Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to wolfssl 5.7.2 #178

Merged
merged 3 commits into from
Sep 4, 2024
Merged

Update to wolfssl 5.7.2 #178

merged 3 commits into from
Sep 4, 2024

Conversation

xv-ian-c
Copy link
Contributor

@xv-ian-c xv-ian-c commented Sep 3, 2024

Moving from v5.6.6-stable we are picking up:

Our disable-falcon-dilithium.patch required an update, likely due to the changes in wolfSSL/wolfssl#7622.

@xv-ian-c
wolfssl-sys: Fail the build if a patch fails to apply
4200bb4
@xv-ian-c
wolfssl-sys: Ensure build.rs reruns if a patch changes
d964fc3 
We already emitted a `rerun-if-changed` for the directory itself which is
highly likely to get a different `mtime` if a file within it changed, and we
have not observed issues with the previous arrangements in practice, but this
change should make things more explicit.
@xv-ian-c
Update to upstream wolfssl 5.7.2
2bfc136 
Moving from v5.6.6-stable we are picking up:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.0-stable
https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable
(there was no 5.7.1)

Our `disable-falcon-dilithium.patch` required an update, likely due to the
changes in wolfSSL/wolfssl#7622.
@xv-ian-c xv-ian-c requested a review from a team as a code owner September 3, 2024 12:41
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 3, 2024

Code coverage summary for dd54cea:

Filename                             Regions    Missed Regions     Cover   Functions  Missed Functions  Executed       Lines      Missed Lines     Cover    Branches   Missed Branches     Cover
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
wolfssl-sys/src/lib.rs                     5                 0   100.00%           2                 0   100.00%          24                 0   100.00%           0                 0         -
wolfssl/src/chacha20_poly1305.rs          14                 2    85.71%           5                 0   100.00%          95                 2    97.89%           0                 0         -
wolfssl/src/context.rs                   171                85    50.29%          46                15    67.39%         355               127    64.23%           0                 0         -
wolfssl/src/error.rs                      23                11    52.17%           7                 3    57.14%          53                11    79.25%           0                 0         -
wolfssl/src/lib.rs                        63                10    84.13%          14                 2    85.71%          84                13    84.52%           0                 0         -
wolfssl/src/rng.rs                        19                 5    73.68%           4                 0   100.00%          47                 3    93.62%           0                 0         -
wolfssl/src/ssl.rs                       471               203    56.90%          81                25    69.14%        1062               278    73.82%           0                 0         -
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                    766               316    58.75%         159                45    71.70%        1720               434    74.77%           0                 0         -

✅ Region coverage 58% passes
✅ Line coverage 74% passes

@xv-ian-c xv-ian-c merged commit 236d42f into main Sep 4, 2024
8 checks passed
@xv-ian-c xv-ian-c deleted the CVPN-1030-wolfssl-5.7.2 branch September 4, 2024 07:39
kp-mariappan-ramasamy
kp-mariappan-ramasamy reviewed Sep 16, 2024
View reviewed changes
wolfssl-sys/build.rs
@@ -118,6 +118,8 @@ fn build_wolfssl(wolfssl_src: &Path) -> PathBuf {
.enable("supportedcurves", None)
// Enable TLS/1.3
.enable("tls13", None)
// Enable liboqs, etc
.enable("experimental", None)
Copy link
Contributor

@kp-mariappan-ramasamy kp-mariappan-ramasamy Sep 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was this flag needed even if we use liboqs instead of wolfssl builtin kyber ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think so, configure script contains:

# KYBER
# Used:
#  - SHA3, Shake128 and Shake256
AC_ARG_ENABLE([kyber],
    [AS_HELP_STRING([--enable-kyber],[Enable KYBER (requires --enable-experimental) (default: disabled)])],
    [ ENABLED_KYBER=$enableval ],
    [ ENABLED_KYBER=no ]
    )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kp-mariappan-ramasamy kp-mariappan-ramasamy kp-mariappan-ramasamy left review comments

@xv-raihaan-m xv-raihaan-m xv-raihaan-m approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@xv-ian-c @xv-raihaan-m @kp-mariappan-ramasamy