From cc14523440c99ff970e9a002f600133deab4b5dd Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Mon, 4 Nov 2019 22:13:13 -0500
Subject: [PATCH] Update autoconf to support crypto selection

---
 autoconf.mk.in                |  1 +
 autofiles.sums                |  4 +-
 configure                     | 91 +++++++++++++++++++++++++++++++++++
 configure.ac                  | 72 +++++++++++++++++++++++++++
 libqpdf/QPDFCryptoProvider.cc |  9 +++-
 libqpdf/build.mk              |  2 +
 libqpdf/qpdf/qpdf-config.h.in |  6 +++
 7 files changed, 181 insertions(+), 4 deletions(-)

diff --git a/autoconf.mk.in b/autoconf.mk.in
index a443e1ac..85a97aa8 100644
--- a/autoconf.mk.in
+++ b/autoconf.mk.in
@@ -30,6 +30,7 @@ STRIP=@STRIP@
 OBJDUMP=@OBJDUMP@
 GENDEPS=@GENDEPS@
 LIBTOOL=@LIBTOOL@
+USE_CRYPTO_NATIVE=@USE_CRYPTO_NATIVE@
 DOCBOOKX_DTD=@DOCBOOKX_DTD@
 FOP=@FOP@
 XSLTPROC=@XSLTPROC@
diff --git a/autofiles.sums b/autofiles.sums
index 55627bee..74ee4f26 100644
--- a/autofiles.sums
+++ b/autofiles.sums
@@ -1,6 +1,6 @@
-0e7c13071bce1494783a7da2be2b8805a9c03118e62126162ae551034882d420  configure.ac
+2b5c5a808c353b8df9e28e8cfb1e7d37114a2cad37eaede5bfe4354acae804d0  configure.ac
 d3f9ee6f6f0846888d9a10fd3dad2e4b1258be84205426cf04d7cef02d61dad7  aclocal.m4
-39b7c25e5553cb231b408de5f22b86386e96fb109e2c44371f57c33d4d285725  libqpdf/qpdf/qpdf-config.h.in
+7fc840fce5d372e92aa676e0040213a0f239cc8c01b6d6ef53c82043ceda571a  libqpdf/qpdf/qpdf-config.h.in
 5297971a0ef90bcd5563eb3f7127a032bb76d3ae2af7258bf13479caf8983a60  m4/ax_cxx_compile_stdcxx.m4
 35bc5c645dc42d47f2daeea06f8f3e767c8a1aee6a35eb2b4854fd2ce66c3413  m4/ax_random_device.m4
 37f8897d5f68d7d484e5457832a8f190ddb7507fa2a467cb7ee2be40a4364643  m4/libtool.m4
diff --git a/configure b/configure
index ce7a87de..be0bc3a4 100755
--- a/configure
+++ b/configure
@@ -642,6 +642,8 @@ DOCBOOK_FO
 DOCBOOK_XHTML
 SHOW_FAILED_TEST_OUTPUT
 QPDF_SKIP_TEST_COMPARE_IMAGES
+DEFAULT_CRYPTO
+USE_CRYPTO_NATIVE
 CXXWFLAGS
 WFLAGS
 BUILDRULES
@@ -776,6 +778,9 @@ enable_ld_version_script
 with_buildrules
 enable_werror
 enable_int_warnings
+enable_implicit_crypto
+enable_crypto_native
+with_default_crypto
 enable_test_compare_images
 enable_show_failed_test_output
 with_docbook_xsl
@@ -1456,6 +1461,11 @@ Optional Features:
   --enable-werror         whether to treat warnings as errors (default is no)
   --enable-int-warnings   whether to turn on integer type warnings (default is
                           yes)
+  --enable-implicit-crypto
+                          whether to enable available crypto providers that
+                          are not explicitly requested; true by default
+  --enable-crypto-native  whether to include support for native crypto
+                          provider
   --enable-test-compare-images
                           whether to compare images in test suite; disabled by
                           default, enabling requires ghostscript and tiffcmp
@@ -1491,6 +1501,9 @@ Optional Packages:
                           QPDF_LARGE_FILE_TEST_PATH environment variable to
                           the path before running the test suite.
   --with-buildrules=rules which build rules to use; see README.md
+  --with-default-crypto=provider
+                          which crypto provider to use by default; see
+                          README.md
   --with-docbook-xsl=DIR  location of docbook 4.x xml stylesheets
   --with-docbookx-dtd=FILE
                           location of docbook 4.x xml DTD
@@ -17569,6 +17582,84 @@ $as_echo "no" >&6; }
 fi
 
