This adds a new backend for libhcrypto: the OpenSSL backend.
Now libhcrypto has these backends:
- hcrypto itself (i.e., the algorithms coded in lib/hcrypto)
- Common Crypto (OS X)
- PKCS#11 (specifically for Solaris, but not Solaris-specific)
- Windows CNG (Windows)
- OpenSSL (generic)
The ./configure --with-openssl=... option no longer disables the use of
hcrypto. Instead it enables the use of OpenSSL as a (and the default)
backend in libhcrypto. The libhcrypto framework is now always used.
OpenSSL should no longer be used directly within Heimdal, except in the
OpenSSL hcrypto backend itself, and files where elliptic curve (EC)
crypto is needed.
Because libhcrypto's EC support is incomplete, we can only use OpenSSL
for EC. Currently that means separating all EC-using code so that it
does not use hcrypto, thus the libhx509/hxtool and PKINIT EC code has
been moved out of the files it used to be in.
Instead of locally defining prototypes for private functions
_krb5_crc_update and _krb5_crc_init_table simply include
krb5-private.h.
Change-Id: Ia7931f8df2e68eb038d112797edfd456ffcdd23a
number (or so davenport tells me). Interesting question, is this
really how it worked, not that the first 4 bytes is a nonce/iv to hide
first bytes of the rc4 stream, in the end it doesn't matter, it fact
the bits didn't even need to go over the network.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19454 ec53bebd-3082-4978-b11e-865c3cabbd6b
