aboutsummaryrefslogtreecommitdiffstats
path: root/package
diff options
context:
space:
mode:
Diffstat (limited to 'package')
-rw-r--r--package/libs/wolfssl/Config.in51
-rw-r--r--package/libs/wolfssl/Makefile110
-rw-r--r--package/libs/wolfssl/patches/100-disable-hardening-check.patch2
-rw-r--r--package/libs/wolfssl/patches/101-AR-flags-configure-update.patch23
-rw-r--r--package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch2
5 files changed, 62 insertions, 126 deletions
diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
index 4aa163b361..875ff5e6a3 100644
--- a/package/libs/wolfssl/Config.in
+++ b/package/libs/wolfssl/Config.in
@@ -8,12 +8,8 @@ config WOLFSSL_HAS_AES_GCM
bool "Include AES-GCM support"
default y
-config WOLFSSL_HAS_CHACHA
- bool "Include ChaCha cipher suite support"
- default n
-
-config WOLFSSL_HAS_ECC
- bool "Include ECC (Elliptic Curve Cryptography) support"
+config WOLFSSL_HAS_CHACHA_POLY
+ bool "Include ChaCha20-Poly1305 cipher suite support"
default y
config WOLFSSL_HAS_DH
@@ -24,12 +20,17 @@ config WOLFSSL_HAS_ARC4
bool "Include ARC4 support"
default y
-config WOLFSSL_HAS_DES3
- bool "Include DES3 (Tripple-DES) support"
+config WOLFSSL_HAS_TLSV10
+ bool "Include TLS 1.0 support"
default y
-config WOLFSSL_HAS_PSK
- bool "Include PKS (Pre Share Key) support"
+if !(WOLFSSL_HAS_AES_CCM||WOLFSSL_HAS_AES_GCM||WOLFSSL_HAS_CHACHA_POLY)
+ comment "! TLS 1.3 support needs one of: AES-CCM, AES-GCM, ChaCha20-Poly1305"
+endif
+
+config WOLFSSL_HAS_TLSV13
+ bool "Include TLS 1.3 support"
+ depends on WOLFSSL_HAS_AES_CCM||WOLFSSL_HAS_AES_GCM||WOLFSSL_HAS_CHACHA_POLY
default y
config WOLFSSL_HAS_SESSION_TICKET
@@ -41,20 +42,40 @@ config WOLFSSL_HAS_DTLS
default n
config WOLFSSL_HAS_OCSP
- bool "Include OSCP support"
+ bool "Include OSCP stapling support"
default y
config WOLFSSL_HAS_WPAS
bool "Include wpa_supplicant support"
+ select WOLFSSL_HAS_ARC4
+ select WOLFSSL_HAS_OCSP
+ select WOLFSSL_HAS_SESSION_TICKET
default y
config WOLFSSL_HAS_ECC25519
bool "Include ECC Curve 22519 support"
- depends on WOLFSSL_HAS_ECC
default n
-config WOLFSSL_HAS_POLY1305
- bool "Include Poly-1305 support"
- default n
+if WOLFSSL_HAS_AES_CCM
+ comment "! Hardware Acceleration does not build with AES-CCM enabled"
+endif
+if !WOLFSSL_HAS_AES_CCM
+ choice
+ prompt "Hardware Acceleration"
+ default WOLFSSL_HAS_NO_HW
+
+ config WOLFSSL_HAS_NO_HW
+ bool "None"
+
+ config WOLFSSL_HAS_AFALG
+ bool "AF_ALG"
+
+ config WOLFSSL_HAS_DEVCRYPTO_AES
+ bool "/dev/crypto - AES-only"
+
+ config WOLFSSL_HAS_DEVCRYPTO_FULL
+ bool "/dev/crypto - full"
+ endchoice
+endif
endif
diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 7aaa562539..678eb4936b 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=wolfssl
-PKG_VERSION:=3.15.7-stable
+PKG_VERSION:=4.0.0-stable
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=dc97c07a7667b39a890e14f4b4a209f51524a4cabee7adb6c80822ee78c1f62a
+PKG_HASH:=6cf678c72b485d1904047c40c20f85104c96b5f39778822783a2c407ccb23657
PKG_FIXUP:=libtool
PKG_INSTALL:=1
@@ -21,15 +21,17 @@ PKG_USE_MIPS16:=0
PKG_BUILD_PARALLEL:=1
PKG_LICENSE:=GPL-2.0-or-later
PKG_LICENSE_FILES:=LICENSING COPYING
+PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_CPE_ID:=cpe:/a:wolfssl:wolfssl
PKG_CONFIG_DEPENDS:=\
CONFIG_WOLFSSL_HAS_AES_CCM CONFIG_WOLFSSL_HAS_AES_GCM \
- CONFIG_WOLFSSL_HAS_ARC4 CONFIG_WOLFSSL_HAS_CHACHA \
- CONFIG_WOLFSSL_HAS_DES3 CONFIG_WOLFSSL_HAS_DH CONFIG_WOLFSSL_HAS_DTLS \
- CONFIG_WOLFSSL_HAS_ECC CONFIG_WOLFSSL_HAS_ECC25519 \
- CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_POLY1305 \
- CONFIG_WOLFSSL_HAS_PSK CONFIG_WOLFSSL_HAS_SESSION_TICKET \
+ CONFIG_WOLFSSL_HAS_AFALG CONFIG_WOLFSSL_HAS_ARC4 \
+ CONFIG_WOLFSSL_HAS_CHACHA_POLY CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES \
+ CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL, CONFIG_WOLFSSL_HAS_DH \
+ CONFIG_WOLFSSL_HAS_DTLS CONFIG_WOLFSSL_HAS_ECC25519 \
+ CONFIG_WOLFSSL_HAS_OCSP CONFIG_WOLFSSL_HAS_SESSION_TICKET \
+ CONFIG_WOLFSSL_HAS_TLSV10 CONFIG_WOLFSSL_HAS_TLSV13 \
CONFIG_WOLFSSL_HAS_WPAS
include $(INCLUDE_DIR)/package.mk
@@ -42,6 +44,7 @@ define Package/libwolfssl
URL:=http://www.wolfssl.com/
MENU:=1
PROVIDES:=libcyassl
+ DEPENDS:=+WOLFSSL_HAS_DEVCRYPTO:kmod-cryptodev +WOLFSSL_HAS_AFALG:kmod-crypto-user
ABI_VERSION:=19
endef
@@ -64,68 +67,20 @@ CONFIGURE_ARGS += \
--disable-examples \
--disable-leanpsk \
--disable-leantls \
-
-ifeq ($(CONFIG_IPV6),y)
-CONFIGURE_ARGS += \
- --enable-ipv6
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_AES_CCM),y)
-CONFIGURE_ARGS += \
- --enable-aesccm
-endif
-
-ifneq ($(CONFIG_WOLFSSL_HAS_AES_GCM),y)
-CONFIGURE_ARGS += \
- --disable-aesgcm
-endif
-
-ifneq ($(CONFIG_WOLFSSL_HAS_CHACHA),y)
-CONFIGURE_ARGS += \
- --disable-chacha
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_ECC),y)
-CONFIGURE_ARGS += \
- --enable-ecc \
- --enable-supportedcurves
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_DH),y)
-CONFIGURE_ARGS += \
- --enable-dh
-endif
-
-ifneq ($(CONFIG_WOLFSSL_HAS_ARC4),y)
-CONFIGURE_ARGS += \
- --disable-arc4
-else
-CONFIGURE_ARGS += \
- --enable-arc4
-endif
-
-ifneq ($(CONFIG_WOLFSSL_HAS_DES3),y)
-CONFIGURE_ARGS += \
- --disable-des3
-else
-CONFIGURE_ARGS += \
- --enable-des3
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_PSK),y)
-CONFIGURE_ARGS += \
- --enable-psk
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_SESSION_TICKET),y)
-CONFIGURE_ARGS += \
- --enable-session-ticket
-endif
-
-ifeq ($(CONFIG_WOLFSSL_HAS_DTLS),y)
-CONFIGURE_ARGS += \
- --enable-dtls
-endif
+ --$(if $(CONFIG_IPV6),enable,disable)-ipv6 \
+ --$(if $(CONFIG_WOLFSSL_HAS_AES_CCM),enable,disable)-aesccm \
+ --$(if $(CONFIG_WOLFSSL_HAS_AES_GCM),enable,disable)-aesgcm \
+ --$(if $(CONFIG_WOLFSSL_HAS_CHACHA_POLY),enable,disable)-chacha \
+ --$(if $(CONFIG_WOLFSSL_HAS_CHACHA_POLY),enable,disable)-poly1305 \
+ --$(if $(CONFIG_WOLFSSL_HAS_DH),enable,disable)-dh \
+ --$(if $(CONFIG_WOLFSSL_HAS_ARC4),enable,disable)-arc4 \
+ --$(if $(CONFIG_WOLFSSL_HAS_TLSV10),enable,disable)-tlsv10 \
+ --$(if $(CONFIG_WOLFSSL_HAS_TLSV13),enable,disable)-tls13 \
+ --$(if $(CONFIG_WOLFSSL_HAS_SESSION_TICKET),enable,disable)-session-ticket \
+ --$(if $(CONFIG_WOLFSSL_HAS_DTLS),enable,disable)-dtls \
+ --$(if $(CONFIG_WOLFSSL_HAS_ECC25519),enable,disable)-curve25519 \
