From 925c73aab3c1514da9f4cec97badb91113631dbf Mon Sep 17 00:00:00 2001 From: Joel Low Date: Fri, 24 Jun 2022 18:47:20 +0800 Subject: [PATCH] wolfssl: add config flag for Curve448 This enables building WolfSSL with Curve448, which can be used by Strongswan. This has been tested on a Linksys E8450, running OpenWrt 22.03-rc4. This allows parity with OpenSSL, which already supports Curve448 in OpenWrt 21.02. Fixes openwrt/packages#18812. Signed-off-by: Joel Low --- package/libs/wolfssl/Config.in | 3 +++ package/libs/wolfssl/Makefile | 2 ++ 2 files changed, 5 insertions(+) diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in index eca9572c490..901f2b29653 100644 --- a/package/libs/wolfssl/Config.in +++ b/package/libs/wolfssl/Config.in @@ -51,6 +51,9 @@ config WOLFSSL_HAS_ECC25519 bool "Include ECC Curve 25519 support" default y +config WOLFSSL_HAS_ECC448 + bool "Include ECC Curve 448 support" + config WOLFSSL_HAS_OPENVPN bool "Include OpenVPN support" default y diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile index 3edd5263640..a511837800f 100644 --- a/package/libs/wolfssl/Makefile +++ b/package/libs/wolfssl/Makefile @@ -32,6 +32,7 @@ PKG_CONFIG_DEPENDS:=\ CONFIG_WOLFSSL_HAS_DH \ CONFIG_WOLFSSL_HAS_DTLS \ CONFIG_WOLFSSL_HAS_ECC25519 \ + CONFIG_WOLFSSL_HAS_ECC448 \ CONFIG_WOLFSSL_HAS_OCSP \ CONFIG_WOLFSSL_HAS_OPENVPN CONFIG_WOLFSSL_ALT_NAMES \ CONFIG_WOLFSSL_HAS_SESSION_TICKET \ @@ -119,6 +120,7 @@ CONFIGURE_ARGS += \ --$(if $(CONFIG_WOLFSSL_HAS_SESSION_TICKET),enable,disable)-session-ticket \ --$(if $(CONFIG_WOLFSSL_HAS_DTLS),enable,disable)-dtls \ --$(if $(CONFIG_WOLFSSL_HAS_ECC25519),enable,disable)-curve25519 \ + --$(if $(CONFIG_WOLFSSL_HAS_ECC448),enable,disable)-curve448 \ --$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \ --$(if $(CONFIG_WOLFSSL_HAS_OPENVPN),enable,disable)-openvpn \ --enable-devcrypto=$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC),cbc\