diff --git a/examples/dtls-wolfssl/Makefile.ci b/examples/dtls-wolfssl/Makefile.ci index 1709b4b467..b3021b3a70 100644 --- a/examples/dtls-wolfssl/Makefile.ci +++ b/examples/dtls-wolfssl/Makefile.ci @@ -1,16 +1,18 @@ BOARD_INSUFFICIENT_MEMORY := \ airfy-beacon \ - b-l072z-lrwan1 \ blackpill-stm32f103c8 \ - bluepill-stm32f103c8 \ + blackpill-stm32f103cb \ bluepill-stm32f030c8 \ + bluepill-stm32f103c8 \ + bluepill-stm32f103cb \ calliope-mini \ cc2650-launchpad \ cc2650stk \ hifive1 \ + hifive1b \ i-nucleo-lrwan1 \ im880b \ - maple-mini \ + lobaro-lorabox \ microbit \ nrf51dongle \ nrf6310 \ @@ -23,10 +25,15 @@ BOARD_INSUFFICIENT_MEMORY := \ nucleo-f302r8 \ nucleo-f303k8 \ nucleo-f334r8 \ + nucleo-f410rb \ + nucleo-g070rb \ + nucleo-g071rb \ + nucleo-g431rb \ nucleo-l011k4 \ nucleo-l031k6 \ nucleo-l053r8 \ - nucleo-l073rz \ + nucleo-l412kb \ + olimexino-stm32 \ opencm904 \ samd10-xmini \ saml10-xpro \ @@ -41,7 +48,6 @@ BOARD_INSUFFICIENT_MEMORY := \ stm32f7508-dk \ stm32g0316-disco \ stm32l0538-disco \ - stm32mindev \ stm32mp157c-dk2 \ yunjia-nrf51822 \ # diff --git a/pkg/wolfssl/Makefile b/pkg/wolfssl/Makefile index 41713432ef..8382bccb7b 100644 --- a/pkg/wolfssl/Makefile +++ b/pkg/wolfssl/Makefile @@ -1,7 +1,7 @@ PKG_NAME=wolfssl PKG_URL=https://github.com/wolfssl/wolfssl.git -# v4.5.0 -PKG_VERSION=0fa5af9929ce2ee99e8789996a3048f41a99830e +# v5.5.4 +PKG_VERSION=4fbd4fd36a21efd9d1a7e17aba390e91c78693b1 PKG_LICENSE=GPLv2 include $(RIOTBASE)/pkg/pkg.mk diff --git a/pkg/wolfssl/Makefile.wolfcrypt b/pkg/wolfssl/Makefile.wolfcrypt index 51a624e94c..dc84c88e44 100644 --- a/pkg/wolfssl/Makefile.wolfcrypt +++ b/pkg/wolfssl/Makefile.wolfcrypt @@ -18,6 +18,7 @@ NO_AUTO_SRC = 1 # Default CRYPTO source files # #-------------------------------------------------------------# SRC += error.c \ + kdf.c \ hash.c \ logging.c \ wc_encrypt.c \ diff --git a/pkg/wolfssl/include/user_settings.h b/pkg/wolfssl/include/user_settings.h index c14f5adb75..79f58f2aca 100644 --- a/pkg/wolfssl/include/user_settings.h +++ b/pkg/wolfssl/include/user_settings.h @@ -21,10 +21,8 @@ extern "C" { #define NO_MAIN_DRIVER #define NO_SIG_WRAPPER #define NO_OLD_RNGNAME - -/* Uncomment the next two lines to enable wolfSSL debug */ -// #define DEBUG_WOLFSSL -// #define WOLFSSL_LOG_PRINTF +#define HAVE_STRINGS_H +#define WOLFSSL_IPV6 /* Single precision math */ #define WOLFSSL_SP_MATH @@ -98,6 +96,12 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz); #define WOLFSSL_DTLS #endif +#undef WOLFSSL_DTLS13 +#ifdef MODULE_WOLFSSL_DTLS13 +#define WOLFSSL_DTLS13 +#define HAVE_AEAD +#endif + #undef HAVE_FFDHE_2048 #ifdef MODULE_WOLFCRYPT_FFDHE_2048 #define HAVE_FFDHE_2048 @@ -303,6 +307,23 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz); #define HAVE_TLS13 #define WOLFSSL_TLS13 #define BUILD_TLS_AES_128_GCM_SHA256 +#define NO_OLD_TLS +#define HAVE_TLS_EXTENSIONS +#define HAVE_AES_DECRYPT +#define HAVE_AESGCM +#define GCM_SMALL +#define HAVE_AESCCM +#define