define flag at picotls level
diff --git a/include/picotls/openssl.h b/include/picotls/openssl.h
index e528fdd..8e26cf8 100644
--- a/include/picotls/openssl.h
+++ b/include/picotls/openssl.h
@@ -50,6 +50,9 @@
#define PTLS_OPENSSL_HAS_SECP521R1 1 /* deprecated; use HAVE_ */
extern ptls_key_exchange_algorithm_t ptls_openssl_secp521r1;
#endif
+#ifdef EVP_PKEY_ED25519
+#define PTLS_OPENSSL_HAVE_ED25519 1
+#endif
#if defined(NID_X25519) && !defined(LIBRESSL_VERSION_NUMBER)
#define PTLS_OPENSSL_HAVE_X25519 1
#define PTLS_OPENSSL_HAS_X25519 1 /* deprecated; use HAVE_ */
diff --git a/lib/openssl.c b/lib/openssl.c
index d2d5bcc..80613bb 100644
--- a/lib/openssl.c
+++ b/lib/openssl.c
@@ -102,7 +102,7 @@
static const struct st_ptls_openssl_signature_scheme_t secp521r1_signature_schemes[] = {
{PTLS_SIGNATURE_ECDSA_SECP521R1_SHA512, EVP_sha512}, {UINT16_MAX, NULL}};
#endif
-#if defined EVP_PKEY_ED25519
+#if PTLS_OPENSSL_HAVE_ED25519
static const struct st_ptls_openssl_signature_scheme_t ed25519_signature_schemes[] = {{PTLS_SIGNATURE_ED25519, NULL},
{UINT16_MAX, NULL}};
#endif
@@ -111,7 +111,7 @@
* The default list sent in ClientHello.signature_algorithms. ECDSA certificates are preferred.
*/
static const uint16_t default_signature_schemes[] = {
-#if EVP_PKEY_ED25519
+#if PTLS_OPENSSL_HAVE_ED25519
PTLS_SIGNATURE_ED25519,
#endif
PTLS_SIGNATURE_ECDSA_SECP256R1_SHA256,
@@ -155,7 +155,7 @@
}
EC_KEY_free(eckey);
} break;
-#if defined EVP_PKEY_ED25519
+#if PTLS_OPENSSL_HAVE_ED25519
case EVP_PKEY_ED25519:
schemes = ed25519_signature_schemes;
break;
@@ -711,7 +711,7 @@
goto Exit;
}
-#if defined EVP_PKEY_ED25519
+#if PTLS_OPENSSL_HAVE_ED25519
if (EVP_PKEY_id(key) == EVP_PKEY_ED25519) {
/* ED25519 requires the use of the all-at-once function that appeared in OpenSSL 1.1.1, hence different path */
if (EVP_DigestSign(ctx, NULL, &siglen, input.base, input.len) != 1) {
@@ -1092,7 +1092,7 @@
goto Exit;
}
-#if defined EVP_PKEY_ED25519
+#if PTLS_OPENSSL_HAVE_ED25519
if (EVP_PKEY_id(key) == EVP_PKEY_ED25519) {
/* ED25519 requires the use of the all-at-once function that appeared in OpenSSL 1.1.1, hence different path */
if (EVP_DigestVerifyInit(ctx, &pkey_ctx, NULL, NULL, key) != 1) {
diff --git a/t/openssl.c b/t/openssl.c
index 0c5b172..ff47eee 100644
--- a/t/openssl.c
+++ b/t/openssl.c
@@ -182,7 +182,7 @@
static void test_ed25519_sign(void)
{
-#if defined EVP_PKEY_ED25519
+#if PTLS_OPENSSL_HAVE_ED25519
EVP_PKEY *pkey = NULL;
{ /* create pkey */