1 month ago · 550d9ad9a4
--- a/.github/workflows/zephyr.yml
+++ b/.github/workflows/zephyr.yml
@@ -14,9 +14,11 @@ jobs:
 
				             zephyr-sdk: 0.16.1
			
 
				           - zephyr-ref: v3.5.0
			
 
				             zephyr-sdk: 0.16.3
			
 
				+          - zephyr-ref: v2.7.4
			
 
				+            zephyr-sdk: 0.16.3
			
 
				     runs-on: ubuntu-latest
			
 
				     # This should be a safe limit for the tests to run.
			
 
				-    timeout-minutes: 15
			
 
				+    timeout-minutes: 25
			
 
				     steps:
			
 
				       - name: Install dependencies
			
 
				         run: |
			
@@ -75,6 +77,8 @@ jobs:
 
				         run: |
			
 
				           ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
			
 
				           rm -rf zephyr/twister-out
			
 
				+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test_no_malloc -vvv
			
 
				+          rm -rf zephyr/twister-out
			
 
				 
			
 
				       - name: Run wolfssl TLS sock test
			
 
				         id: wolfssl-tls-sock
			
@@ -82,8 +86,11 @@ jobs:
 
				         run: |
			
 
				           ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
			
 
				           rm -rf zephyr/twister-out
			
 
				+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock_no_malloc -vvv
			
 
				+          rm -rf zephyr/twister-out
			
 
				 
			
 
				       - name: Run wolfssl TLS thread test
			
 
				+        if: ${{ matrix.config.zephyr-ref != 'v2.7.4' }}
			
 
				         id: wolfssl-tls-thread
			
 
				         working-directory: zephyr
			
 
				         run: |
			
--- a/wolfcrypt/src/wc_port.c
+++ b/wolfcrypt/src/wc_port.c
@@ -3687,7 +3687,6 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
 
				          * thread->threadStack = k_thread_stack_alloc(WOLFSSL_ZEPHYR_STACK_SZ,
			
 
				          *                                            0);
			
 
				          */
			
 
				-        printf("thread stack size is %ld\n", Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ));
			
 
				         thread->threadStack = (void*)XMALLOC(
			
 
				                 Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ),
			
 
				                 wolfsslThreadHeapHint, DYNAMIC_TYPE_TMP_BUFFER);
			
--- a/zephyr/Kconfig.tls-generic
+++ b/zephyr/Kconfig.tls-generic
@@ -264,9 +264,4 @@ config WOLFSSL_HAVE_ASM
 
				 	  of asymmetric cryptography, however this might have an impact on the
			
 
				 	  code size.
			
 
				 
			
 
				-config WOLFSSL_USER_SETTTINGS
			
 
				-	string "User settings file for wolfSSL"
			
 
				-	help
			
 
				-	  User settings file that contains wolfSSL defines.
			
 
				-
			
 
				 endmenu
			
--- a/zephyr/samples/wolfssl_test/prj-no-malloc.conf
+++ b/zephyr/samples/wolfssl_test/prj-no-malloc.conf
@@ -0,0 +1,30 @@
 
				+# Configure stack and heap sizes
			
 
				+CONFIG_MAIN_STACK_SIZE=655360
			
 
				+#CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=65536
			
 
				+
			
 
				+# Pthreads
			
 
				+CONFIG_PTHREAD_IPC=y
			
 
				+
			
 
				+# Clock for time()
			
 
				+CONFIG_POSIX_CLOCK=y
			
 
				+
			
 
				+# TLS configuration
			
 
				+CONFIG_WOLFSSL_SETTINGS_FILE="user_settings-no-malloc.h"
			
