Add --enable-tinytls13 TLS 1.3-only footprint profile (PSK+ECDHE floor + minimal X.509)

Author: aidangarske

.github/workflows/tinytls13.yml

@@ -0,0 +1,94 @@
+name: Tiny TLS 1.3 Tests
+
+# START OF COMMON SECTION
+on:
+  push:
+    branches: [ 'release/**' ]
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+    branches: [ '*' ]
+  schedule:
+    - cron: '42 10 * * 1-5'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+# END OF COMMON SECTION
+
+jobs:
+  # Build + make check every --enable-tinytls13 spelling on one runner via
+  # .github/scripts/parallel-make-check.py (see psk.yml for the pattern).
+  make_check:
+    name: make check
+    if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }}
+    runs-on: ubuntu-24.04
+    timeout-minutes: 10
+    steps:
+      - uses: actions/checkout@v5
+        name: Checkout wolfSSL
+
+      - name: Install dependencies
+        uses: ./.github/actions/install-apt-deps
+        with:
+          packages: autoconf automake libtool build-essential bubblewrap
+          ghcr-debs-tag: ubuntu-24.04-minimal
+
+      - name: Set up ccache
+        uses: ./.github/actions/ccache-setup
+        with:
+          workflow-id: tinytls13
+          read-only: ${{ github.event_name == 'pull_request' }}
+          max-size: 100M
+
+      - name: Allow unprivileged user namespaces (for bwrap)
+        run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 || true
+
+      # Every tiny TLS 1.3 profile/adder spelling, so each is proven to build
+      # and pass make check (which runs the TLS handshake test suite) out of
+      # the box. Server is enabled where a config needs the server-side tests.
+      - name: Build and make check all tinytls13 configs
+        run: |
+          cat > "$RUNNER_TEMP/tinytls13-configs.json" <<'EOF'
+          [
+          {"name": "tinytls13-psk-x25519", "minutes": 1,
+           "configure": ["--enable-tinytls13=psk,server", "--disable-mlkem"]},
+          {"name": "tinytls13-psk-p256", "minutes": 1,
+           "configure": ["--enable-tinytls13=psk,p256,server", "--disable-mlkem"]},
+          {"name": "tinytls13-psk-staticmem", "minutes": 1,
+           "configure": ["--enable-tinytls13=psk,server,staticmem", "--disable-mlkem"]},
+          {"name": "tinytls13-psk-mldsa", "minutes": 1,
+           "configure": ["--enable-tinytls13=psk,server,mldsa", "--disable-mlkem"]},
+          {"name": "tinytls13-psk-sha384", "minutes": 1,
+           "configure": ["--enable-tinytls13=psk,server,sha384", "--disable-mlkem"]},
+          {"name": "tinytls13-cert", "minutes": 1,
+           "configure": ["--enable-tinytls13=cert,server", "--disable-mlkem"]},
+          {"name": "tinytls13-cert-sha384", "minutes": 1,
+           "configure": ["--enable-tinytls13=cert,server,sha384", "--disable-mlkem"]},
+          {"name": "tinytls13-cert-mutualauth", "minutes": 1,
+           "configure": ["--enable-tinytls13=cert,mutualauth,server", "--disable-mlkem"]},
+          {"name": "tinytls13-cert-rsaverify", "minutes": 1,
+           "configure": ["--enable-tinytls13=cert,server,rsaverify", "--disable-mlkem"]},
+          {"name": "tinytls13-cert-mldsa", "minutes": 1,
+           "configure": ["--enable-tinytls13=cert,server,mldsa", "--disable-mlkem"]}
+          ]
+          EOF
+          .github/scripts/parallel-make-check.py \
+            ${{ github.event_name == 'schedule' && '--build-only' || '' }} \
+            --private-dir=certs \
+            "$RUNNER_TEMP/tinytls13-configs.json"
+
+      - name: ccache stats
+        if: always()
+        run: ccache -s || true
+
+      - name: Upload logs on failure
+        if: failure()
+        uses: actions/upload-artifact@v6
+        with:
+          retention-days: 7
+          name: tinytls13-logs
+          path: |
+            build-*/make-check.log
+            build-*/test-suite.log
+            build-*/config.log
+          if-no-files-found: ignore

