diff --git a/libs/afalg_engine/Makefile b/libs/afalg_engine/Makefile index c312c4a88..2dc5af7a1 100644 --- a/libs/afalg_engine/Makefile +++ b/libs/afalg_engine/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=afalg_engine PKG_VERSION:=1.2.0-beta.1 -PKG_RELEASE:=1 +PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/cotequeiroz/afalg_engine/archive/v$(PKG_VERSION) @@ -25,18 +25,14 @@ PKG_CONFIG_DEPENDS:= \ include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/cmake.mk +include $(INCLUDE_DIR)/openssl-engine.mk -ENGINES_DIR:=engines-1.1 - +$(eval $(call Package/openssl/add-engine,afalg,libopenssl-afalg_sync)) define Package/libopenssl-afalg_sync - SECTION:=libs - CATEGORY:=Libraries - SUBMENU:=SSL - MDEPENDS:=libopenssl + $(call Package/openssl/engine/Default) TITLE:=AF_ALG engine using sync crypto API URL:=https://github.com/cotequeiroz/afalg_engine - DEPENDS:=libopenssl @OPENSSL_ENGINE @!OPENSSL_ENGINE_BUILTIN_AFALG \ - +libopenssl-conf +kmod-crypto-user + DEPENDS += @!OPENSSL_ENGINE_BUILTIN_AFALG +kmod-crypto-user CONFLICTS:=libopenssl-afalg $(if $(CONFIG_AFALG_FALLBACK),libopenssl-devcrypto) MENU:=1 endef @@ -62,10 +58,4 @@ CMAKE_OPTIONS += \ -DUPDATE_CTR_IV=$(if $(CONFIG_AFALG_UPDATE_CTR_IV),ON,OFF) \ -DUSE_ZERO_COPY=$(if $(CONFIG_AFALG_ZERO_COPY),ON,OFF) -define Package/libopenssl-afalg_sync/install - $(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR) - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/$(ENGINES_DIR)/afalg.so \ - $(1)/usr/lib/$(ENGINES_DIR)/ -endef - $(eval $(call BuildPackage,libopenssl-afalg_sync)) diff --git a/libs/afalg_engine/files/afalg.cnf b/libs/afalg_engine/files/afalg.cnf new file mode 100644 index 000000000..f17338b88 --- /dev/null +++ b/libs/afalg_engine/files/afalg.cnf @@ -0,0 +1,32 @@ +[afalg] +# Leave this alone and configure algorithms with CIPERS/DIGESTS below +default_algorithms = ALL + +# The following commands are only available if using the alternative +# (sync) AFALG engine +# Configuration commands: +# Run 'openssl engine -t -c -vv -pre DUMP_INFO devcrypto' to see a +# list of supported algorithms, along with their driver, whether they +# are hw accelerated or not, and the engine's configuration commands. + +# USE_SOFTDRIVERS: specifies whether to use software (not accelerated) +# drivers (0=use only accelerated drivers, 1=allow all drivers, 2=use +# if acceleration can't be determined) [default=2] +#USE_SOFTDRIVERS = 2 + +# CIPHERS: either ALL, NONE, NO_ECB (all except ECB-mode) or a +# comma-separated list of ciphers to enable [default=NO_ECB] +# Starting in 1.2.0, if you use a cipher list, each cipher may be +# followed by a colon (:) and the minimum request length to use +# AF_ALG drivers for that cipher; smaller requests are processed by +# softare; a negative value will use the default for that cipher +#CIPHERS=AES-128-CBC:1024, AES-256-CBC:768, DES-EDE3-CBC:0 + +# DIGESTS: either ALL, NONE, or a comma-separated list of digests to +# enable [default=NONE] +# It is strongly recommended not to enable digests; their performance +# is poor, and there are many cases in which they will not work, +# especially when calling fork with open crypto contexts. Openssh, +# for example, does this, and you may not be able to login. +#DIGESTS = NONE +