-
Notifications
You must be signed in to change notification settings - Fork 834
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Small static psk TLS 1.2 build for microchip #7894
base: master
Are you sure you want to change the base?
Conversation
9ae071c
to
dbb6486
Compare
Please resolve merge conflicts. Feel free to assign over to me for review. |
sha256 no force zero build small stack with RNG and use of macros add flash mem define for mcc18 checkin modified internal files for small static psk build propogate dynamic Keys struct
dbb6486
to
027f636
Compare
027f636
to
2486aac
Compare
retest this please Jenkins
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it possible to setup a way to build this reduced PSK build with ./configure. Please move the psk-ssl.c and psk-tls.c to a more generic place.
@@ -1176,6 +1179,12 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_connect(WOLFSSL* ssl); | |||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_write( | |||
WOLFSSL* ssl, const void* data, int sz); | |||
WOLFSSL_ABI WOLFSSL_API int wolfSSL_read(WOLFSSL* ssl, void* data, int sz); | |||
#ifdef WOLFSSL_LEANPSK_STATIC | |||
WOLFSSL_API int wolfSSL_write_inline( WOLFSSL* ssl, const void* data, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The implementation of this function is in mplabx/small-psk-build/psk-ssl.c
. Why are these defined here?
@@ -1145,6 +1145,9 @@ WOLFSSL_API int wolfSSL_set1_sigalgs_list(WOLFSSL* ssl, const char* list); | |||
#endif | |||
WOLFSSL_ABI WOLFSSL_API WOLFSSL* wolfSSL_new(WOLFSSL_CTX* ctx); | |||
WOLFSSL_API WOLFSSL_CTX* wolfSSL_get_SSL_CTX(const WOLFSSL* ssl); | |||
#ifdef WOLFSSL_LEANPSK_STATIC | |||
WOLFSSL_API WOLFSSL* wolfSSL_new_leanpsk(WOLFSSL_METHOD* method, byte ciphersuite0, byte ciphersuite1, unsigned char* ran, int ranSz); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The implementation of this function is in mplabx/small-psk-build/psk-ssl.c
. Why are these defined here?
@@ -0,0 +1,7075 @@ | |||
/* psk-ssl.c |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer to see these more public... src/psk/ssl.c and src/psk/tls.c and support include.am changes to support using these size reductions.
Combined some of the files into psk-tls.c and psk-ssl.c to reduce stack depth by aggressively altering call stack. An example client is located in mplabx/small-psk-build. Running the commands
cd mplabx/small-psk-build && make
will build it, creating the executable mplabx/small-psk-build/Build/example-client-psk.Currently the PSK identity is restricted to 10 characters so to connect to the default wolfSSL example server (./example/server/server -s -d -l PSK-AES128-CBC-SHA256
) the check in my_psk_server_cb needs altered.The compiler was working with kept having silent run time issues with enums and unnamed enums. Where it would use to small of a type then at run time not have the correct value. Especially when any arithmetic or bit shifts were done when creating the enum value. Hence the change of so many enums over to macro defines.