Rhunter1 · gneidermeier · Sep 30, 2019 · Oct 1, 2019 · Oct 1, 2019 · Oct 2, 2019
diff --git a/examples/cc3220sf/wolfssl_ccs/.cproject b/examples/cc3220sf/wolfssl_ccs/.cproject
@@ -32,6 +32,9 @@
 								<option id="com.ti.ccstudio.buildDefinitions.TMS470_16.9.compilerID.DEFINE.1016586571" name="Pre-define NAME (--define, -D)" superClass="com.ti.ccstudio.buildDefinitions.TMS470_16.9.compilerID.DEFINE" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="${XDC_SYMBOLS}"/>
 									<listOptionValue builtIn="false" value="${COM_TI_SIMPLELINK_CC32XX_SDK_SYMBOLS}"/>
+									<listOptionValue builtIn="false" value="ECC_TIMING_RESISTANT"/>
+									<listOptionValue builtIn="false" value="WC_RSA_BLINDING"/>
+									<listOptionValue builtIn="false" value="HAVE_ECC"/>
 									<listOptionValue builtIn="false" value="cc3220sf"/>
 									<listOptionValue builtIn="false" value="DEBUG_WOLFSSL"/>
 									<listOptionValue builtIn="false" value="CC32XXWARE"/>

diff --git a/examples/cc3220sf/wolfssl_ccs/.project b/examples/cc3220sf/wolfssl_ccs/.project
@@ -50,6 +50,11 @@
 			<type>1</type>
 			<locationURI>WOLFSSL_DIR/wolfcrypt/src/dh.c</locationURI>
 		</link>
+		<link>
+			<name>wolfcrypt/ecc.c</name>
+			<type>1</type>
+			<locationURI>WOLFSSL_DIR/wolfcrypt/src/ecc.c</locationURI>
+		</link>
 		<link>
 			<name>wolfcrypt/error.c</name>
 			<type>1</type>
@@ -105,6 +110,11 @@
 			<type>1</type>
 			<locationURI>WOLFSSL_DIR/wolfcrypt/src/sha256.c</locationURI>
 		</link>
+		<link>
+			<name>wolfcrypt/tfm.c</name>
+			<type>1</type>
+			<locationURI>WOLFSSL_DIR/wolfcrypt/src/tfm.c</locationURI>
+		</link>
 		<link>
 			<name>wolfcrypt/wc_encrypt.c</name>
 			<type>1</type>
@@ -115,15 +125,20 @@
 			<type>1</type>
 			<locationURI>WOLFSSL_DIR/wolfcrypt/src/wc_port.c</locationURI>
 		</link>
+		<link>
+			<name>wolfcrypt/wolfmath.c</name>
+			<type>1</type>
+			<locationURI>WOLFSSL_DIR/wolfcrypt/src/wolfmath.c</locationURI>
+		</link>
 		<link>
 			<name>wolfssl/internal.c</name>
 			<type>1</type>
 			<locationURI>WOLFSSL_DIR/src/internal.c</locationURI>
 		</link>
 		<link>
-			<name>wolfssl/io.c</name>
+			<name>wolfssl/wolfio.c</name>
 			<type>1</type>
-			<locationURI>WOLFSSL_DIR/src/io.c</locationURI>
+			<locationURI>WOLFSSL_DIR/src/wolfio.c</locationURI>
 		</link>
 		<link>
 			<name>wolfssl/keys.c</name>

diff --git a/make/mt-config/mt-tls-wolfssl.mk b/make/mt-config/mt-tls-wolfssl.mk
@@ -11,6 +11,12 @@ XI_TLS_LIB_NAME ?= wolfssl
 XI_CONFIG_FLAGS += -DHAVE_SNI
 XI_CONFIG_FLAGS += -DHAVE_CERTIFICATE_STATUS_REQUEST
 
