From 236603cffc186b1bbf1d9a7b1e7d41b4088456cb Mon Sep 17 00:00:00 2001
From: Florian Lentz <flolen@uni-bremen.de>
Date: Wed, 18 Jan 2023 20:47:01 +0100
Subject: [PATCH] pkg/wolfssl: Update wolfSSL to 5.5.4 and add DTLS 1.3 support

---
 pkg/wolfssl/Makefile                          |   4 +--
 pkg/wolfssl/Makefile.wolfcrypt                |   1 +
 pkg/wolfssl/include/user_settings.h           |  29 +++++++++++++++---
 ...ude-necessary-to-use-gettimeofday-on.patch | Bin 0 -> 666 bytes
 ...t-fix-signature-mismatch-to-compile-.patch | Bin 1905 -> 0 bytes
 5 files changed, 28 insertions(+), 6 deletions(-)
 create mode 100644 pkg/wolfssl/patches/0001-Fix-missing-include-necessary-to-use-gettimeofday-on.patch
 delete mode 100644 pkg/wolfssl/patches/0001-wolfssl-wolfcrypt-fix-signature-mismatch-to-compile-.patch

diff --git a/pkg/wolfssl/Makefile b/pkg/wolfssl/Makefile
index 41713432ef..8382bccb7b 100644
--- a/pkg/wolfssl/Makefile
+++ b/pkg/wolfssl/Makefile
@@ -1,7 +1,7 @@
 PKG_NAME=wolfssl
 PKG_URL=https://github.com/wolfssl/wolfssl.git
-# v4.5.0
-PKG_VERSION=0fa5af9929ce2ee99e8789996a3048f41a99830e
+# v5.5.4
+PKG_VERSION=4fbd4fd36a21efd9d1a7e17aba390e91c78693b1
 PKG_LICENSE=GPLv2
 
 include $(RIOTBASE)/pkg/pkg.mk
diff --git a/pkg/wolfssl/Makefile.wolfcrypt b/pkg/wolfssl/Makefile.wolfcrypt
index 51a624e94c..dc84c88e44 100644
--- a/pkg/wolfssl/Makefile.wolfcrypt
+++ b/pkg/wolfssl/Makefile.wolfcrypt
@@ -18,6 +18,7 @@ NO_AUTO_SRC = 1
 # Default CRYPTO source files                                 #
 #-------------------------------------------------------------#
 SRC +=  error.c \
+        kdf.c \
         hash.c \
         logging.c \
         wc_encrypt.c \
diff --git a/pkg/wolfssl/include/user_settings.h b/pkg/wolfssl/include/user_settings.h
index c14f5adb75..79f58f2aca 100644
--- a/pkg/wolfssl/include/user_settings.h
+++ b/pkg/wolfssl/include/user_settings.h
@@ -21,10 +21,8 @@ extern "C" {
 #define NO_MAIN_DRIVER
 #define NO_SIG_WRAPPER
 #define NO_OLD_RNGNAME
-
-/* Uncomment the next two lines to enable wolfSSL debug */
-// #define DEBUG_WOLFSSL
-// #define WOLFSSL_LOG_PRINTF
+#define HAVE_STRINGS_H
+#define WOLFSSL_IPV6
 
 /* Single precision math */
 #define WOLFSSL_SP_MATH
@@ -98,6 +96,12 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz);
 #define WOLFSSL_DTLS
 #endif
 
+#undef WOLFSSL_DTLS13
+#ifdef MODULE_WOLFSSL_DTLS13
+#define WOLFSSL_DTLS13
+#define HAVE_AEAD
+#endif
+
 #undef HAVE_FFDHE_2048
 #ifdef MODULE_WOLFCRYPT_FFDHE_2048
 #define HAVE_FFDHE_2048
@@ -303,6 +307,23 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz);
 #define HAVE_TLS13
 #define WOLFSSL_TLS13
 #define BUILD_TLS_AES_128_GCM_SHA256
+#define NO_OLD_TLS
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_AES_DECRYPT
+#define HAVE_AESGCM
+#define GCM_SMALL
+#define HAVE_AESCCM
+#define WOLFSSL_AES_COUNTER
+#define WOLFSSL_AES_DIRECT
+#define HAVE_FFDHE_4096
+#define HAVE_HKDF
+#define WC_RSA_PSS
+#define WOLFSSL_SEND_HRR_COOKIE
+#endif
+
+#ifdef MODULE_WOLFSSL_DEBUG
+#define DEBUG_WOLFSSL
+#define WOLFSSL_LOG_PRINTF
 #endif
 