 
				+CONFIG_WOLFSSL=y
			
 
				+CONFIG_WOLFSSL_BUILTIN=y
			
 
				+
			
 
				+# Logging
			
 
				+CONFIG_PRINTK=y
			
 
				+CONFIG_CBPRINTF_LIBC_SUBSTS=y
			
 
				+CONFIG_CBPRINTF_FP_SUPPORT=y
			
 
				+CONFIG_CONSOLE=y
			
 
				+CONFIG_LOG=y
			
 
				+CONFIG_LOG_BACKEND_UART=y
			
 
				+CONFIG_LOG_BUFFER_SIZE=15360
			
 
				+CONFIG_LOG_MODE_IMMEDIATE=y
			
 
				+#CONFIG_WOLFSSL_DEBUG=y
			
 
				+
			
 
				+# Entropy
			
 
				+CONFIG_TEST_RANDOM_GENERATOR=y
			
 
				+CONFIG_ENTROPY_GENERATOR=y
			
 
				+CONFIG_ENTROPY_DEVICE_RANDOM_GENERATOR=y
			
--- a/zephyr/samples/wolfssl_test/prj.conf
+++ b/zephyr/samples/wolfssl_test/prj.conf
@@ -1,7 +1,6 @@
 
				-
			
 
				 # Configure stack and heap sizes
			
 
				-CONFIG_MAIN_STACK_SIZE=655360
			
 
				-#CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=65536
			
 
				+CONFIG_MAIN_STACK_SIZE=32768
			
 
				+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=16384
			
 
				 
			
 
				 # Pthreads
			
 
				 CONFIG_PTHREAD_IPC=y
			
--- a/zephyr/samples/wolfssl_test/sample.yaml
+++ b/zephyr/samples/wolfssl_test/sample.yaml
@@ -13,3 +13,9 @@ tests:
 
				     platform_allow: qemu_x86
			
 
				     integration_platforms:
			
 
				       - qemu_x86
			
 
				+  sample.crypto.wolfssl_test_no_malloc:
			
 
				+    timeout: 120
			
 
				+    platform_allow: qemu_x86
			
 
				+    extra_args: CONF_FILE="prj-no-malloc.conf"
			
 
				+    integration_platforms:
			
 
				+      - qemu_x86
			
--- a/zephyr/samples/wolfssl_tls_sock/prj-no-malloc.conf
+++ b/zephyr/samples/wolfssl_tls_sock/prj-no-malloc.conf
@@ -0,0 +1,57 @@
 
				+# Kernel options
			
 
				+CONFIG_MAIN_STACK_SIZE=655360
			
 
				+CONFIG_ENTROPY_GENERATOR=y
			
 
				+CONFIG_INIT_STACKS=y
			
 
				+
			
 
				+# General config
			
 
				+CONFIG_NEWLIB_LIBC=y
			
 
				+
			
 
				+# Pthreads
			
 
				+CONFIG_PTHREAD_IPC=y
			
 
				+
			
 
				+# Clock for time()
			
 
				+CONFIG_POSIX_CLOCK=y
			
 
				+
			
 
				+# Networking config
			
 
				+CONFIG_NETWORKING=y
			
 
				+CONFIG_NET_IPV4=y
			
 
				+CONFIG_NET_IPV6=n
			
 
				+CONFIG_NET_TCP=y
			
 
				+CONFIG_NET_SOCKETS=y
			
 
				+CONFIG_NET_SOCKETS_POSIX_NAMES=y
			
 
				+
			
 
				+CONFIG_NET_TEST=y
			
 
				+CONFIG_NET_LOOPBACK=y
			
 
				+
			
 
				+# Network driver config
			
 
				+CONFIG_TEST_RANDOM_GENERATOR=y
			
 
				+
			
 
				+# Network address config
			
 
				+CONFIG_NET_CONFIG_SETTINGS=y
			
 
				+CONFIG_NET_CONFIG_NEED_IPV4=y
			
 
				+CONFIG_NET_CONFIG_MY_IPV4_ADDR="192.0.2.1"
			
 
				+CONFIG_NET_CONFIG_PEER_IPV4_ADDR="192.0.2.2"
			
 
				+CONFIG_NET_CONFIG_MY_IPV4_GW="192.0.2.2"
			
