wolfssl: add config flag for Curve448

This enables building WolfSSL with Curve448, which can be used by
Strongswan. This has been tested on a Linksys E8450, running OpenWrt
22.03-rc4.

This allows parity with OpenSSL, which already supports Curve448 in
OpenWrt 21.02.

Fixes openwrt/packages#18812.

Signed-off-by: Joel Low <joel@joelsplace.sg>

diff --git a/package/libs/wolfssl/Config.in b/package/libs/wolfssl/Config.in
index eca9572c490a1693e76208411c4df104726603af..901f2b29653a321872f0c014a60a7455ef52276c 100644 (file)
--- a/package/libs/wolfssl/Config.in
+++ b/package/libs/wolfssl/Config.in
@@ -51,6 +51,9 @@ config WOLFSSL_HAS_ECC25519
        bool "Include ECC Curve 25519 support"
        default y
 
+config WOLFSSL_HAS_ECC448
+       bool "Include ECC Curve 448 support"
+
 config WOLFSSL_HAS_OPENVPN
        bool "Include OpenVPN support"
        default y

diff --git a/package/libs/wolfssl/Makefile b/package/libs/wolfssl/Makefile
index 3edd526364041d646a41c4990c4a765d31882e94..a511837800f759c69433092201637ea3d203d7eb 100644 (file)
--- a/package/libs/wolfssl/Makefile
+++ b/package/libs/wolfssl/Makefile
@@ -32,6 +32,7 @@ PKG_CONFIG_DEPENDS:=\
        CONFIG_WOLFSSL_HAS_DH \
        CONFIG_WOLFSSL_HAS_DTLS \
        CONFIG_WOLFSSL_HAS_ECC25519 \
+       CONFIG_WOLFSSL_HAS_ECC448 \
        CONFIG_WOLFSSL_HAS_OCSP \
        CONFIG_WOLFSSL_HAS_OPENVPN CONFIG_WOLFSSL_ALT_NAMES \
        CONFIG_WOLFSSL_HAS_SESSION_TICKET \
@@ -119,6 +120,7 @@ CONFIGURE_ARGS += \
        --$(if $(CONFIG_WOLFSSL_HAS_SESSION_TICKET),enable,disable)-session-ticket \
        --$(if $(CONFIG_WOLFSSL_HAS_DTLS),enable,disable)-dtls \
        --$(if $(CONFIG_WOLFSSL_HAS_ECC25519),enable,disable)-curve25519 \
+       --$(if $(CONFIG_WOLFSSL_HAS_ECC448),enable,disable)-curve448 \
        --$(if $(CONFIG_WOLFSSL_HAS_AFALG),enable,disable)-afalg \
        --$(if $(CONFIG_WOLFSSL_HAS_OPENVPN),enable,disable)-openvpn \
        --enable-devcrypto=$(if $(CONFIG_WOLFSSL_HAS_DEVCRYPTO_CBC),cbc\