+# enabling ECC 
+XI_CONFIG_FLAGS += -DHAVE_ECC
+XI_CONFIG_FLAGS += -DTFM_TIMING_RESISTANT -DECC_TIMING_RESISTANT -DWC_RSA_BLINDING
+XI_CONFIG_FLAGS += -DWOLFSSL_X86_64_BUILD
+
+
 # libxively OCSP stapling feature switch
 XI_CONFIG_FLAGS += -DXI_TLS_OCSP_STAPLING
 # libxively OCSP feature switch

diff --git a/make/mt-os/mt-cc3220sf.mk b/make/mt-os/mt-cc3220sf.mk
@@ -37,7 +37,7 @@ else ifneq (,$(findstring Windows,$(XI_HOST_PLATFORM)))
     XI_CC3220SF_PATH_CCS_TOOLS ?= C:/ti/ccsv8/tools
 
 	XI_CC3220SF_PATH_SDK ?= C:/ti/simplelink_cc32xx_sdk_2_10_00_04
-	XI_CC3220SF_PATH_XDC_SDK ?= C:/ti/xdctools_3_50_08_24_core
+	XI_CC3220SF_PATH_XDC_SDK ?= C:/ti/xdctools_3_50_05_12_core
 
 	CC = $(XI_CC3220SF_PATH_CCS_TOOLS)/compiler/$(COMPILER)/bin/armcl
 	AR = $(XI_CC3220SF_PATH_CCS_TOOLS)/compiler/$(COMPILER)/bin/armar
@@ -124,10 +124,39 @@ XI_CONFIG_FLAGS += -DXI_EMBEDDED_TESTS
 XI_CONFIG_FLAGS += -DXI_DEBUG_PRINTF=Report
 #XI_CONFIG_FLAGS += -DXI_CC3220SF_UNSAFELY_DISABLE_CERT_STORE #Will also disable the store's CRL
 
+
 # wolfssl API
+
+# GN:  the following set of defines arguably belong in make/mt-config/mt-tls-wolfssl.mk .. not specific to cc3220
+#
+#    note: file configuration changed due to experimentiion w/ libIOTC and integration of wSSL 3.10.7 ... 
+#    fwiw :
+#			<name>wolfcrypt/ecc.c</name>
+# 			<name>wolfcrypt/tfm.c</name>
+# 			<name>wolfcrypt/wolfmath.c</name>
+#			<name>wolfssl/wolfio.c</name> ... and this one renamed from "io.c"
+#
+#   added to wSSL .cproject: 
+#			<listOptionValue builtIn="false" value="HAVE_ECC"/>
+#
+XI_CONFIG_FLAGS += -DHAVE_ECC
+# re "wolfcrypt/settings.h" ... #warning directive: "For timing resistance / side-channel attack prevention consider using harden options
+#XI_CONFIG_FLAGS += -DTFM_TIMING_RESISTANT    # if (defined(USE_FAST_MATH) 
+# if  (defined(HAVE_ECC) 
+XI_CONFIG_FLAGS += -DECC_TIMING_RESISTANT 
+# if (!defined(NO_RSA) && !defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS) &&  !defined(WC_NO_RNG))
+XI_CONFIG_FLAGS += -DWC_RSA_BLINDING
+
+
 XI_CONFIG_FLAGS += -DNO_WRITEV
 XI_CONFIG_FLAGS += -DSINGLE_THREADED
 
+#  with wolfssl 3.10.4 and later
+XI_CONFIG_FLAGS += -DNO_WOLFSSL_DIR
+# re  "wolfssl/wolfio.h" .... fatal error #1965: cannot open source file "fcntl.h"
+XI_CONFIG_FLAGS += -DWOLFSSL_USER_IO
+
+
 XI_ARFLAGS := r $(XI)
 XI_LIB_FLAGS := -llibxively.a
 

diff --git a/src/import/tls/download_and_compile_wolfssl.sh b/src/import/tls/download_and_compile_wolfssl.sh
@@ -52,9 +52,14 @@ then
     echo
     exit 1
 fi
+
+#
+# GN: re wSSL version ... I went w/ 3.15.7
+#   https://github.com/wolfSSL/wolfssl/issues/1415
+#
 git clone https://github.com/wolfSSL/wolfssl
 cd wolfssl
-git checkout tags/v3.10.2-stable
+git checkout tags/v3.15.7-stable
 (autoreconf --install && ./configure `cat ../wolfssl.conf` && make )
 echo "WolfSSL Build Complete."