 #ifdef __cplusplus
diff --git a/pkg/wolfssl/patches/0001-Fix-missing-include-necessary-to-use-gettimeofday-on.patch b/pkg/wolfssl/patches/0001-Fix-missing-include-necessary-to-use-gettimeofday-on.patch
new file mode 100644
index 0000000000000000000000000000000000000000..0e91f51c992c452cbe42295a356ed6d15f02ca89
GIT binary patch
literal 666
zcmb7>QES^U5Xay3DgKa`q^=yvcH+d8lCH(HBPC@n^kEERTc=dRk%#R-GxFglXSAe`
zJ%o-sjvqgr(ze-QSuPX>F}aw}mZ~b_Y8K9BkzCAzScl7KUMevcB_11#jQ&8z5F$Ap
z1VTubI!uDJZdy}VtjYF&ai!~~CcD~O!^@U-WPL@~?5^l3!3(KN$OXQ;@jwKjyAruf
zq8Of#La=OK{-&x=@bl^B`S$)7QuBtL={jS#Ft)1qieRatt}EID`Ud-su%*5?J8HBl
z4&w<L%kbl2^UOCHW1Mq_uC1nh-O13ea6|yl^(3^Z3Ds+1w<jyd@2KrfW5?daSwc}w
zr;<+?Q$}lWzBN6H={c`Fub8ol-Vg;;##&e8`-NVLDv+^;d*3{Y2BFUc=6N1IQ&uZ*
zDZ)#)mj7wBVi;odzJn`jTif`r*9;@FPL6@`k<m_C8%t`O=Z`nH_jx|S@p#ruTcU5-
zo$E92OXKI5m(4oOvUNTzIp1Ux=kVdx9lGi88E0ykUf^A4z~uRd1umw8I0p;-F!Cj1
F{{T$q!)E{h

literal 0
HcmV?d00001

diff --git a/pkg/wolfssl/patches/0001-wolfssl-wolfcrypt-fix-signature-mismatch-to-compile-.patch b/pkg/wolfssl/patches/0001-wolfssl-wolfcrypt-fix-signature-mismatch-to-compile-.patch
deleted file mode 100644
index 150eb4d932fc7d4d6ed1a59cabfe135bcc5849b2..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1905
zcmb_cZExE)5dN-Tao_S{%aUwGwzQ>4mmzI|v>BQJ{Sc%EMV>4!k|>ap9i!cTdyjIA
zT6TwY*aShsk-X>bp67U1T9puIB4qv<k0xP!=7-~182ht$8iryv;b9!5DH8#nW$<2A
zaEmnrQ}F$ydtvPRfpbML3A|@ovI>4{4bP3l6+R;TT6T-0bZ7BGEf?)b;49~M)?fm6
zc{_x_hYxB=aN{uqQ9`dD!N3oE-??qmKan>H-2d_V?(*#etW=R1Q+W2z^}435Og@2;
zi;6X^Mku8zS;KQ^6mV76vOrkLCWkkdmkzu-hhRK<a-6$d8c4OQ76zIecK~G7Eo4fs
zm=++A7fiE85&^Vj))n92k(cv5?6a3F>jF!xn$BSet6Wkllp&hLaey8#S0#FunzZ#k
zVy%p4RMt=|^gh13x%1Li7Q(9^7hR3LT0Nt=x4?O!R`U|e5l@0?oJ{-#P-~?VV0zKo
z=n#O)pjp=lM{Q-ZL;*Z!`aTLDjyCykiK3lUwUvN-_frRR&a`H0x2CE~Y*3#+bcq9L
zAH!EzDk;G5xkk})Jnq56lMQh4eBPG()qZxLzkAPTYjwxpRYVhMB`aREf|AN?fBwI0
zO~T~AXwcV!bWk;JI>U_eWELcoD1l1ZzOFScrD{#Fer_Nth#5Fa*A2qy5qx2fY)=|m
z{%cFzEFj`O-CSSY-d@kIZ!TY7@6&F9PQje~vUMSj54hgt9biNJXUBD2=kOlczS^ya
z(8e&Jlfgz8>Yi$Wf^I8GWKi1+aXdJ&w!i{A(>-w<A+rozcOe^KKj`57DCx^*99ao`
zf>_LA?z7P-okl@0iD+#2Q5f2CekPJL7!2TNqFr2oJDm-uFzCKy_Jxpiy@1NF{b^M&
z^9mO<%;rl*q?C9}d-ViPhg?;rf&TqCwSxT^PpCF6aBeuGc~iDU(*qp;6X0;C0s49$
zTAPgiWq#d#C!d|fQf6K*)9shJH#WZa@8HFAV7jStz}yy+$YMeqKSK^_>|5eDChME&
kOLXn}@<Xw<WHhRiesB71HMb0tVB}7{>5NB{*(h+FZ}>1_+yDRo