When building evp-openssl.c without support for OpenSSL it is necessary
to include evp-hcrypto.h to define the HCRYPTO_FALLBACK functions.
Change-Id: Ifd51f9fcd2b1805a534a9f88992162818afffe7d
The Windows and PKCS#11 backends do this. The Common Crypto (OS X)
backend does not. Ideally this should be a ./configure option, and that
might be the next step, but right now we need this fallback in order to
get tests passing in Travis-CI.
This adds a new backend for libhcrypto: the OpenSSL backend.
Now libhcrypto has these backends:
- hcrypto itself (i.e., the algorithms coded in lib/hcrypto)
- Common Crypto (OS X)
- PKCS#11 (specifically for Solaris, but not Solaris-specific)
- Windows CNG (Windows)
- OpenSSL (generic)
The ./configure --with-openssl=... option no longer disables the use of
hcrypto. Instead it enables the use of OpenSSL as a (and the default)
backend in libhcrypto. The libhcrypto framework is now always used.
OpenSSL should no longer be used directly within Heimdal, except in the
OpenSSL hcrypto backend itself, and files where elliptic curve (EC)
crypto is needed.
Because libhcrypto's EC support is incomplete, we can only use OpenSSL
for EC. Currently that means separating all EC-using code so that it
does not use hcrypto, thus the libhx509/hxtool and PKINIT EC code has
been moved out of the files it used to be in.
