diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras index 3943d477390..c84b3f72036 100644 --- a/.wolfssl_known_macro_extras +++ b/.wolfssl_known_macro_extras @@ -157,6 +157,7 @@ CONFIG_WOLFSSL CONFIG_WOLFSSL_ALLOW_TLS13 CONFIG_WOLFSSL_ALPN CONFIG_WOLFSSL_ALT_CERT_CHAINS +CONFIG_WOLFSSL_ALWAYS_VERIFY_CB CONFIG_WOLFSSL_APPLE_HOMEKIT CONFIG_WOLFSSL_ASN_ALLOW_0_SERIAL CONFIG_WOLFSSL_CERTIFICATE_BUNDLE @@ -174,11 +175,13 @@ CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFMQTT_TEMPLATE CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_ECHOSERVER CONFIG_WOLFSSL_EXAMPLE_NAME_WOLFSSH_TEMPLATE CONFIG_WOLFSSL_HKDF +CONFIG_WOLFSSL_KEEP_PEER_CERT CONFIG_WOLFSSL_MAX_FRAGMENT_LEN CONFIG_WOLFSSL_MLKEM CONFIG_WOLFSSL_NO_ASN_STRICT CONFIG_WOLFSSL_PSK CONFIG_WOLFSSL_RSA_PSS +CONFIG_WOLFSSL_SESSION_EXPORT CONFIG_WOLFSSL_TARGET_HOST CONFIG_WOLFSSL_TARGET_PORT CONFIG_WOLFSSL_TLS13_ENABLED @@ -279,6 +282,7 @@ HAVE_ECC512 HAVE_ECC_CDH_CAST HAVE_ECC_SM2 HAVE_ESP_CLK +HAVE_EXT_CACHE HAVE_FIPS_VERSION_PORT HAVE_FUZZER HAVE_INTEL_MULX diff --git a/src/internal.c b/src/internal.c index 2ba6cabc157..9280884e518 100644 --- a/src/internal.c +++ b/src/internal.c @@ -10602,7 +10602,8 @@ ProtocolVersion MakeDTLSv1_3(void) word32 LowResTimer(void) { int64_t t; - #if defined(CONFIG_ARCH_POSIX) && !defined(CONFIG_BOARD_NATIVE_POSIX) + #if defined(CONFIG_ARCH_POSIX) && !defined(CONFIG_BOARD_NATIVE_POSIX) \ + && !defined(CONFIG_BOARD_NATIVE_SIM) k_cpu_idle(); #endif t = k_uptime_get(); /* returns current uptime in milliseconds */ diff --git a/wolfcrypt/src/wc_port.c b/wolfcrypt/src/wc_port.c index ba740423ea6..c34bb4c18a0 100644 --- a/wolfcrypt/src/wc_port.c +++ b/wolfcrypt/src/wc_port.c @@ -215,7 +215,7 @@ Threading/Mutex options: #endif #if defined(WOLFSSL_ZEPHYR) -#if defined(CONFIG_BOARD_NATIVE_POSIX) +#if defined(CONFIG_BOARD_NATIVE_POSIX) || defined(CONFIG_BOARD_NATIVE_SIM) #include "native_rtc.h" #define CONFIG_RTC #endif @@ -4088,7 +4088,7 @@ time_t z_time(time_t * timer) #if defined(CONFIG_RTC) && \ (defined(CONFIG_PICOLIBC) || defined(CONFIG_NEWLIB_LIBC)) - #if defined(CONFIG_BOARD_NATIVE_POSIX) + #if defined(CONFIG_BOARD_NATIVE_POSIX) || defined(CONFIG_BOARD_NATIVE_SIM) /* When using native sim, get time from simulator rtc */ uint32_t nsec = 0; @@ -4120,7 +4120,7 @@ time_t z_time(time_t * timer) return epochTime; } } - #endif /* defined(CONFIG_BOARD_NATIVE_POSIX) */ + #endif /* CONFIG_BOARD_NATIVE_POSIX || CONFIG_BOARD_NATIVE_SIM */ #endif /* Fallback to uptime since boot. This works for relative times, but diff --git a/zephyr/Kconfig b/zephyr/Kconfig index ff05e74d23b..fb6084893a4 100644 --- a/zephyr/Kconfig +++ b/zephyr/Kconfig @@ -98,6 +98,21 @@ config WOLFSSL_MAX_FRAGMENT_LEN Sets the maximum fragment length wolfSSL will use, values 1-6 correspond to enum values WOLFSSL_MFL_* in ssl.h +config WOLFSSL_SESSION_EXPORT + bool "wolfSSL session export support" + help + Enable external session cache (HAVE_EXT_CACHE) + +config WOLFSSL_KEEP_PEER_CERT + bool "wolfSSL keep peer certificate support" + help + Retain peer certificate after handshake (KEEP_PEER_CERT) + +config WOLFSSL_ALWAYS_VERIFY_CB + bool "wolfSSL always invoke verify callback" + help + Invoke verify callback on success as well as failure (WOLFSSL_ALWAYS_VERIFY_CB) + config WOLFCRYPT_ARMASM bool "wolfCrypt ARM Assembly support" depends on WOLFSSL_BUILTIN diff --git a/zephyr/user_settings.h b/zephyr/user_settings.h index cc333bdaaa7..29aea487c8c 100644 --- a/zephyr/user_settings.h +++ b/zephyr/user_settings.h @@ -133,6 +133,21 @@ extern "C" { #define NO_SESSION_CACHE /* disable session resumption */ #endif +/* Session export (external session cache) */ +#if defined(CONFIG_WOLFSSL_SESSION_EXPORT) + #define HAVE_EXT_CACHE +#endif + +/* Keep peer certificate after handshake */ +#if defined(CONFIG_WOLFSSL_KEEP_PEER_CERT) + #define KEEP_PEER_CERT +#endif + +/* Always invoke verify callback (on success as well as failure) */ +#if defined(CONFIG_WOLFSSL_ALWAYS_VERIFY_CB) + #define WOLFSSL_ALWAYS_VERIFY_CB +#endif + /* DTLS */ #if defined(CONFIG_WOLFSSL_DTLS) #define WOLFSSL_DTLS