Support post-quantum KYBER_LEVEL1 and P256_KYBER_LEVEL1 with FALCON_LEVEL1 in wolfMQTT. #300
Conversation
examples/mqttexample.c
Outdated
| /* REVIEWER: Should the other mTls* variables be initialized? | ||
| * This comment should be removed during review. | ||
| */ |
There was a problem hiding this comment.
Remove your code comment. Static globals are guaranteed to be zero initialized. It is part of the C standard.
examples/mqttexample.c
Outdated
| /* REVIEWER: This has nothing to do with PQC but I think this fixes a | ||
| * a bug where we would have de-referenced client->tls.ctx even if it | ||
| * NULL. | ||
| * This comment should be removed during review. | ||
| */ |
There was a problem hiding this comment.
Looks good. Remove your comment. You should put comments in the PR not in the code.
examples/mqttexample.c
Outdated
| /* REVIEWER: This has nothing to do with PQC but I think this fixes a | ||
| * a bug where we would have de-referenced client->tls.ctx even if it | ||
| * NULL. | ||
| * This comment should be removed during review. | ||
| */ |
There was a problem hiding this comment.
Looks good. Remove your comment. You should put comments in the PR not in the code.
examples/mqttexample.c
Outdated
| #endif /* HAVE_SNI */ | ||
| #ifdef HAVE_PQC | ||
| int group = 0; |
There was a problem hiding this comment.
Declare int group in brace or top of function.
wolfmqtt/mqtt_client.h
Outdated
| @@ -482,6 +482,10 @@ WOLFMQTT_API int MqttClient_CancelMessage( | |||
|
|
|||
| /*! \brief Performs network connect with TLS (if use_tls is non-zero value) | |||
| * Will perform the MqttTlsCb callback if use_tls is non-zero value | |||
| * \note The callback function that cb points to does not have to initialize | |||
There was a problem hiding this comment.
You could fix mqtt_socket.c to use the WOLFSSL versions....
WOLFSSL_API void wolfSSL_SSLSetIORecv(WOLFSSL *ssl, CallbackIORecv CBIORecv);
WOLFSSL_API void wolfSSL_SSLSetIOSend(WOLFSSL *ssl, CallbackIOSend CBIOSend);
There was a problem hiding this comment.
hmmm....I don't know what the difference is and I don't know why mqtt has its own custom ones in the first place. I'll look into it tomorrow.
There was a problem hiding this comment.
OH !!! You mean call those functions after the callback returns!! I get it now. Will do tomorrow.
examples/mqttexample.c
Outdated
| } | ||
|
|
||
| if (group != 0) { | ||
| /* Setup the IO callbacks */ |
There was a problem hiding this comment.
You could fix mqtt_socket.c to use the WOLFSSL versions....
WOLFSSL_API void wolfSSL_SSLSetIORecv(WOLFSSL *ssl, CallbackIORecv CBIORecv);
WOLFSSL_API void wolfSSL_SSLSetIOSend(WOLFSSL *ssl, CallbackIOSend CBIOSend);
examples/mqttexample.c
Outdated
| } else if (XSTRCMP(mTlsPQAlg, "P256_KYBER_LEVEL1") == 0) { | ||
| group = WOLFSSL_P256_KYBER_LEVEL1; | ||
| } else { | ||
| PRINTF("invalid post-quantum KEM specified"); |
examples/mqttexample.c
Outdated
| /* REVIEWER: Should the other mTls* variables be initialized? | ||
| * This comment should be removed during review. | ||
| */ |
There was a problem hiding this comment.
Remove your code comment. Static globals are guaranteed to be zero initialized. It is part of the C standard.
|
Add a section in the README.md please showing steps to use PQ with MQTT. This would require the server to have PQ enabled to, so guessing there are many tips you can add. |
Sure, will get to it tomorrow. |
anhu
changed the title
|
Not ready for merge yet. Still need to do README.md additions. |
|
Firmware test is failing...repro'd on my local system. I still need to investigate. |
|
Don't investigate, just retry the test. It isn't you... it is because our tests use a public server and the tests sometimes collide. We don't have our own MQTT broker for testing.... |
|
Already retried. Repro'd locally, consistently and got seg fault. Can't be result of collision . |
That's great. Should be easy then. I won't merge yet. |
|
Yup. Will investigate on Monday morning. |
|
Once the tests pass (pretty sure it will pass now) then this commit is good to go. |
No description provided.