mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-24 07:46:48 +00:00
975036f6f9
Building openssl with OPENSSL_SMALL_FOOTPRINT yelds only from 1% to 3% decrease in size, dropping performance from 2% to 91%, depending on the target and algorithm. For example, using AES256-GCM with 1456-bytes operations, X86_64 appears to be the least affected with 2% performance penalty and 1% reduction in size; mips drops performance by 13%, size by 3%; Arm drops 29% in performance, 2% in size. On aarch64, it slows down ghash so much that I consider it broken (-91%). SMALL_FOOTPRINT will reduce AES256-GCM performance by 88%, and size by only 1%. It makes an AES-capable CPU run AES128-GCM at 35% of the speed of Chacha20-Poly1305: Block-size=1456 bytes AES256-GCM AES128-GCM ChaCha20-Poly1305 SMALL_FOOTPRINT 62014.44 65063.23 177090.50 regular 504220.08 565630.28 182706.16 OpenSSL 1.1.1 numbers are about the same, so this should have been noticed a long time ago. This creates an option to use OPENSSL_SMALL_FOOTPRINT, but it is turned off by default unless SMALL_FLASH or LOW_MEMORY_FOOTPRINT is used. Compiling with -O3 instead of -Os, for comparison, will increase size by about 14-15%, with no measureable effect on AES256-GCM performance, and about 2% increase in Chacha20-Poly1305 performance on Aarch64. There are no Arm devices with the small flash feature, so drop the conditional default. The package is built on phase2, so even if we include an Arm device with small flash later, a no-asm library would have to be built from source anyway. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
293 lines
8.8 KiB
Plaintext
293 lines
8.8 KiB
Plaintext
if PACKAGE_libopenssl
|
|
|
|
comment "Build Options"
|
|
|
|
config OPENSSL_OPTIMIZE_SPEED
|
|
bool
|
|
default y if x86_64 || i386
|
|
prompt "Enable optimization for speed instead of size"
|
|
select OPENSSL_WITH_ASM
|
|
help
|
|
Enabling this option increases code size and performance.
|
|
The increase in performance and size depends on the
|
|
target CPU. EC and AES seem to benefit the most.
|
|
|
|
config OPENSSL_SMALL_FOOTPRINT
|
|
bool
|
|
depends on !OPENSSL_OPTIMIZE_SPEED
|
|
default y if SMALL_FLASH || LOW_MEMORY_FOOTPRINT
|
|
prompt "Build with OPENSSL_SMALL_FOOTPRINT (read help)"
|
|
help
|
|
This turns on -DOPENSSL_SMALL_FOOTPRINT. This will save only
|
|
1-3% of of the ipk size. The performance drop depends on
|
|
architecture and algorithm. MIPS drops 13% of performance for
|
|
a 3% decrease in ipk size. On Aarch64, for a 1% reduction in
|
|
size, ghash and GCM performance decreases 90%, while
|
|
Chacha20-Poly1305 is 15% slower. X86_64 drops 1% of its size
|
|
for 3% of performance. Other arches have not been tested.
|
|
|
|
config OPENSSL_WITH_ASM
|
|
bool
|
|
default y
|
|
prompt "Compile with optimized assembly code"
|
|
depends on !arc
|
|
help
|
|
Disabling this option will reduce code size and performance.
|
|
The increase in performance and size depends on the target
|
|
CPU and on the algorithms being optimized.
|
|
|
|
config OPENSSL_WITH_SSE2
|
|
bool
|
|
default y if !TARGET_x86_legacy && !TARGET_x86_geode
|
|
prompt "Enable use of x86 SSE2 instructions"
|
|
depends on OPENSSL_WITH_ASM && i386
|
|
help
|
|
Use of SSE2 instructions greatly increase performance with a
|
|
minimum increase in package size, but it will bring no benefit
|
|
if your hardware does not support them, such as Geode GX and LX.
|
|
AMD Geode NX, and Intel Pentium 4 and above support SSE2.
|
|
|
|
config OPENSSL_WITH_DEPRECATED
|
|
bool
|
|
default y
|
|
prompt "Include deprecated APIs"
|
|
help
|
|
This drops all deprecated API, including engine support.
|
|
|
|
config OPENSSL_NO_DEPRECATED
|
|
bool
|
|
default !OPENSSL_WITH_DEPRECATED
|
|
|
|
config OPENSSL_WITH_ERROR_MESSAGES
|
|
bool
|
|
default y if !OPENSSL_SMALL_FOOTPRINT || (!SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
|
|
prompt "Include error messages"
|
|
help
|
|
This option aids debugging, but increases package size and
|
|
memory usage.