+ --$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \
+ --enable-devcrypto=$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_AES),aes,$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_FULL),yes,no))
ifeq ($(CONFIG_WOLFSSL_HAS_OCSP),y)
CONFIGURE_ARGS += \
@@ -137,23 +92,6 @@ CONFIGURE_ARGS += \
--enable-wpas --enable-sha512 --enable-fortress --enable-fastmath
endif
-ifeq ($(CONFIG_WOLFSSL_HAS_ECC25519),y)
-CONFIGURE_ARGS += \
- --enable-curve25519
-endif
-
-ifneq ($(CONFIG_WOLFSSL_HAS_POLY1305),y)
-CONFIGURE_ARGS += \
- --enable-poly1305
-endif
-
-#ifneq ($(CONFIG_TARGET_x86),)
-# CONFIGURE_ARGS += --enable-intelasm
-#endif
-#ifneq ($(CONFIG_TARGET_x86_64),)
-# CONFIGURE_ARGS += --enable-intelasm
-#endif
-
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig
$(CP) $(PKG_INSTALL_DIR)/usr/include/* $(1)/usr/include/
diff --git a/package/libs/wolfssl/patches/100-disable-hardening-check.patch b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
index 8a51434633..6cecb6b7d6 100644
--- a/package/libs/wolfssl/patches/100-disable-hardening-check.patch
+++ b/package/libs/wolfssl/patches/100-disable-hardening-check.patch
@@ -1,6 +1,6 @@
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
-@@ -1759,7 +1759,7 @@ extern void uITRON4_free(void *p) ;
+@@ -1880,7 +1880,7 @@ extern void uITRON4_free(void *p) ;
#endif
/* warning for not using harden build options (default with ./configure) */
diff --git a/package/libs/wolfssl/patches/101-AR-flags-configure-update.patch b/package/libs/wolfssl/patches/101-AR-flags-configure-update.patch
deleted file mode 100644
index 9401a54a5b..0000000000
--- a/package/libs/wolfssl/patches/101-AR-flags-configure-update.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From 42eacece82b6375a9f4bab3903a1a39f7d1dd579 Mon Sep 17 00:00:00 2001
-From: John Safranek <john@wolfssl.com>
-Date: Tue, 5 Mar 2019 09:26:30 -0800
-Subject: [PATCH] AR flags configure update In at least one environment the
- check for particular AR options was failing due to a bash script bug. Deleted
- an extra pair of parenthesis triggering an arithmetic statement when
- redundant grouping was desired.
-
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/configure.ac
-+++ b/configure.ac
-@@ -15,7 +15,7 @@ AC_CONFIG_AUX_DIR([build-aux])
- : ${CFLAGS=""}
-
- # Test ar for the "U" option. Should be checked before the libtool macros.
--xxx_ar_flags=$((ar --help) 2>&1)
-+xxx_ar_flags=$(ar --help 2>&1)
- AS_CASE([$xxx_ar_flags],[*'use actual timestamps and uids/gids'*],[: ${AR_FLAGS="Ucru"}])
-
- AC_PROG_CC
diff --git a/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch b/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch
index 6b0861288f..34d3e62361 100644
--- a/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch
+++ b/package/libs/wolfssl/patches/900-remove-broken-autoconf-macros.patch
@@ -1,6 +1,6 @@
--- a/configure.ac
+++ b/configure.ac
-@@ -4614,7 +4614,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
+@@ -4740,7 +4740,6 @@ AC_CONFIG_FILES([stamp-h], [echo timesta
AC_CONFIG_FILES([Makefile wolfssl/version.h wolfssl/options.h cyassl/options.h support/wolfssl.pc rpm/spec])
AX_CREATE_GENERIC_CONFIG