 
				+
			
 
				+CONFIG_NET_PKT_TX_COUNT=10
			
 
				+
			
 
				+# Network debug config
			
 
				+#CONFIG_NET_LOG=y
			
 
				+#CONFIG_NET_PKT_LOG_LEVEL_DBG=y
			
 
				+
			
 
				+# Logging
			
 
				+CONFIG_PRINTK=y
			
 
				+#CONFIG_WOLFSSL_DEBUG=y
			
 
				+CONFIG_LOG=y
			
 
				+CONFIG_LOG_MODE_IMMEDIATE=y
			
 
				+
			
 
				+# TLS configuration
			
 
				+CONFIG_WOLFSSL_SETTINGS_FILE="user_settings-no-malloc.h"
			
 
				+CONFIG_WOLFSSL=y
			
 
				+CONFIG_WOLFSSL_BUILTIN=y
			
 
				+
			
 
				+CONFIG_WOLFSSL_TLS_VERSION_1_2=y
			
 
				+CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y
			
 
				+CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y
			
 
				+CONFIG_WOLFSSL_MAC_ALL_ENABLED=y
			
 
				+CONFIG_WOLFSSL_HMAC_DRBG_ENABLED=y
			
--- a/zephyr/samples/wolfssl_tls_sock/prj.conf
+++ b/zephyr/samples/wolfssl_tls_sock/prj.conf
@@ -1,8 +1,8 @@
 
				 # Kernel options
			
 
				-CONFIG_MAIN_STACK_SIZE=655360
			
 
				+CONFIG_MAIN_STACK_SIZE=16384
			
 
				 CONFIG_ENTROPY_GENERATOR=y
			
 
				 CONFIG_INIT_STACKS=y
			
 
				-#CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=8192
			
 
				+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=8192
			
 
				 
			
 
				 # General config
			
 
				 CONFIG_NEWLIB_LIBC=y
			
@@ -50,7 +50,7 @@ CONFIG_LOG_MODE_IMMEDIATE=y
 
				 CONFIG_WOLFSSL=y
			
 
				 CONFIG_WOLFSSL_BUILTIN=y
			
 
				 
			
 
				-CONFIG_WOLFSSL_TLS_VERSION_1_2=y
			
 
				+CONFIG_WOLFSSL_TLS_VERSION_1_3=y
			
 
				 CONFIG_WOLFSSL_KEY_EXCHANGE_ALL_ENABLED=y
			
 
				 CONFIG_WOLFSSL_CIPHER_ALL_ENABLED=y
			
 
				 CONFIG_WOLFSSL_MAC_ALL_ENABLED=y
			
--- a/zephyr/samples/wolfssl_tls_sock/sample.yaml
+++ b/zephyr/samples/wolfssl_tls_sock/sample.yaml
@@ -8,9 +8,16 @@ common:
 
				     regex:
			
 
				       - "Server Return: 0"
			
 
				       - "Client Return: 0"
			
 
				+      - "Done"
			
 
				 tests:
			
 
				   sample.crypto.wolfssl_tls_sock:
			
 
				     timeout: 60
			
 
				     platform_allow: qemu_x86
			
 
				     integration_platforms:
			
 
				       - qemu_x86
			
 
				+  sample.crypto.wolfssl_tls_sock_no_malloc:
			
 
				+    timeout: 60
			
 
				+    platform_allow: qemu_x86
			
 
				+    extra_args: CONF_FILE="prj-no-malloc.conf"
			
 
				+    integration_platforms:
			
 
				+      - qemu_x86
			
--- a/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
+++ b/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
@@ -445,20 +445,8 @@ void client_thread()
 
				     WOLFSSL*     client_ssl = NULL;
			
 
				     SOCKET_T     sockfd = WOLFSSL_SOCKET_INVALID;
			
 
				 
			
 
				-#ifdef WOLFSSL_STATIC_MEMORY
			
 
				-    //if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
			
 
				-    //                           sizeof(gMemoryClient),
			
 
				-    //                           WOLFMEM_GENERAL | WOLFMEM_TRACK_STATS, 1) != 0) {
			
 
				-    //    printf("unable to load static memory");
			
