oaep_md;
@@ -221,17 +226,20 @@ int init_atoms(ErlNifEnv *env) {
     atom_dss = enif_make_atom(env,"dss");
     atom_ecdsa = enif_make_atom(env,"ecdsa");
 
-#ifdef HAVE_EDDH
+#ifdef HAVE_X25519
     atom_x25519 = enif_make_atom(env,"x25519");
-    atom_x448 = enif_make_atom(env,"x448");
-    atom_ed25519 = enif_make_atom(env,"ed25519");
-    atom_ed448 = enif_make_atom(env,"ed448");
 #endif
-    atom_eddsa = enif_make_atom(env,"eddsa");
-#ifdef HAVE_EDDSA
+#ifdef HAVE_ED25519
     atom_ed25519 = enif_make_atom(env,"ed25519");
+#endif
+#ifdef HAVE_X448
+    atom_x448= enif_make_atom(env,"x448");
+#endif
+#ifdef HAVE_ED448
     atom_ed448 = enif_make_atom(env,"ed448");
 #endif
+
+    atom_eddsa = enif_make_atom(env,"eddsa");
     atom_rsa_mgf1_md = enif_make_atom(env,"rsa_mgf1_md");
     atom_rsa_oaep_label = enif_make_atom(env,"rsa_oaep_label");
     atom_rsa_oaep_md = enif_make_atom(env,"rsa_oaep_md");

diff --git a/lib/crypto/c_src/atoms.h b/lib/crypto/c_src/atoms.h
@@ -98,19 +98,24 @@ extern ERL_NIF_TERM atom_rsa;
 extern ERL_NIF_TERM atom_dss;
 extern ERL_NIF_TERM atom_ecdsa;
 
-#ifdef HAVE_EDDH
+#ifdef HAVE_X25519
 extern ERL_NIF_TERM atom_x25519;
-extern ERL_NIF_TERM atom_x448;
-extern ERL_NIF_TERM atom_ed25519;
-extern ERL_NIF_TERM atom_ed448;
 #endif
 
-extern ERL_NIF_TERM atom_eddsa;
-#ifdef HAVE_EDDSA
+#ifdef HAVE_ED25519
 extern ERL_NIF_TERM atom_ed25519;
+#endif
+
+#ifdef HAVE_X448
+extern ERL_NIF_TERM atom_x448;
+#endif
+
+#ifdef HAVE_ED448
 extern ERL_NIF_TERM atom_ed448;
 #endif
 
+extern ERL_NIF_TERM atom_eddsa;
+
 extern ERL_NIF_TERM atom_rsa_mgf1_md;
 extern ERL_NIF_TERM atom_rsa_oaep_label;
 extern ERL_NIF_TERM atom_rsa_oaep_md;

diff --git a/lib/crypto/c_src/eddsa.c b/lib/crypto/c_src/eddsa.c
@@ -40,8 +40,10 @@ int get_eddsa_key(ErlNifEnv* env, int public, ERL_NIF_TERM key, EVP_PKEY **pkey)
 
     if (algo == atom_ed25519) {
         type = EVP_PKEY_ED25519;
+#ifdef HAVE_ED448
     } else if (algo == atom_ed448) {
         type = EVP_PKEY_ED448;
+#endif
     } else {
         goto err;
     }

diff --git a/lib/crypto/c_src/evp.c b/lib/crypto/c_src/evp.c
@@ -37,8 +37,10 @@ ERL_NIF_TERM evp_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar
     /* Arg 0, Curve */
     if (argv[0] == atom_x25519)
         type = EVP_PKEY_X25519;
+#ifdef HAVE_X448
     else if (argv[0] == atom_x448)
         type = EVP_PKEY_X448;
+#endif
     else
         assign_goto(ret, bad_arg, EXCP_BADARG_N(env, 0, "Bad curve"));
 
@@ -122,12 +124,16 @@ ERL_NIF_TERM evp_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM a
 
     if (argv[0] == atom_x25519)
         type = EVP_PKEY_X25519;
+#ifdef HAVE_X448
     else if (argv[0] == atom_x448)
         type = EVP_PKEY_X448;
+#endif
     else if (argv[0] == atom_ed25519)
         type = EVP_PKEY_ED25519;
+#ifdef HAVE_ED448
     else if (argv[0] == atom_ed448)
         type = EVP_PKEY_ED448;
+#endif
     else
         assign_goto(ret, bad_arg, EXCP_BADARG_N(env, 0, "Bad curve"));
 

diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h
@@ -288,10 +288,12 @@
     && !defined(HAS_LIBRESSL) \
     && defined(HAVE_EC)
 # ifdef HAVE_DH
-#   define HAVE_EDDH
+#   define HAVE_X25519
+#   define HAVE_X448
 # endif
 # if OPENSSL_VERSION_NUMBER >= (PACKED_OPENSSL_VERSION_PLAIN(1,1,1))
-#   define HAVE_EDDSA
+#   define HAVE_ED25519
+#   define HAVE_ED448
 # endif
 #endif
 
@@ -342,6 +344,8 @@
 # if LIBRESSL_VERSION_NUMBER >= 0x3070000fL
 #   define HAVE_CHACHA20_POLY1305
 #   define HAVE_CHACHA20
+#   define HAVE_ED25519
+#   define HAVE_X25519
 # endif
 #endif
 
@@ -504,6 +508,14 @@ do {                                                    \
 # define FIPS_MODE() 0
 #endif
 
+#if defined(HAVE_ED448) || defined(HAVE_ED25519)
+#  define HAVE_EDDSA
+#endif
+
+#if defined(HAVE_X448) || defined(HAVE_X25519)
+#  define HAVE_EDDH
+#endif
+
 #ifdef HAS_3_0_API
 /* Set CRYPTO_DEVELOP_ERRORS to make error messages more verbose,
    that is, include the error msg from cryptolib.