|
|
|
|
comment "Protocol Support"
|
|
|
|
config OPENSSL_WITH_TLS13
|
|
bool
|
|
default y
|
|
prompt "Enable support for TLS 1.3"
|
|
help
|
|
TLS 1.3 is the newest version of the TLS specification.
|
|
It aims:
|
|
* to increase the overall security of the protocol,
|
|
removing outdated algorithms, and encrypting more of the
|
|
protocol;
|
|
* to increase performance by reducing the number of round-trips
|
|
when performing a full handshake.
|
|
|
|
config OPENSSL_WITH_DTLS
|
|
bool
|
|
prompt "Enable DTLS support"
|
|
help
|
|
Datagram Transport Layer Security (DTLS) provides TLS-like security
|
|
for datagram-based (UDP, DCCP, CAPWAP, SCTP & SRTP) applications.
|
|
|
|
config OPENSSL_WITH_NPN
|
|
bool
|
|
prompt "Enable NPN support"
|
|
help
|
|
NPN is a TLS extension, obsoleted and replaced with ALPN,
|
|
used to negotiate SPDY, and HTTP/2.
|
|
|
|
config OPENSSL_WITH_SRP
|
|
bool
|
|
default y
|
|
prompt "Enable SRP support"
|
|
help
|
|
The Secure Remote Password protocol (SRP) is an augmented
|
|
password-authenticated key agreement (PAKE) protocol, specifically
|
|
designed to work around existing patents.
|
|
|
|
config OPENSSL_WITH_CMS
|
|
bool
|
|
default y
|
|
prompt "Enable CMS (RFC 5652) support"
|
|
help
|
|
Cryptographic Message Syntax (CMS) is used to digitally sign,
|
|
digest, authenticate, or encrypt arbitrary message content.
|
|
|
|
comment "Algorithm Selection"
|
|
|
|
config OPENSSL_WITH_EC2M
|
|
bool
|
|
prompt "Enable ec2m support"
|
|
help
|
|
This option enables the more efficient, yet less common, binary
|
|
field elliptic curves.
|
|
|
|
config OPENSSL_WITH_CHACHA_POLY1305
|
|
bool
|
|
default y
|
|
prompt "Enable ChaCha20-Poly1305 ciphersuite support"
|
|
help
|
|
ChaCha20-Poly1305 is an AEAD ciphersuite with 256-bit keys,
|
|
combining ChaCha stream cipher with Poly1305 MAC.
|
|
It is 3x faster than AES, when not using a CPU with AES-specific
|
|
instructions, as is the case of most embedded devices.
|
|
|
|
config OPENSSL_PREFER_CHACHA_OVER_GCM
|
|
bool
|
|
default y if !x86_64 && !aarch64
|
|
prompt "Prefer ChaCha20-Poly1305 over AES-GCM by default"
|
|
depends on OPENSSL_WITH_CHACHA_POLY1305
|
|
help
|
|
The default openssl preference is for AES-GCM before ChaCha, but
|
|
that takes into account AES-NI capable chips. It is not the
|
|
case with most embedded chips, so it may be better to invert
|
|
that preference. This is just for the default case. The
|
|
application can always override this.
|
|
|
|
config OPENSSL_WITH_PSK
|
|
bool
|
|
default y
|
|
prompt "Enable PSK support"
|
|
help
|
|
Build support for Pre-Shared Key based cipher suites.
|
|
|
|
comment "Less commonly used build options"
|
|
|
|
config OPENSSL_WITH_ARIA
|
|
bool
|
|
prompt "Enable ARIA support"
|
|
help
|
|
ARIA is a block cipher developed in South Korea, based on AES.
|
|
|
|
config OPENSSL_WITH_CAMELLIA
|
|
bool
|
|
prompt "Enable Camellia cipher support"
|
|
help
|
|
Camellia is a bock cipher with security levels and processing
|
|
abilities comparable to AES.
|
|
|
|
config OPENSSL_WITH_IDEA
|
|
bool
|
|
prompt "Enable IDEA cipher support"
|
|
help
|
|
IDEA is a block cipher with 128-bit keys.
|
|
|
|
config OPENSSL_WITH_SEED
|
|
bool
|
|
prompt "Enable SEED cipher support"
|
|
help
|
|
SEED is a block cipher with 128-bit keys broadly used in
|
|
South Korea, but seldom found elsewhere.
|
|
|
|
config OPENSSL_WITH_SM234
|
|
bool
|
|
prompt "Enable SM2/3/4 algorithms support"
|
|
help
|
|
These algorithms are a set of "Commercial Cryptography"
|
|
algorithms approved for use in China.
