-if PACKAGE_libwolfssl
+menu "wolfSSL Library Configuration"
config WOLFSSL_HAS_AES_CCM
bool "Include AES-CCM support"
config WOLFSSL_HAS_DEVCRYPTO
bool
-config WOLFSSL_ASM_CAPABLE
- bool
- default x86_64 || (aarch64 && !TARGET_bcm27xx)
-
-choice
- prompt "Hardware Acceleration"
- default WOLFSSL_HAS_NO_HW
-
- config WOLFSSL_HAS_NO_HW
- bool "None"
-
- config WOLFSSL_HAS_CPU_CRYPTO
- bool "Use CPU crypto instructions"
- depends on WOLFSSL_ASM_CAPABLE
- help
- This will use Intel AESNI insturctions or armv8 Crypto Extensions.
- Either of them should easily outperform hardware crypto in WolfSSL.
-
- config WOLFSSL_HAS_AFALG
- bool "AF_ALG"
-
- config WOLFSSL_HAS_DEVCRYPTO_CBC
- bool "/dev/crytpo - AES-CBC-only"
- select WOLFSSL_HAS_DEVCRYPTO
-
- config WOLFSSL_HAS_DEVCRYPTO_AES
- bool "/dev/crypto - AES-only (all supported modes)"
- select WOLFSSL_HAS_DEVCRYPTO
-
- config WOLFSSL_HAS_DEVCRYPTO_FULL
- bool "/dev/crypto - full"
- select WOLFSSL_HAS_DEVCRYPTO
-endchoice
-
+if PACKAGE_libwolfssl
+ if PACKAGE_libwolfssl-cpu-crypto
+ comment "Hardware Acceleration does not apply to libwolfssl-cpu-crypto"
+ endif
+ choice
+ prompt "Hardware Acceleration"
+ default WOLFSSL_HAS_NO_HW
+
+ config WOLFSSL_HAS_NO_HW
+ bool "None"
+
+ config WOLFSSL_HAS_AFALG
+ bool "AF_ALG"
+
+ config WOLFSSL_HAS_DEVCRYPTO_CBC
+ bool "/dev/crytpo - AES-CBC-only"
+ select WOLFSSL_HAS_DEVCRYPTO
+
+ config WOLFSSL_HAS_DEVCRYPTO_AES
+ bool "/dev/crypto - AES-only (all supported modes)"
+ select WOLFSSL_HAS_DEVCRYPTO
+
+ config WOLFSSL_HAS_DEVCRYPTO_FULL
+ bool "/dev/crypto - full"
+ select WOLFSSL_HAS_DEVCRYPTO
+ endchoice
endif
+endmenu
PKG_CONFIG_DEPENDS+=\
CONFIG_WOLFSSL_HAS_AFALG \
- CONFIG_WOLFSSL_HAS_CPU_CRYPTO \
CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES \
CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC \
CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL
PROVIDES:=libcyassl
DEPENDS:=+WOLFSSL_HAS_DEVCRYPTO:kmod-cryptodev +WOLFSSL_HAS_AFALG:kmod-crypto-user
ABI_VERSION:=$(PKG_ABI_VERSION)
+ VARIANT:=regular
+ DEFAULT_VARIANT:=1
+ CONFLICTS:=libwolfssl-cpu-crypto
endef
define Package/libwolfssl/description
source "$(SOURCE)/Config.in"
endef
+define Package/libwolfssl-cpu-crypto
+$(call Package/libwolfssl/Default)
+ TITLE:=wolfSSL library with AES CPU instructions
+ PROVIDES:=libwolfssl libcyassl
+ DEPENDS:=@((aarch64||x86_64)&&(m||!TARGET_bcm27xx))
+ ABI_VERSION:=$(PKG_ABI_VERSION)
+ VARIANT:=cpu-crypto
+endef
+
define Package/libwolfssl-benchmark
$(call Package/libwolfssl/Default)
TITLE:=wolfSSL Benchmark Utility
DEPENDS:=libwolfssl
endef
+define Package/libwolfssl-cpu-crypto/description
+$(call Package/libwolfssl/description)
+This variant uses AES CPU instructions (Intel AESNI or ARMv8 Crypto Extension)
+endef
+
+define Package/libwolfssl-cpu-crypto/config
+ if TARGET_armvirt && PACKAGE_libwolfssl-cpu-crypto = y
+ comment "You are about to build libwolfssl-cpu-crypto into an armvirt_64 image."
+ comment "Ensure all of your installation targets support the Crypto Extension. "
+ comment "Look for the 'aes' feature in /proc/cpuinfo. This library does not do "
+ comment "run-time detection and will crash if the CPU does not support it. "
+ endif
+ if TARGET_bcm27xx && PACKAGE_libwolfssl-cpu-crypto
+ comment "Beware that libwolfssl-cpu-crypto will not run in a bcm27xx target. "
+ endif
+endef
+
define Package/libwolfssl-benchmark/description
This is the wolfssl benchmark utility.
endef
--$(if $(CONFIG_WOLFSSL_HAS_DTLS),enable,disable)-dtls \
--$(if $(CONFIG_WOLFSSL_HAS_ECC25519),enable,disable)-curve25519 \
--$(if $(CONFIG_WOLFSSL_HAS_ECC448),enable,disable)-curve448 \
+ --$(if $(CONFIG_WOLFSSL_HAS_OPENVPN),enable,disable)-openvpn
+
+ifeq ($(BUILD_VARIANT),regular)
+CONFIGURE_ARGS += \
--$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \
- --$(if $(CONFIG_WOLFSSL_HAS_OPENVPN),enable,disable)-openvpn \
--enable-devcrypto=$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC),cbc\
,$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES),aes\
,$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL),yes,no)))
+else ifdef CONFIG_aarch64
+ CONFIGURE_ARGS += --enable-armasm
+ TARGET_CFLAGS:=$(TARGET_CFLAGS:-mcpu%=-mcpu%+crypto)
+ WOLFSSL_NOASM_REGEX:=^bcm27xx/.*
+ Package/libwolfssl-cpu-crypto/preinst=\
+ $(subst @@WOLFSSL_NOASM_REGEX@@,$(WOLFSSL_NOASM_REGEX),$(file <preinst.arm-ce))
+else ifdef CONFIG_TARGET_x86_64
+ CONFIGURE_ARGS += --enable-intelasm
+endif
ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y)
CONFIGURE_ARGS += \
--enable-wpas --enable-fortress --enable-fastmath
endif
-ifdef CONFIG_WOLFSSL_HAS_CPU_CRYPTO
- ifdef CONFIG_aarch64
- CONFIGURE_ARGS += --enable-armasm
- TARGET_CFLAGS:=$(TARGET_CFLAGS:-mcpu%=-mcpu%+crypto)
- else ifdef CONFIG_TARGET_x86_64
- CONFIGURE_ARGS += --enable-intelasm
- endif
-endif
-
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libwolfssl.so.* $(1)/usr/lib/
endef
+Package/libwolfssl-cpu-crypto/install=$(Package/libwolfssl/install)
+
define Package/libwolfssl-benchmark/install
$(INSTALL_DIR) $(1)/usr/bin
$(CP) $(PKG_BUILD_DIR)/wolfcrypt/benchmark/.libs/benchmark $(1)/usr/bin/wolfssl-benchmark
endef
$(eval $(call BuildPackage,libwolfssl))
+$(eval $(call BuildPackage,libwolfssl-cpu-crypto))
$(eval $(call BuildPackage,libwolfssl-benchmark))
projects / openwrt / staging / stintel.git / commitdiff