openwrt/package/libs/wolfssl/Config.in

if PACKAGE_libwolfssl

config WOLFSSL_HAS_AES_CCM
	bool "Include AES-CCM support"
	default y

config WOLFSSL_HAS_CHACHA_POLY
	bool "Include ChaCha20-Poly1305 cipher suite support"
	default y

config WOLFSSL_HAS_DH
	bool "Include DH (Diffie-Hellman) support"
	default y

config WOLFSSL_HAS_ARC4
	bool "Include ARC4 support"
	default y

config WOLFSSL_HAS_CERTGEN
	bool "Include certificate generation support"
	default y

config WOLFSSL_HAS_TLSV10
	bool "Include TLS 1.0 support"
	default y

config WOLFSSL_HAS_TLSV13
	bool "Include TLS 1.3 support"
	default y

config WOLFSSL_HAS_SESSION_TICKET
	bool "Include session ticket support"
	default y

config WOLFSSL_HAS_DTLS
	bool "Include DTLS support"
	default n

config WOLFSSL_HAS_OCSP
	bool "Include OSCP stapling support"
	default y

config WOLFSSL_HAS_WPAS
	bool "Include wpa_supplicant support"
	select WOLFSSL_HAS_ARC4
	select WOLFSSL_HAS_DH
	select WOLFSSL_HAS_OCSP
	select WOLFSSL_HAS_SESSION_TICKET
	default y

config WOLFSSL_HAS_ECC25519
	bool "Include ECC Curve 25519 support"
	default y

config WOLFSSL_HAS_OPENVPN
	bool "Include OpenVPN support"
	default y

config WOLFSSL_ALT_NAMES
	bool "Include SAN (Subject Alternative Name) support"
	default y

config WOLFSSL_HAS_DEVCRYPTO
	bool

config WOLFSSL_ASM_CAPABLE
	bool
	default x86_64 || (aarch64 && !TARGET_bcm27xx)

choice
	prompt "Hardware Acceleration"
	default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE && !TARGET_armvirt
	default WOLFSSL_HAS_NO_HW

	config WOLFSSL_HAS_NO_HW
		bool "None"

	config WOLFSSL_HAS_CPU_CRYPTO
		bool "Use CPU crypto instructions"
		depends on WOLFSSL_ASM_CAPABLE
		help
		This will use Intel AESNI insturctions or armv8 Crypto Extensions.
		Either of them should easily outperform hardware crypto in WolfSSL.

	config WOLFSSL_HAS_AFALG
		bool "AF_ALG"

	config WOLFSSL_HAS_DEVCRYPTO_CBC
		bool "/dev/crytpo - AES-CBC-only"
		select WOLFSSL_HAS_DEVCRYPTO

	config WOLFSSL_HAS_DEVCRYPTO_AES
		bool "/dev/crypto - AES-only (all supported modes)"
		select WOLFSSL_HAS_DEVCRYPTO

	config WOLFSSL_HAS_DEVCRYPTO_FULL
		bool "/dev/crypto - full"
		select WOLFSSL_HAS_DEVCRYPTO
endchoice

endif