 
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for whether to use implicit crypto" >&5
+$as_echo_n "checking for whether to use implicit crypto... " >&6; }
+# Check whether --enable-implicit-crypto was given.
+if test "${enable_implicit_crypto+set}" = set; then :
+  enableval=$enable_implicit_crypto; if test "$enableval" = "yes"; then
+      IMPLICIT_CRYPTO=1
+    else
+      IMPLICIT_CRYPTO=0
+    fi
+else
+  IMPLICIT_CRYPTO=1
+fi
+
+if test "$IMPLICIT_CRYPTO" = "1"; then
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+# Check whether --enable-crypto-native was given.
+if test "${enable_crypto_native+set}" = set; then :
+  enableval=$enable_crypto_native; if test "$enableval" = "yes"; then
+      USE_CRYPTO_NATIVE=1
+    else
+      USE_CRYPTO_NATIVE=0
+    fi
+else
+  USE_CRYPTO_NATIVE=$IMPLICIT_CRYPTO
+fi
+
+if test "$USE_CRYPTO_NATIVE" = "1"; then
+
+$as_echo "#define USE_CRYPTO_NATIVE 1" >>confdefs.h
+
+  DEFAULT_CRYPTO=native
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which crypto to use by default" >&5
+$as_echo_n "checking which crypto to use by default... " >&6; }
+
+
+# Check whether --with-default-crypto was given.
+if test "${with_default_crypto+set}" = set; then :
+  withval=$with_default_crypto; DEFAULT_CRYPTO=$withval
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $DEFAULT_CRYPTO" >&5
+$as_echo "$DEFAULT_CRYPTO" >&6; }
+
+cat >>confdefs.h <<_ACEOF
+#define DEFAULT_CRYPTO "$DEFAULT_CRYPTO"
+_ACEOF
+
+
+
+bad_crypto=0
+case "$DEFAULT_CRYPTO" in
+  "native")
+    if test "$USE_CRYPTO_NATIVE" != "1"; then
+      bad_crypto=1
+    fi
+  ;;
+  *)
+    bad_crypto=1
+  ;;
+esac
+if test "$bad_crypto" = "1"; then
+  as_fn_error $? "Unsupported default crypto: $DEFAULT_CRYPTO" "$LINENO" 5
+fi
+
+
+
 # Check whether --enable-test-compare-images was given.
 if test "${enable_test_compare_images+set}" = set; then :
   enableval=$enable_test_compare_images; if test "$enableval" = "no"; then
diff --git a/configure.ac b/configure.ac
index c934b31a..d7223d06 100644
--- a/configure.ac
+++ b/configure.ac
@@ -465,6 +465,78 @@ else
    AC_MSG_RESULT(no)
 fi
 
