-
Notifications
You must be signed in to change notification settings - Fork 480
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enables the use of wolfSSL for crypto primitives #692
Conversation
Can I get a review of this code? |
Yes it is on my list of things todo in the next week, sorry if that seams like a long time. |
Wrong things will happen if you enable two or more of --enable-openssl, --enable-wolfssl, and --enable-nss, and I think we have nothing that guards against this. This isn't a new problem with wolfssl (it was already a problem with just openssl and nss), but should we have something to protect against this? Or possibly even change the configure option syntax to --enable-crypto=[openssl,wolfssl,nss] with the 3.0 release, since that's where we're putting other breaking changes. |
It think there is some protection in the cmake build files at least, but I agree at this point when there are now ~5 options the config should be changed to a switch as you suggested |
4ac1e46
to
e65b27f
Compare
Changed CI testing to always use GitHub to clone wolfssl using https. |
@SparkiDev , |
Changes: |
Attempted to fix cmake on macOS by exporting include path /usr/local/include |
f3bdf13
to
74c4a97
Compare
Changed WOLFSSL_INCLUDE_DIRS -> WOLFSSL_INCLUDE_DIR in FindwolfSSL.cmake to match CMakeLists.txt. |
Changed when the Aes object is allocated to minimize memory usage. |
f33986c
to
79e6346
Compare
Improved memory usage around AES-GCM. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In general it is fine, will approve once you have responded to the comments.
To configure: ./configure --enable-wolfssl --with-wolfssl-dir=<wolfssl dir> Add implementations of SRTP KDF, HMAC, AES-GCM and AES-CTR using wolfSSL.
@SparkiDev , it is merged but now the ci builds fail to build wolfssl ... https://github.com/cisco/libsrtp/actions/runs/8861716469/job/24333886680 |
#704 should fix this. |
To configure:
./configure --enable-wolfssl --with-wolfssl-dir=
Add implementations of SRTP KDF, HMAC, AES-GCM and AES-CTR using wolfSSL.