configure.ac

@@ -932,6 +932,61 @@ fi
 
 # MATH LIBRARY SELECTION
 
+# tiny TLS 1.3: align all feature switches with the WOLFSSL_TINY_TLS13 umbrella
+# here, EARLY, before they are consumed (math, ASN, TLS version, renegotiation,
+# etc. are decided at scattered points further down). The -D macros are emitted
+# later where the AC_ARG_ENABLE help/validation lives.
+if test "x$enable_tinytls13" != "x" && test "x$enable_tinytls13" != "xno"
+then
+    tinytls13_cert=no
+    tinytls13_p256=no
+    for v in `echo $enable_tinytls13 | tr ',' ' '`
+    do
+        case $v in
+        cert|mutualauth) tinytls13_cert=yes ;;
+        p256)            tinytls13_p256=yes ;;
+        rsaverify)       enable_rsa=yes ;;
+        asm)             enable_asm=yes ;;
+        mldsa)           enable_mldsa=yes ;;
+        sha384)          enable_sha384=yes; enable_sha512=yes ;;
+        esac
+    done
+
+    # Floor is SHA-256 only. SHA-384/512 share the (large) SHA-512 core and are
+    # otherwise pulled in by default, so keep them out unless asked (sha384).
+    test "x$enable_sha384" = "x" && enable_sha384=no
+    test "x$enable_sha512" = "x" && enable_sha512=no
+
+    # TLS 1.3 only, no legacy TLS / renegotiation / extras.
+    enable_tls13=yes
+    enable_oldtls=no
+    enable_tlsv10=no
+    test "x$enable_tlsv12" = "x" && enable_tlsv12=no
+    enable_dsa=no
+    enable_dh=no
+    enable_psk=yes
+    enable_lowresource=yes
+
+    if test "$tinytls13_cert" = "yes"
+    then
+        enable_ecc=yes
+        enable_sp=yes
+        test "x$enable_asn" = "x" && enable_asn=template
+        test "x$enable_rsa" = "x" && enable_rsa=no
+    else
+        test "x$enable_asn" = "x" && enable_asn=no
+        test "x$enable_rsa" = "x" && enable_rsa=no
+        if test "$tinytls13_p256" = "yes"
+        then
+            enable_ecc=yes
+            enable_sp=yes
+        else
+            test "x$enable_ecc" = "x" && enable_ecc=no
+            enable_curve25519=yes
+        fi
+    fi
+fi
+
 # Assure consistency of defaults
 if test "$DEF_FAST_MATH" = "yes" && ( (test "$enable_sp_math" != "no" && test "$enable_sp_math" != "") || test "$enable_heapmath" = "yes")
 then
@@ -2841,6 +2896,55 @@ then
     enable_lowresource=yes
 fi
 
+# tiny TLS 1.3 footprint profile (TLS1.3-only; expansion lives in the
+# WOLFSSL_TINY_TLS13 umbrella in settings.h. See
+# examples/configs/user_settings_tinytls13.h.)
+AC_ARG_ENABLE([tinytls13],
+    [AS_HELP_STRING([--enable-tinytls13@<:@=LIST@:>@],
+        [Enable tiny TLS 1.3 footprint build. LIST is comma-separated from:
+         psk cert server mutualauth staticmem asm p256 sha384 mldsa rsaverify
+         (default: disabled; bare flag = psk)])],
+    [ ENABLED_TINYTLS13=$enableval ],
+    [ ENABLED_TINYTLS13=no ]
+    )
+
+if test "$ENABLED_TINYTLS13" != "no"
+then
+    if test "$FIPS_VERSION" != "none"
+    then
+        AC_MSG_ERROR([--enable-tinytls13 is a non-FIPS footprint profile and cannot be combined with FIPS.])
+    fi
+
+    # Feature switches were aligned early (MATH LIBRARY SELECTION section);
+    # here we only emit the umbrella + adder macros (settings.h does the rest).
+    tinytls13_base=psk
+    for v in `echo $ENABLED_TINYTLS13 | tr ',' ' '`
+    do
+        case $v in
+        yes|psk)    ;;
+        cert)       tinytls13_base=cert ;;
+        mutualauth) tinytls13_base=cert
+                    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_MUTUAL_AUTH" ;;
+        server)     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_SERVER" ;;
+        staticmem)  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_STATIC_MEM" ;;
+        asm)        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_ASM" ;;
+        p256)       AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DECC_USER_CURVES" ;;
+        rsaverify)  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_RSA_VERIFY" ;;
+        sha384)     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA384" ;;
+        mldsa)      AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_MLDSA -DWOLFSSL_DILITHIUM_VERIFY_ONLY -DWOLFSSL_DILITHIUM_VERIFY_SMALL_MEM -DWOLFSSL_DILITHIUM_NO_ASN1 -DWOLFSSL_NO_ML_DSA_44 -DWOLFSSL_NO_ML_DSA_87" ;;
+        no)         ;;
+        *)          AC_MSG_ERROR([Invalid --enable-tinytls13 value: $v. Valid: psk cert server mutualauth staticmem asm p256 sha384 mldsa rsaverify.]) ;;
+        esac
+    done
+
+    if test "$tinytls13_base" = "cert"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13_CERT"
+    else
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TINY_TLS13"
+    fi
+fi
+
 
