From 4a1100dbb84634e4f8077c70071f0f8d5b6a6bb1 Mon Sep 17 00:00:00 2001
From: RISCi_ATOM <bob@bobcall.me>
Date: Thu, 5 Jan 2023 10:44:26 -0500
Subject: [PATCH] wolfssl: Bump to 5.5.4-stable

---
 package/libs/wolfssl/Makefile                 |  4 +-
 .../libs/wolfssl/patches/200-ecc-rng.patch    | 50 -------------------
 2 files changed, 2 insertions(+), 52 deletions(-)
 delete mode 100644 package/libs/wolfssl/patches/200-ecc-rng.patch

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index e648b8d767..2c2226405d 100644
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wolfssl
-PKG_VERSION:=5.5.0-stable
+PKG_VERSION:=5.5.4-stable
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/wolfSSL/wolfssl/archive/v$(PKG_VERSION)
-PKG_HASH:=c34b74b5f689fac7becb05583b044e84d3b10d39f38709f0095dd5d423ded67f
+PKG_HASH:=b7ee150e49def77c765bc02aac92ddeb0bebefd4cb12aa263d8f95e405221fb8
 
 PKG_FIXUP:=libtool
 PKG_INSTALL:=1
diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch
deleted file mode 100644
index d68ef7f385..0000000000
--- a/package/libs/wolfssl/patches/200-ecc-rng.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Since commit 6467de5a8840 ("Randomize z ordinates in scalar
-mult when timing resistant") wolfssl requires a RNG for an EC
-key when the hardened built option is selected.
-
-wc_ecc_set_rng is only available when built hardened, so there
-is no safe way to install the RNG to the key regardless whether
-or not wolfssl is compiled hardened.
-
-Always export wc_ecc_set_rng so tools such as hostapd can install
-RNG regardless of the built settings for wolfssl.
-
---- a/wolfcrypt/src/ecc.c
-+++ b/wolfcrypt/src/ecc.c
-@@ -12348,21 +12348,21 @@ void wc_ecc_fp_free(void)
- 
- #endif /* FP_ECC */
- 
--#ifdef ECC_TIMING_RESISTANT
- int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng)
- {
-     int err = 0;
- 
-+#ifdef ECC_TIMING_RESISTANT
-     if (key == NULL) {
-         err = BAD_FUNC_ARG;
-     }
-     else {
-         key->rng = rng;
-     }
-+#endif
- 
-     return err;
- }
--#endif
- 
- #ifdef HAVE_ECC_ENCRYPT
- 
---- a/wolfssl/wolfcrypt/ecc.h
-+++ b/wolfssl/wolfcrypt/ecc.h
-@@ -650,10 +650,8 @@ WOLFSSL_ABI WOLFSSL_API
- void wc_ecc_fp_free(void);
- WOLFSSL_LOCAL
- void wc_ecc_fp_init(void);
--#ifdef ECC_TIMING_RESISTANT
- WOLFSSL_API
- int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
--#endif
- 
- WOLFSSL_API
- int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);
-- 
2.25.1