From 4a1100dbb84634e4f8077c70071f0f8d5b6a6bb1 Mon Sep 17 00:00:00 2001 From: RISCi_ATOM Date: Thu, 5 Jan 2023 10:44:26 -0500 Subject: [PATCH] wolfssl: Bump to 5.5.4-stable --- package/libs/wolfssl/Makefile | 4 +- .../libs/wolfssl/patches/200-ecc-rng.patch | 50 ------------------- 2 files changed, 2 insertions(+), 52 deletions(-) delete mode 100644 package/libs/wolfssl/patches/200-ecc-rng.patch diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index e648b8d767..2c2226405d 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=wolfssl -PKG_VERSION:=5.5.0-stable +PKG_VERSION:=5.5.4-stable PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION) -PKG_HASH:=c34b74b5f689fac7becb05583b044e84d3b10d39f38709f0095dd5d423ded67f +PKG_HASH:=b7ee150e49def77c765bc02aac92ddeb0bebefd4cb12aa263d8f95e405221fb8 PKG_FIXUP:=libtool PKG_INSTALL:=1 diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch deleted file mode 100644 index d68ef7f385..0000000000 --- a/package/libs/wolfssl/patches/200-ecc-rng.patch +++ /dev/null @@ -1,50 +0,0 @@ -Since commit 6467de5a8840 ("Randomize z ordinates in scalar -mult when timing resistant") wolfssl requires a RNG for an EC -key when the hardened built option is selected. - -wc_ecc_set_rng is only available when built hardened, so there -is no safe way to install the RNG to the key regardless whether -or not wolfssl is compiled hardened. - -Always export wc_ecc_set_rng so tools such as hostapd can install -RNG regardless of the built settings for wolfssl. - ---- a/wolfcrypt/src/ecc.c -+++ b/wolfcrypt/src/ecc.c -@@ -12348,21 +12348,21 @@ void wc_ecc_fp_free(void) - - #endif /* FP_ECC */ - --#ifdef ECC_TIMING_RESISTANT - int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng) - { - int err = 0; - -+#ifdef ECC_TIMING_RESISTANT - if (key == NULL) { - err = BAD_FUNC_ARG; - } - else { - key->rng = rng; - } -+#endif - - return err; - } --#endif - - #ifdef HAVE_ECC_ENCRYPT - ---- a/wolfssl/wolfcrypt/ecc.h -+++ b/wolfssl/wolfcrypt/ecc.h -@@ -650,10 +650,8 @@ WOLFSSL_ABI WOLFSSL_API - void wc_ecc_fp_free(void); - WOLFSSL_LOCAL - void wc_ecc_fp_init(void); --#ifdef ECC_TIMING_RESISTANT - WOLFSSL_API - int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng); --#endif - - WOLFSSL_API - int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id); -- 2.25.1