[PATCH 01/12] Print ciphersuites in wolfSSL

[Juliusz Sosinowicz]

Thanks Jouni,

Yes wolfSSL 5.2.0 is an older version of the library. Please use a newer 
release for future testing. I will make a note to take a look at the 
failing tests. Hopefully this is something that can be fixed with a few 
new functions.

Sincerely
Juliusz

On 04/11/2023 18:01, Jouni Malinen wrote:
> Thanks, applied the full series with some cleanup and fixes. The last
> patches in this series were quite inconvenient to review since there was
> a mix of refactoring and functional changes in the same patch and also
> cases where some FIPS cases were first removed and then re-added in a
> later patch in the same series. I ended up splitting those quite
> differently for the commit to make the real changes easier to
> understand.
>
> This broke the build with wolfSSL 5.2.0 which was the version I used
> when testing the functionality last time. I ended up adding a simple
> wrapper function based on the library version to try to work around that
> for now. I'm not sure whether 5.2.0 is considered supported anymore, so
> it might be fine to remove that wrapper if that is considered obsolete.
>
> In addition, I ran the full hwsim test case set with wolfSSL 5.5.4 on
> the STA side and OpenSSL on the AP and authentication server. The
> following test cases are failing likely due to some missing
> functionality. I did not look at the details, though.
>
> ap_wpa2_eap_fast_binary_pac
> ap_wpa2_eap_fast_binary_pac_errors
> ap_wpa2_eap_fast_cipher_suites
> ap_wpa2_eap_fast_eap_aka
> ap_wpa2_eap_fast_eap_sim
> ap_wpa2_eap_fast_gtc_auth_prov
> ap_wpa2_eap_fast_mschapv2_unauth_prov
> ap_wpa2_eap_fast_pac_file
> ap_wpa2_eap_fast_pac_lifetime
> ap_wpa2_eap_fast_pac_refresh
> ap_wpa2_eap_fast_pac_truncate
> ap_wpa2_eap_fast_prf_oom
> ap_wpa2_eap_fast_prov
> ap_wpa2_eap_fast_server_oom
> ap_wpa2_eap_fast_text_pac_errors
> ap_wpa2_eap_tls_ec_and_rsa
> ap_wpa2_eap_tls_intermediate_ca_ocsp
> ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked
> ap_wpa2_eap_tls_intermediate_ca_ocsp_revoked_sha1
> ap_wpa2_eap_tls_rsa_and_ec
> ap_wpa2_eap_tls_versions
> ap_wpa2_eap_tls_versions_server
> ap_wpa2_eap_ttls_expired_cert
> ap_wpa2_eap_ttls_ignore_expired_cert
> ap_wpa2_eap_ttls_ocsp_revoked
> ap_wpa2_eap_ttls_ocsp_unknown
> ap_wpa2_eap_ttls_optional_ocsp_unknown
> ap_wpa2_eap_ttls_pap_check_cert_subject_neg
> dpp_peer_intro_failures
> dpp_pkex_hostapd_initiator
> eap_fast_proto_phase2
> eap_fast_tlv_nak_oom
> eap_mschapv2_errors
> eap_proto_fast_errors
> eap_teap_tls_cs_sha1
> eap_teap_tls_cs_sha256
> eap_teap_tls_cs_sha384
> fils_sk_pfs_25
> openssl_ecdh_curves
> owe_invalid_assoc_resp
> sae_bignum_failure
> sae_no_ffc_by_default
> sae_password_ffc
> sae_pwe_failure
> sae_pwe_group_14
> sae_pwe_group_15
> sae_pwe_group_16
> sae_pwe_group_23
> sae_pwe_group_24
> sae_pwe_group_25
> sae_pwe_group_5
> sae_reflection_attack_ffc
> sae_reflection_attack_ffc_internal
> sigma_dut_ap_cipher_ccmp_128
> sigma_dut_ap_cipher_ccmp_256
> sigma_dut_ap_cipher_ccmp_gcmp_1
> sigma_dut_ap_cipher_ccmp_gcmp_2
> sigma_dut_ap_cipher_gcmp_128
> sigma_dut_ap_cipher_gcmp_256
> sigma_dut_ap_cipher_gcmp_256_group_ccmp
> sigma_dut_ap_suite_b
> sigma_dut_eap_aka
> sigma_dut_eap_ttls
> sigma_dut_eap_ttls_uosc
> sigma_dut_eap_ttls_uosc_ca_mistrust
> sigma_dut_suite_b
> suite_b
> suite_b_192
> suite_b_192_mic_failure
> suite_b_192_okc
> suite_b_192_pmkid_failure
> suite_b_192_pmksa_caching_roam
> suite_b_192_radius
> suite_b_192_rsa
> suite_b_192_rsa_dhe
> suite_b_192_rsa_ecdhe
> suite_b_192_rsa_insufficient_dh
> suite_b_192_rsa_insufficient_key
> suite_b_192_rsa_radius
> suite_b_192_rsa_tls_13
> suite_b_mic_failure
> suite_b_pmkid_failure
> suite_b_radius
>