PKG_NAME:=afalg_engine
PKG_VERSION:=1.2.0-beta.1
-PKG_RELEASE:=1
+PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/cotequeiroz/afalg_engine/archive/v$(PKG_VERSION)
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
+include $(INCLUDE_DIR)/openssl-engine.mk
-ENGINES_DIR:=engines-1.1
-
+$(eval $(call Package/openssl/add-engine,afalg,libopenssl-afalg_sync))
define Package/libopenssl-afalg_sync
- SECTION:=libs
- CATEGORY:=Libraries
- SUBMENU:=SSL
- MDEPENDS:=libopenssl
+ $(call Package/openssl/engine/Default)
TITLE:=AF_ALG engine using sync crypto API
URL:=https://github.com/cotequeiroz/afalg_engine
- DEPENDS:=libopenssl @OPENSSL_ENGINE @!OPENSSL_ENGINE_BUILTIN_AFALG \
- +libopenssl-conf +kmod-crypto-user
+ DEPENDS += @!OPENSSL_ENGINE_BUILTIN_AFALG +kmod-crypto-user
CONFLICTS:=libopenssl-afalg $(if $(CONFIG_AFALG_FALLBACK),libopenssl-devcrypto)
MENU:=1
endef
-DUPDATE_CTR_IV=$(if $(CONFIG_AFALG_UPDATE_CTR_IV),ON,OFF) \
-DUSE_ZERO_COPY=$(if $(CONFIG_AFALG_ZERO_COPY),ON,OFF)
-define Package/libopenssl-afalg_sync/install
- $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR)
- $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/afalg.so \
- $(1)/usr/lib/$(ENGINES_DIR)/
-endef
-
$(eval $(call BuildPackage,libopenssl-afalg_sync))
--- /dev/null
+[afalg]
+# Leave this alone and configure algorithms with CIPERS/DIGESTS below
+default_algorithms = ALL
+
+# The following commands are only available if using the alternative
+# (sync) AFALG engine
+# Configuration commands:
+# Run 'openssl engine -t -c -vv -pre DUMP_INFO devcrypto' to see a
+# list of supported algorithms, along with their driver, whether they
+# are hw accelerated or not, and the engine's configuration commands.
+
+# USE_SOFTDRIVERS: specifies whether to use software (not accelerated)
+# drivers (0=use only accelerated drivers, 1=allow all drivers, 2=use
+# if acceleration can't be determined) [default=2]
+#USE_SOFTDRIVERS = 2
+
+# CIPHERS: either ALL, NONE, NO_ECB (all except ECB-mode) or a
+# comma-separated list of ciphers to enable [default=NO_ECB]
+# Starting in 1.2.0, if you use a cipher list, each cipher may be
+# followed by a colon (:) and the minimum request length to use
+# AF_ALG drivers for that cipher; smaller requests are processed by
+# softare; a negative value will use the default for that cipher
+#CIPHERS=AES-128-CBC:1024, AES-256-CBC:768, DES-EDE3-CBC:0
+
+# DIGESTS: either ALL, NONE, or a comma-separated list of digests to
+# enable [default=NONE]
+# It is strongly recommended not to enable digests; their performance
+# is poor, and there are many cases in which they will not work,
+# especially when calling fork with open crypto contexts. Openssh,
+# for example, does this, and you may not be able to login.
+#DIGESTS = NONE
+
projects / feed / packages.git / commitdiff