forked from Ivasoft/openwrt
wolfssl: add libwolfssl-cpu-crypto package
libwolfssl-cpu-crypto is a variant of libwolfssl with support for cryptographic CPU instructions on x86_64 and aarch64. On aarch64, wolfSSL does not perform run-time detection, so the library will crash when the AES functions are called. A preinst script attempts to check for support by querying /proc/cpuinfo, if installed in a running system. When building an image, the script will check the DISTRIB_TARGET value in /etc/openwrt_release, and will abort installation if target is bcm27xx. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This commit is contained in:
Eneas U de Queiroz
committed by
Christian Marangi
Christian Marangi
parent
94129cbefb
commit
c3e7d86d2b
@@ -1,4 +1,4 @@
|
||||
if PACKAGE_libwolfssl
|
||||
menu "wolfSSL Library Configuration"
|
||||
|
||||
config WOLFSSL_HAS_AES_CCM
|
||||
bool "Include AES-CCM support"
|
||||
@@ -66,38 +66,31 @@ config WOLFSSL_ALT_NAMES
|
||||
config WOLFSSL_HAS_DEVCRYPTO
|
||||
bool
|
||||
|
||||
config WOLFSSL_ASM_CAPABLE
|
||||
bool
|
||||
default x86_64 || (aarch64 && !TARGET_bcm27xx)
|
||||
if PACKAGE_libwolfssl
|
||||
if PACKAGE_libwolfssl-cpu-crypto
|
||||
comment "Hardware Acceleration does not apply to libwolfssl-cpu-crypto"
|
||||
endif
|
||||
choice
|
||||
prompt "Hardware Acceleration"
|
||||
default WOLFSSL_HAS_NO_HW
|
||||
|
||||
choice
|
||||
prompt "Hardware Acceleration"
|
||||
default WOLFSSL_HAS_NO_HW
|
||||
config WOLFSSL_HAS_NO_HW
|
||||
bool "None"
|
||||
|
||||
config WOLFSSL_HAS_NO_HW
|
||||
bool "None"
|
||||
config WOLFSSL_HAS_AFALG
|
||||
bool "AF_ALG"
|
||||
|
||||
config WOLFSSL_HAS_CPU_CRYPTO
|
||||
bool "Use CPU crypto instructions"
|
||||
depends on WOLFSSL_ASM_CAPABLE
|
||||
help
|
||||
This will use Intel AESNI insturctions or armv8 Crypto Extensions.
|
||||
Either of them should easily outperform hardware crypto in WolfSSL.
|
||||
config WOLFSSL_HAS_DEVCRYPTO_CBC
|
||||
bool "/dev/crytpo - AES-CBC-only"
|
||||
select WOLFSSL_HAS_DEVCRYPTO
|
||||
|
||||
config WOLFSSL_HAS_AFALG
|
||||
bool "AF_ALG"
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO_CBC
|
||||
bool "/dev/crytpo - AES-CBC-only"
|
||||
select WOLFSSL_HAS_DEVCRYPTO
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO_AES
|
||||
bool "/dev/crypto - AES-only (all supported modes)"
|
||||
select WOLFSSL_HAS_DEVCRYPTO
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO_FULL
|
||||
bool "/dev/crypto - full"
|
||||
select WOLFSSL_HAS_DEVCRYPTO
|
||||
endchoice
|
||||
config WOLFSSL_HAS_DEVCRYPTO_AES
|
||||
bool "/dev/crypto - AES-only (all supported modes)"
|
||||
select WOLFSSL_HAS_DEVCRYPTO
|
||||
|
||||
config WOLFSSL_HAS_DEVCRYPTO_FULL
|
||||
bool "/dev/crypto - full"
|
||||
select WOLFSSL_HAS_DEVCRYPTO
|
||||
endchoice
|
||||
endif
|
||||
endmenu
|
||||
|
||||
Reference in New Issue
Block a user