+dnl BEGIN CRYPTO
+
+dnl By default, we build in support for every crypto provider that we
+dnl can. If implicit crypto is disabled, we don't build support for
+dnl any crypto that is not explicitly enabled. Test for various crypto
+dnl providers in increasing order of priority. The last one found
+dnl becomes the default unless a default is explicitly specified.
+
+AC_MSG_CHECKING(for whether to use implicit crypto)
+AC_ARG_ENABLE(implicit-crypto,
+   AS_HELP_STRING([--enable-implicit-crypto],
+		  [whether to enable available crypto providers that are not explicitly requested; true by default]),
+   [if test "$enableval" = "yes"; then
+      IMPLICIT_CRYPTO=1
+    else
+      IMPLICIT_CRYPTO=0
+    fi],
+   [IMPLICIT_CRYPTO=1])
+if test "$IMPLICIT_CRYPTO" = "1"; then
+   AC_MSG_RESULT(yes)
+else
+   AC_MSG_RESULT(no)
+fi
+
+dnl Native crypto is always available unless explicitly disabled.
+
+AC_SUBST(USE_CRYPTO_NATIVE)
+AC_ARG_ENABLE(crypto-native,
+   AS_HELP_STRING([--enable-crypto-native],
+                  [whether to include support for native crypto provider]),
+   [if test "$enableval" = "yes"; then
+      USE_CRYPTO_NATIVE=1
+    else
+      USE_CRYPTO_NATIVE=0
+    fi],
+   [USE_CRYPTO_NATIVE=$IMPLICIT_CRYPTO])
+if test "$USE_CRYPTO_NATIVE" = "1"; then
+  AC_DEFINE([USE_CRYPTO_NATIVE], 1, [Whether to use the native crypto provider])
+  DEFAULT_CRYPTO=native
+fi
+
+dnl Allow the default crypto provider to be specified explicitly.
+
+AC_MSG_CHECKING(which crypto to use by default)
+AC_SUBST(DEFAULT_CRYPTO)
+AC_ARG_WITH(default-crypto,
+   AS_HELP_STRING([--with-default-crypto=provider],
+		  [which crypto provider to use by default; see README.md]),
+   [DEFAULT_CRYPTO=$withval],
+   [])
+AC_MSG_RESULT($DEFAULT_CRYPTO)
+AC_DEFINE_UNQUOTED([DEFAULT_CRYPTO], "$DEFAULT_CRYPTO", [Default crypto provider])
+
+dnl Make sure the default crypto provider is actually being built.
+
+bad_crypto=0
+case "$DEFAULT_CRYPTO" in
+  "native")
+    if test "$USE_CRYPTO_NATIVE" != "1"; then
+      bad_crypto=1
+    fi
+  ;;
+  *)
+    bad_crypto=1
+  ;;
+esac
+if test "$bad_crypto" = "1"; then
+  AC_MSG_ERROR(Unsupported default crypto: $DEFAULT_CRYPTO)
+fi
+
+dnl END CRYPTO
+
 AC_SUBST(QPDF_SKIP_TEST_COMPARE_IMAGES)
 AC_ARG_ENABLE(test-compare-images,
    AS_HELP_STRING([--enable-test-compare-images],
diff --git a/libqpdf/QPDFCryptoProvider.cc b/libqpdf/QPDFCryptoProvider.cc
index 8d795534..58712f54 100644
--- a/libqpdf/QPDFCryptoProvider.cc
+++ b/libqpdf/QPDFCryptoProvider.cc
@@ -1,7 +1,10 @@
 #include <qpdf/QPDFCryptoProvider.hh>
+#include <qpdf/qpdf-config.h>
 #include <stdexcept>
 
-#include <qpdf/QPDFCrypto_native.hh>
+#ifdef USE_CRYPTO_NATIVE
+# include <qpdf/QPDFCrypto_native.hh>
+#endif
 
 std::shared_ptr<QPDFCryptoImpl>
 QPDFCryptoProvider::getImpl()
@@ -37,8 +40,10 @@ QPDFCryptoProvider::setDefaultProvider(std::string const& name)
 QPDFCryptoProvider::QPDFCryptoProvider() :
     m(std::make_shared<Members>())
 {
+#ifdef USE_CRYPTO_NATIVE
     registerImpl_internal<QPDFCrypto_native>("native");
-    setDefaultProvider_internal("native");
+#endif
+    setDefaultProvider_internal(DEFAULT_CRYPTO);
 }
 
 QPDFCryptoProvider&
diff --git a/libqpdf/build.mk b/libqpdf/build.mk
index 24ff682d..7e5f4aa3 100644
--- a/libqpdf/build.mk
+++ b/libqpdf/build.mk
@@ -90,7 +90,9 @@ SRCS_libqpdf = \
 	libqpdf/SparseOHArray.cc \
 	libqpdf/qpdf-c.cc
 
+ifeq ($(USE_CRYPTO_NATIVE), 1)
 SRCS_libqpdf += $(CRYPTO_NATIVE)
+endif
 
 # -----
 
diff --git a/libqpdf/qpdf/qpdf-config.h.in b/libqpdf/qpdf/qpdf-config.h.in
index 4eeff555..20441efd 100644
--- a/libqpdf/qpdf/qpdf-config.h.in
+++ b/libqpdf/qpdf/qpdf-config.h.in
@@ -3,6 +3,9 @@
 /* Whether to avoid use of HANDLE in Windows */
 #undef AVOID_WINDOWS_HANDLE
 
+/* Default crypto provider */
+#undef DEFAULT_CRYPTO
+
 /* define if the compiler supports basic C++11 syntax */
 #undef HAVE_CXX11
 
@@ -81,6 +84,9 @@
 /* Define to 1 if you have the ANSI C header files. */
 #undef STDC_HEADERS
 
+/* Whether to use the native crypto provider */
+#undef USE_CRYPTO_NATIVE
+
 /* Whether to use insecure random numbers */
 #undef USE_INSECURE_RANDOM