mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-24 07:46:48 +00:00
d1b5d17d03
The armvirt target is also used to run OpenWrt in lxc on other targets like a Raspberry Pi. If we set WOLFSSL_HAS_CPU_CRYPTO by default the wolfssl binray is only working when the CPU supports the hardware crypto extension. Some targets like the Raspberry Pi do not support the ARM CPU crypto extension, compile wolfssl without it by default. It is still possible to activate it in custom builds. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
105 lines
2.1 KiB
Plaintext
105 lines
2.1 KiB
Plaintext
if PACKAGE_libwolfssl
|
|
|
|
config WOLFSSL_HAS_AES_CCM
|
|
bool "Include AES-CCM support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_CHACHA_POLY
|
|
bool "Include ChaCha20-Poly1305 cipher suite support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_DH
|
|
bool "Include DH (Diffie-Hellman) support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_ARC4
|
|
bool "Include ARC4 support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_CERTGEN
|
|
bool "Include certificate generation support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_TLSV10
|
|
bool "Include TLS 1.0 support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_TLSV13
|
|
bool "Include TLS 1.3 support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_SESSION_TICKET
|
|
bool "Include session ticket support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_DTLS
|
|
bool "Include DTLS support"
|
|
default n
|
|
|
|
config WOLFSSL_HAS_OCSP
|
|
bool "Include OSCP stapling support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_WPAS
|
|
bool "Include wpa_supplicant support"
|
|
select WOLFSSL_HAS_ARC4
|
|
select WOLFSSL_HAS_DH
|
|
select WOLFSSL_HAS_OCSP
|
|
select WOLFSSL_HAS_SESSION_TICKET
|
|
default y
|
|
|
|
config WOLFSSL_HAS_ECC25519
|
|
bool "Include ECC Curve 25519 support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_ECC448
|
|
bool "Include ECC Curve 448 support"
|
|
|
|
config WOLFSSL_HAS_OPENVPN
|
|
bool "Include OpenVPN support"
|
|
default y
|
|
|
|
config WOLFSSL_ALT_NAMES
|
|
bool "Include SAN (Subject Alternative Name) support"
|
|
default y
|
|
|
|
config WOLFSSL_HAS_DEVCRYPTO
|
|
bool
|
|
|
|
config WOLFSSL_ASM_CAPABLE
|
|
bool
|
|
default x86_64 || (aarch64 && !TARGET_bcm27xx)
|
|
|
|
choice
|
|
prompt "Hardware Acceleration"
|
|
default WOLFSSL_HAS_CPU_CRYPTO if WOLFSSL_ASM_CAPABLE && !TARGET_armvirt
|
|
default WOLFSSL_HAS_NO_HW
|
|
|
|
config WOLFSSL_HAS_NO_HW
|
|
bool "None"
|
|
|
|
config WOLFSSL_HAS_CPU_CRYPTO
|
|
bool "Use CPU crypto instructions"
|
|
depends on WOLFSSL_ASM_CAPABLE
|
|
help
|
|
This will use Intel AESNI insturctions or armv8 Crypto Extensions.
|
|
Either of them should easily outperform hardware crypto in WolfSSL.
|
|
|
|
config WOLFSSL_HAS_AFALG
|
|
bool "AF_ALG"
|
|
|
|
config WOLFSSL_HAS_DEVCRYPTO_CBC
|
|
bool "/dev/crytpo - AES-CBC-only"
|
|
select WOLFSSL_HAS_DEVCRYPTO
|
|
|
|
config WOLFSSL_HAS_DEVCRYPTO_AES
|
|
bool "/dev/crypto - AES-only (all supported modes)"
|
|
select WOLFSSL_HAS_DEVCRYPTO
|
|
|
|
config WOLFSSL_HAS_DEVCRYPTO_FULL
|
|
bool "/dev/crypto - full"
|
|
select WOLFSSL_HAS_DEVCRYPTO
|
|
endchoice
|
|
|
|
endif
|