WOLFSSL_AES_COUNTER +#define WOLFSSL_AES_DIRECT +#define HAVE_FFDHE_4096 +#define HAVE_HKDF +#define WC_RSA_PSS +#define WOLFSSL_SEND_HRR_COOKIE +#endif + +#ifdef MODULE_WOLFSSL_DEBUG +#define DEBUG_WOLFSSL +#define WOLFSSL_LOG_PRINTF #endif #ifdef __cplusplus diff --git a/pkg/wolfssl/patches/0001-Avoid-building-TLSX_SetResponse-unless-it-is-being-u.patch b/pkg/wolfssl/patches/0001-Avoid-building-TLSX_SetResponse-unless-it-is-being-u.patch new file mode 100644 index 0000000000..1ae2534485 Binary files /dev/null and b/pkg/wolfssl/patches/0001-Avoid-building-TLSX_SetResponse-unless-it-is-being-u.patch differ diff --git a/pkg/wolfssl/patches/0001-Fix-missing-include-necessary-to-use-gettimeofday-on.patch b/pkg/wolfssl/patches/0001-Fix-missing-include-necessary-to-use-gettimeofday-on.patch new file mode 100644 index 0000000000..0e91f51c99 Binary files /dev/null and b/pkg/wolfssl/patches/0001-Fix-missing-include-necessary-to-use-gettimeofday-on.patch differ diff --git a/pkg/wolfssl/patches/0001-wolfssl-wolfcrypt-fix-signature-mismatch-to-compile-.patch b/pkg/wolfssl/patches/0001-wolfssl-wolfcrypt-fix-signature-mismatch-to-compile-.patch deleted file mode 100644 index 150eb4d932..0000000000 Binary files a/pkg/wolfssl/patches/0001-wolfssl-wolfcrypt-fix-signature-mismatch-to-compile-.patch and /dev/null differ diff --git a/tests/pkg_wolfcrypt-ed25519-verify/Makefile b/tests/pkg_wolfcrypt-ed25519-verify/Makefile index e99e037c9b..05f53a831c 100644 --- a/tests/pkg_wolfcrypt-ed25519-verify/Makefile +++ b/tests/pkg_wolfcrypt-ed25519-verify/Makefile @@ -8,5 +8,6 @@ CFLAGS+=-DNO_ED25519_SIGN -DNO_ED25519_KEY_EXPORT USEPKG +=wolfssl USEMODULE += wolfcrypt USEMODULE += wolfcrypt_ed25519 +USEMODULE += wolfcrypt_random include $(RIOTBASE)/Makefile.include diff --git a/tests/pkg_wolfssl/Makefile.ci b/tests/pkg_wolfssl/Makefile.ci index 91ed249852..118b9f45b0 100644 --- a/tests/pkg_wolfssl/Makefile.ci +++ b/tests/pkg_wolfssl/Makefile.ci @@ -1,17 +1,24 @@ BOARD_INSUFFICIENT_MEMORY := \ blackpill-stm32f103c8 \ - bluepill-stm32f103c8 \ + blackpill-stm32f103cb \ bluepill-stm32f030c8 \ + bluepill-stm32f103c8 \ + bluepill-stm32f103cb \ i-nucleo-lrwan1 \ nucleo-f030r8 \ nucleo-f031k6 \ nucleo-f042k6 \ + nucleo-f070rb \ + nucleo-f072rb \ nucleo-f302r8 \ nucleo-f303k8 \ nucleo-f334r8 \ + nucleo-g070rb \ + nucleo-g071rb \ nucleo-l011k4 \ nucleo-l031k6 \ nucleo-l053r8 \ + opencm904 \ samd10-xmini \ saml10-xpro \ saml11-xpro \ diff --git a/tests/pkg_wolfssl/tests/01-run.py b/tests/pkg_wolfssl/tests/01-run.py index 652dc517ea..75fea0989d 100755 --- a/tests/pkg_wolfssl/tests/01-run.py +++ b/tests/pkg_wolfssl/tests/01-run.py @@ -15,7 +15,7 @@ BOARD = os.environ.get("BOARD", "native") TEST_TIMEOUT = 600 if BOARD != 'native' else DEFAULT_TIMEOUT # ECDSA 256 takes +30s on samr21-xpro # ECDSA 256 takes +40s on nrf51dk -BENCH_TIMEOUT = 40 if BOARD != 'native' else DEFAULT_TIMEOUT +BENCH_TIMEOUT = 40 if BOARD != 'native' else 20 def _wait_for_test(child):