|
|
* SM2 is an EC algorithm equivalent to ECDSA P-256
|
|
* SM3 is a hash function equivalent to SHA-256
|
|
* SM4 is a 128-block cipher equivalent to AES-128
|
|
|
|
config OPENSSL_WITH_BLAKE2
|
|
bool
|
|
prompt "Enable BLAKE2 digest support"
|
|
help
|
|
BLAKE2 is a cryptographic hash function based on the ChaCha
|
|
stream cipher.
|
|
|
|
config OPENSSL_WITH_MDC2
|
|
bool
|
|
prompt "Enable MDC2 digest support"
|
|
|
|
config OPENSSL_WITH_WHIRLPOOL
|
|
bool
|
|
prompt "Enable Whirlpool digest support"
|
|
|
|
config OPENSSL_WITH_COMPRESSION
|
|
bool
|
|
prompt "Enable compression support"
|
|
help
|
|
TLS compression is not recommended, as it is deemed insecure.
|
|
The CRIME attack exploits this weakness.
|
|
Even with this option turned on, it is disabled by default, and the
|
|
application must explicitly turn it on.
|
|
|
|
config OPENSSL_WITH_RFC3779
|
|
bool
|
|
prompt "Enable RFC3779 support (BGP)"
|
|
help
|
|
RFC 3779 defines two X.509 v3 certificate extensions. The first
|
|
binds a list of IP address blocks, or prefixes, to the subject of a
|
|
certificate. The second binds a list of autonomous system
|
|
identifiers to the subject of a certificate. These extensions may be
|
|
used to convey the authorization of the subject to use the IP
|
|
addresses and autonomous system identifiers contained in the
|
|
extensions.
|
|
|
|
comment "Engine/Hardware Support"
|
|
|
|
config OPENSSL_ENGINE
|
|
bool "Enable engine support"
|
|
select OPENSSL_WITH_DEPRECATED
|
|
default y
|
|
help
|
|
This enables alternative cryptography implementations,
|
|
most commonly for interfacing with external crypto devices,
|
|
or supporting new/alternative ciphers and digests.
|
|
If you compile the library with this option disabled, packages built
|
|
using an engine-enabled library (i.e. from the official repo) may
|
|
fail to run. Compile and install the packages with engine support
|
|
disabled, and you should be fine.
|
|
Note that you need to enable KERNEL_AIO to be able to build the
|
|
afalg engine package.
|
|
|
|
config OPENSSL_ENGINE_BUILTIN
|
|
bool "Build chosen engines into libcrypto"
|
|
depends on OPENSSL_ENGINE
|
|
help
|
|
This builds all chosen engines into libcrypto.so, instead of building
|
|
them as dynamic engines in separate packages.
|
|
The benefit of building the engines into libcrypto is that they won't
|
|
require any configuration to be used by default.
|
|
|
|
config OPENSSL_ENGINE_BUILTIN_AFALG
|
|
bool
|
|
prompt "Acceleration support through AF_ALG sockets engine"
|
|
depends on OPENSSL_ENGINE_BUILTIN && KERNEL_AIO
|
|
select PACKAGE_libopenssl-conf
|
|
help
|
|
This enables use of hardware acceleration through the
|
|
AF_ALG kernel interface.
|
|
|
|
config OPENSSL_ENGINE_BUILTIN_DEVCRYPTO
|
|
bool
|
|
prompt "Acceleration support through /dev/crypto"
|
|
depends on OPENSSL_ENGINE_BUILTIN
|
|
select PACKAGE_libopenssl-conf
|
|
help
|
|
This enables use of hardware acceleration through OpenBSD
|
|
Cryptodev API (/dev/crypto) interface.
|
|
Even though configuration is not strictly needed, it is worth seeing
|
|
https://openwrt.org/docs/techref/hardware/cryptographic.hardware.accelerators
|
|
for information on how to configure the engine.
|
|
|
|
config OPENSSL_ENGINE_BUILTIN_PADLOCK
|
|
bool
|
|
prompt "VIA Padlock Acceleration support engine"
|
|
depends on OPENSSL_ENGINE_BUILTIN && TARGET_x86
|
|
select PACKAGE_libopenssl-conf
|
|
help
|
|
This enables use of hardware acceleration through the
|
|
VIA Padlock module.
|
|
|
|
config OPENSSL_WITH_ASYNC
|
|
bool
|
|
prompt "Enable asynchronous jobs support"
|
|
depends on OPENSSL_ENGINE && USE_GLIBC
|
|
help
|
|
Enables async-aware applications to be able to use OpenSSL to
|
|
initiate crypto operations asynchronously. In order to work
|
|
this will require the presence of an async capable engine.
|
|
|
|
endif
|