summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2021-11-02 03:25:00 +0100
committerWaldemar Brodkorb <wbx@openadk.org>2021-11-04 02:09:56 +0100
commite1b8e22f8e72601ec05e823827c3d5c9368a3f55 (patch)
treed7a58c8c5b74b522ba9c9f36fceaac14cae295d2
parentd6ba028c9ceb97e0344de25a0caff63a8b149f63 (diff)
package: cryptsetup: Update to 2.4.1
There is a new (optional) dependency libargon2 - a builtin fallback exists but is supposed to be slow. Add mandatory kernel modules for kernel crypto backend and the default cipher choice when creating new LUKS mappings. Signed-off-by: Phil Sutter <phil@nwl.cc>
-rw-r--r--package/cryptsetup/Makefile51
1 files changed, 46 insertions, 5 deletions
diff --git a/package/cryptsetup/Makefile b/package/cryptsetup/Makefile
index 2661ac0ae..1a24306ac 100644
--- a/package/cryptsetup/Makefile
+++ b/package/cryptsetup/Makefile
@@ -4,22 +4,63 @@
include ${ADK_TOPDIR}/rules.mk
PKG_NAME:= cryptsetup
-PKG_VERSION:= 2.0.3
+PKG_VERSION:= 2.4.1
PKG_RELEASE:= 1
-PKG_HASH:= 4d6cca04c1f5ff4a68d045d190efb2623087eda0274ded92f92a4b6911e501d4
-PKG_DESCR:= utility used to conveniently setup disk encryption
+PKG_HASH:= a356a727a83a464ade566e95239622a22dbe4e0f482b198fdb04ab0d3a5a9c5f
+PKG_DESCR:= utility used to conveniently setup disk encryption
PKG_SECTION:= app/crypto
PKG_DEPENDS:= libgcrypt device-mapper libuuid libpopt json-c libncurses
PKG_BUILDDEP:= libgcrypt popt e2fsprogs lvm json-c ncurses
+PKG_NEEDS:= iconv
+PKG_KDEPENDS:= crypto-user-api-hash crypto-user-api-skcipher
+PKG_KDEPENDS+= crypto-user-api-rng crypto-user-api-aead
+# these are the default algorithms used by older and newer cryptsetup versions
+PKG_KDEPENDS+= dm-crypt crypto-essiv crypto-cbc crypto-xts
+PKG_KDEPENDS+= crypto-aes crypto-sha1 crypto-sha256
PKG_URL:= https://gitlab.com/cryptsetup/cryptsetup
-PKG_SITES:= https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/
+PKG_SITES:= https://www.kernel.org/pub/linux/utils/cryptsetup/v2.4/
PKG_OPTS:= dev
+PKG_FLAVOURS_CRYPTSETUP:= WITH_LIBARGON2
+PKGFD_WITH_LIBARGON2:= use libargon2 instead of the slow internal one
+PKGFS_WITH_LIBARGON2:= libargon2
+PKGFB_WITH_LIBARGON2:= libargon2
+PKGFX_WITH_LIBARGON2:= y
+
+PKG_CHOICES_CRYPTSETUP:= WITH_GCRYPT WITH_KERNEL WITH_NETTLE WITH_OPENSSL
+PKGCD_WITH_GCRYPT:= use libgcrypt crypto backend
+PKGCS_WITH_GCRYPT:= libgcrypt libgpg-error
+PKGCB_WITH_GCRYPT:= libgcrypt libgpg-error
+PKGCD_WITH_KERNEL:= use kernel user API crypto backend (slow)
+PKGCD_WITH_NETTLE:= use libnettle crypto backend
+PKGCS_WITH_NETTLE:= libnettle
+PKGCB_WITH_NETTLE:= libnettle
+PKGCD_WITH_OPENSSL:= use OpenSSL crypto backend
+PKGCS_WITH_OPENSSL:= libressl
+PKGCB_WITH_OPENSSL:= libressl
+
include ${ADK_TOPDIR}/mk/package.mk
$(eval $(call PKG_template,CRYPTSETUP,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${PKG_DEPENDS},${PKG_DESCR},${PKG_SECTION},${PKG_OPTS}))
-CONFIGURE_ARGS+= --disable-selinux
+CONFIGURE_ARGS+= --disable-selinux \
+ --disable-ssh-token \
+ --disable-udev \
+ --disable-nls \
+ --enable-libargon2
+
+ifeq (${ADK_PACKAGE_CRYPTSETUP_WITH_GCRYPT},y)
+CONFIGURE_ARGS+= --with-crypto_backend=gcrypt
+endif
+ifeq (${ADK_PACKAGE_CRYPTSETUP_WITH_KERNEL},y)
+CONFIGURE_ARGS+= --with-crypto_backend=kernel
+endif
+ifeq (${ADK_PACKAGE_CRYPTSETUP_WITH_NETTLE},y)
+CONFIGURE_ARGS+= --with-crypto_backend=nettle
+endif
+ifeq (${ADK_PACKAGE_CRYPTSETUP_WITH_OPENSSL},y)
+CONFIGURE_ARGS+= --with-crypto_backend=openssl
+endif
cryptsetup-install:
${INSTALL_DIR} ${IDIR_CRYPTSETUP}/usr/sbin ${IDIR_CRYPTSETUP}/usr/lib