From 685ca410891e4e6cf6d1f7e6e0b1b8f447fe2898 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Mon, 10 Dec 2018 16:14:58 -0800
Subject: [PATCH 1/2] cryptsetup: Replace libgcrypt with AFALG

Add several configure arguments to speed up build time.

Switch from using libgcrypt to using the kernel directly.

This has a number of benefits including smaller size and faster speed. It
also allows selection of desired crypto primatives instead of having all
of them.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 utils/cryptsetup/Makefile | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/utils/cryptsetup/Makefile b/utils/cryptsetup/Makefile
index 9ef88d05f..9fe2094ea 100644
--- a/utils/cryptsetup/Makefile
+++ b/utils/cryptsetup/Makefile
@@ -9,22 +9,19 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=cryptsetup
 PKG_VERSION:=2.0.6
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v2.0
 PKG_HASH:=7c51fae0f0e7ea9af0f515b2ac77009fb2969a6619ebab47d097dca38b083d30
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 
+PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
 PKG_LICENSE:=GPL-2.0+ LGPL-2.1+
 PKG_LICENSE_FILES:=COPYING COPYING.LGPL
-PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 
 include $(INCLUDE_DIR)/package.mk
 
-TARGET_LDFLAGS+=-Wl,-rpath-link=$(STAGING_DIR)/usr/lib
-
 define Package/cryptsetup/Default
   SECTION:=utils
   CATEGORY:=Utilities
@@ -36,8 +33,8 @@ endef
 
 define Package/cryptsetup
 $(call Package/cryptsetup/Default)
-  DEPENDS+=+libgcrypt
-  VARIANT:=gcrypt
+  DEPENDS+=+kmod-crypto-user
+  VARIANT:=kernel
 endef
 
 define Package/cryptsetup-openssl
@@ -53,7 +50,7 @@ endef
 
 define Package/cryptsetup/description
 $(call Package/cryptsetup/Default/description)
-linked against libgcrypt
+linked against kernel crypto API
 endef
 
 
@@ -62,9 +59,21 @@ $(call Package/cryptsetup/Default/description)
 linked against openssl
 endef
 
+CONFIGURE_ARGS += \
+	--disable-cryptsetup-reencrypt \
+	--disable-integritysetup \
+	--disable-selinux \
+	--disable-rpath \
+	--disable-veritysetup \
+	--disable-udev \
+	--with-default-luks-format=LUKS2
+
 ifeq ($(BUILD_VARIANT),openssl)
-CONFIGURE_ARGS+= \
+CONFIGURE_ARGS += \
         --with-crypto_backend=openssl
+else
+CONFIGURE_ARGS += \
+	--with-crypto_backend=kernel
 endif
 
 define Package/cryptsetup/install

From 4815585a3bda9c4fc69782103f19cf8dbffb94e6 Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Wed, 9 Jan 2019 19:23:30 -0800
Subject: [PATCH 2/2] cryptsetup: Remove OpenSSL variant

OpenSSL is only used for hashing while being a huge dependency (689.4KB
for mips_24kc.

Cryptsetup also supports and recommends argon2 for hashing, which is not
provided by OpenSSL.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
---
 utils/cryptsetup/Makefile | 42 ++++-----------------------------------
 1 file changed, 4 insertions(+), 38 deletions(-)

diff --git a/utils/cryptsetup/Makefile b/utils/cryptsetup/Makefile
index 9fe2094ea..87b23b673 100644
--- a/utils/cryptsetup/Makefile
+++ b/utils/cryptsetup/Makefile
@@ -22,41 +22,17 @@ PKG_LICENSE_FILES:=COPYING COPYING.LGPL
 
 include $(INCLUDE_DIR)/package.mk
 
-define Package/cryptsetup/Default
+define Package/cryptsetup
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=Encryption
   TITLE:=Cryptsetup
-  DEPENDS:=+libblkid +libuuid +libpopt +lvm2 +libdevmapper +libjson-c +@KERNEL_DIRECT_IO
+  DEPENDS:=+libblkid +libuuid +libpopt +lvm2 +libdevmapper +libjson-c +@KERNEL_DIRECT_IO +kmod-crypto-user
   URL:=https://gitlab.com/cryptsetup/cryptsetup/
 endef
 
-define Package/cryptsetup
-$(call Package/cryptsetup/Default)
-  DEPENDS+=+kmod-crypto-user
-  VARIANT:=kernel
-endef
-
-define Package/cryptsetup-openssl
-$(call Package/cryptsetup/Default)
-  TITLE+= (with openssl support)
-  DEPENDS+=+libopenssl
-  VARIANT:=openssl
-endef
-
-define Package/cryptsetup/Default/description
-	Cryptsetup-luks
-endef
-
 define Package/cryptsetup/description
-$(call Package/cryptsetup/Default/description)
-linked against kernel crypto API
-endef
-
-
-define Package/cryptsetup-openssl/description
-$(call Package/cryptsetup/Default/description)
-linked against openssl
+  Cryptsetup is utility used to conveniently setup disk encryption based on DMCrypt kernel module.
 endef
 
 CONFIGURE_ARGS += \
@@ -66,15 +42,8 @@ CONFIGURE_ARGS += \
 	--disable-rpath \
 	--disable-veritysetup \
 	--disable-udev \
-	--with-default-luks-format=LUKS2
-
-ifeq ($(BUILD_VARIANT),openssl)
-CONFIGURE_ARGS += \
-        --with-crypto_backend=openssl
-else
-CONFIGURE_ARGS += \
+	--with-default-luks-format=LUKS2 \
 	--with-crypto_backend=kernel
-endif
 
 define Package/cryptsetup/install
 	$(INSTALL_DIR) $(1)/usr/sbin
@@ -83,7 +52,4 @@ define Package/cryptsetup/install
 	$(CP) $(PKG_BUILD_DIR)/.libs/libcryptsetup.so* $(1)/usr/lib
 endef
 
-Package/cryptsetup-openssl/install = $(Package/cryptsetup/install)
-
 $(eval $(call BuildPackage,cryptsetup))
-$(eval $(call BuildPackage,cryptsetup-openssl))