 
				-    //    ret = -1;
			
 
				-    //}
			
 
				-
			
 
				-    if (ret == 0)
			
 
				-#endif
			
 
				-    {
			
 
				-        /* Client connection */
			
 
				-        ret = wolfssl_client_new(&client_ctx, &client_ssl);
			
 
				-    }
			
 
				+    /* Client connection */
			
 
				+    ret = wolfssl_client_new(&client_ctx, &client_ssl);
			
 
				 
			
 
				     if (ret == 0)
			
 
				         ret = wolfssl_client_connect_tcp(client_ssl, &sockfd);
			
@@ -526,6 +514,9 @@ int main()
 
				 
			
 
				     k_sleep(Z_TIMEOUT_TICKS(100));
			
 
				     client_thread();
			
 
				+    /* Join is not working in qemu when the thread is still active. Wait for it
			
 
				+     * to shut down to join it. */
			
 
				+    k_sleep(Z_TIMEOUT_TICKS(100));
			
 
				 
			
 
				     if (wolfSSL_JoinThread(serverThread) != 0) {
			
 
				         printf("Failed to join server thread\n");
			
--- a/zephyr/user_settings-tls-generic.h
+++ b/zephyr/user_settings-tls-generic.h
@@ -102,9 +102,6 @@ extern "C" {
 
				 #undef  NO_MD4
			
 
				 #define NO_MD4
			
 
				 
			
 
				-//#undef  NO_PWDBASED
			
 
				-//#define NO_PWDBASED
			
 
				-
			
 
				 #undef  USE_FAST_MATH
			
 
				 #define USE_FAST_MATH
			
 
				 
			
@@ -117,9 +114,6 @@ extern "C" {
 
				 #undef  WC_NO_ASYNC_THREADING
			
 
				 #define WC_NO_ASYNC_THREADING
			
 
				 
			
 
				-//#undef  NO_DES3
			
 
				-//#define NO_DES3
			
 
				-
			
 
				 #undef  WOLFSSL_STATIC_MEMORY
			
 
				 #define WOLFSSL_STATIC_MEMORY
			
 
				 
			
--- a/zephyr/user_settings.h
+++ b/zephyr/user_settings.h
@@ -24,7 +24,10 @@
 
				 
			
 
				 #ifdef CONFIG_WOLFSSL
			
 
				 
			
 
				-/* If a custom user_settings file is provided use it instead */
			
 
				+/* If a custom user_settings file is provided use it instead.
			
 
				+ * CONFIG_WOLFSSL_SETTINGS_FILE is always defined. If it is not explicitly set
			
 
				+ * in prj.conf then it is auto-defined to "". This obviously causes issues here.
			
 
				+ * That is why we define WOLFSSL_SETTINGS_FILE in CMakeLists.txt. */
			
 
				 #ifdef WOLFSSL_SETTINGS_FILE
			
 
				 #include WOLFSSL_SETTINGS_FILE
			
 
				 #else
			
@@ -219,7 +222,7 @@ extern "C" {
 
				     #undef  NO_SHA /* on by default */
			
 
				     //#define USE_SLOW_SHA /* 1k smaller, but 25% slower */
			
 
				 #else
			
 
				-    #define NO_SHA
			
 
				+    // #define NO_SHA /* Necessary for pkcs12 tests */
			
 
				 #endif
			
 
				 
			
 
				 /* SHA2-256 */
			
@@ -297,7 +300,7 @@ extern "C" {
 
				 #define NO_RC4
			
 
				 #define NO_MD4
			
 
				 #define NO_MD5
			
 
				-#define NO_DES3
			
 
				+//#define NO_DES3 /* Necessary for pkcs12 tests */
			
 
				 #define WOLFSSL_NO_SHAKE128
			
 
				 #define WOLFSSL_NO_SHAKE256