The built-in AES+XTS implementation is used for the LUKS encryption When building system emulators it is reasonable to expect that an external crypto library is being used instead. The performance of the builtin XTS implementation is terrible as it has no CPU acceleration support. It is thus not worth keeping a home grown XTS implementation for the built-in cipher backend. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
52 lines
1.2 KiB
Meson
52 lines
1.2 KiB
Meson
crypto_ss.add(genh)
|
|
crypto_ss.add(files(
|
|
'afsplit.c',
|
|
'block-luks.c',
|
|
'block-qcow.c',
|
|
'block.c',
|
|
'cipher.c',
|
|
'hash.c',
|
|
'hmac.c',
|
|
'ivgen-essiv.c',
|
|
'ivgen-plain.c',
|
|
'ivgen-plain64.c',
|
|
'ivgen.c',
|
|
'pbkdf.c',
|
|
'secret_common.c',
|
|
'secret.c',
|
|
'tlscreds.c',
|
|
'tlscredsanon.c',
|
|
'tlscredspsk.c',
|
|
'tlscredsx509.c',
|
|
'tlssession.c',
|
|
))
|
|
|
|
if nettle.found()
|
|
crypto_ss.add(nettle, files('hash-nettle.c', 'hmac-nettle.c', 'pbkdf-nettle.c'))
|
|
if xts == 'private'
|
|
crypto_ss.add(files('xts.c'))
|
|
endif
|
|
elif gcrypt.found()
|
|
crypto_ss.add(gcrypt, files('hash-gcrypt.c', 'hmac-gcrypt.c', 'pbkdf-gcrypt.c'))
|
|
else
|
|
crypto_ss.add(files('hash-glib.c', 'hmac-glib.c', 'pbkdf-stub.c'))
|
|
endif
|
|
|
|
crypto_ss.add(when: 'CONFIG_SECRET_KEYRING', if_true: files('secret_keyring.c'))
|
|
crypto_ss.add(when: 'CONFIG_AF_ALG', if_true: files('afalg.c', 'cipher-afalg.c', 'hash-afalg.c'))
|
|
crypto_ss.add(when: gnutls, if_true: files('tls-cipher-suites.c'))
|
|
|
|
util_ss.add(files('aes.c'))
|
|
util_ss.add(files('init.c'))
|
|
|
|
if gcrypt.found()
|
|
util_ss.add(gcrypt, files('random-gcrypt.c'))
|
|
elif gnutls.found()
|
|
util_ss.add(gnutls, files('random-gnutls.c'))
|
|
elif 'CONFIG_RNG_NONE' in config_host
|
|
util_ss.add(files('random-none.c'))
|
|
else
|
|
util_ss.add(files('random-platform.c'))
|
|
endif
|
|
|