 # low resource options to reduce flash and memory use
 AC_ARG_ENABLE([lowresource],
@@ -12908,6 +13012,7 @@ echo "   * TLS v1.0 (Old):             $ENABLED_TLSV10"
 echo "   * TLS v1.1 (Old):             $ENABLED_OLD_TLS"
 echo "   * TLS v1.2:                   $ENABLED_TLSV12"
 echo "   * TLS v1.3:                   $ENABLED_TLS13"
+echo "   * Tiny TLS 1.3:               $ENABLED_TINYTLS13"
 echo "   * RPK:                        $ENABLED_RPK"
 echo "   * Post-handshake Auth:        $ENABLED_TLS13_POST_AUTH"
 echo "   * Early Data:                 $ENABLED_TLS13_EARLY_DATA"

examples/configs/include.am

@@ -23,6 +23,7 @@ EXTRA_DIST += examples/configs/user_settings_stm32.h
 EXTRA_DIST += examples/configs/user_settings_template.h
 EXTRA_DIST += examples/configs/user_settings_tls12.h
 EXTRA_DIST += examples/configs/user_settings_tls13.h
+EXTRA_DIST += examples/configs/user_settings_tinytls13.h
 EXTRA_DIST += examples/configs/user_settings_wolfboot_keytools.h
 EXTRA_DIST += examples/configs/user_settings_wolfssh.h
 EXTRA_DIST += examples/configs/user_settings_wolftpm.h

examples/configs/user_settings_tinytls13.h

@@ -0,0 +1,126 @@
+/* user_settings_tinytls13.h
+ *
+ * Copyright (C) 2006-2026 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Tiny TLS 1.3 footprint profile.
+ *
+ * A TLS 1.3-only build that strips to a PSK + ECDHE floor (no X.509), with
+ * X.509 cert verify, mTLS, server role, zero-heap, and PQC as opt-in adders.
+ * The WOLFSSL_TINY_TLS13 umbrella in settings.h expands these into the
+ * underlying wolfSSL macros; this file just selects the profile and options.
+ *
+ * Smallest footprint comes from a dead-code-eliminated, LTO link of a single
+ * client/server:
+ *   cp ./examples/configs/user_settings_tinytls13.h user_settings.h
+ *   ./configure --enable-usersettings --enable-static --disable-shared \
+ *               --disable-examples --disable-crypttests
+ *   make
+ *   # link your app: -Os -flto -ffunction-sections -fdata-sections \
+ *   #                -Wl,--gc-sections  (use gcc-ar/gcc-ranlib for LTO archives)
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* ===== PROFILE ========================================================== */
+#if 1   /* Profile A: PSK + ECDHE floor, no X.509 (smallest) */
+    #define WOLFSSL_TINY_TLS13
+#endif
+#if 0   /* Profile B: + minimal X.509 cert verify (ECDSA P-256). Implies core. */
+    #define WOLFSSL_TINY_TLS13_CERT
+#endif
+
+/* ===== ROLE / AUTH ADDERS =============================================== */
+#if 0   /* add TLS 1.3 server role (default is client only) */
+    #define WOLFSSL_TINY_TLS13_SERVER
+#endif
+#if 0   /* mutual TLS (X.509 client auth, adds ECDSA sign). Implies cert. */
+    #define WOLFSSL_TINY_TLS13_MUTUAL_AUTH
+#endif
+#if 0   /* add RSA-PSS cert verify (cert profile is ECDSA-only by default) */
+    #define WOLFSSL_TINY_TLS13_RSA_VERIFY
+#endif
+
+/* ===== MEMORY MODEL ===================================================== */
+#if 0   /* zero-heap: static memory pool, no system malloc (deterministic RAM).
+         * App provides the pool via wolfSSL_CTX_load_static_memory(). */
+    #define WOLFSSL_TINY_TLS13_STATIC_MEM
+#endif
+
+/* ===== SPEED ============================================================ */
+#if 0   /* tiny+fast: assembly crypto instead of small-C (size up, speed up) */
+    #define WOLFSSL_TINY_TLS13_ASM
+#endif
+
+/* ===== CURVE (Profile A) =============================================== */
+/* Default curve is X25519. For P-256 ECDHE instead, enable the next block.
+ * (Profile B uses P-256 automatically for both ECDHE and ECDSA verify.) */
+#if 0
+    #define HAVE_ECC
+    #define ECC_USER_CURVES
+#endif
+
+/* ===== AEAD / HASH ADDERS (floor is AES-128-GCM + SHA-256) ============= */
+#if 0   /* ChaCha20-Poly1305 */
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+#endif
+#if 0   /* AES-256-GCM (floor is AES-128 only) */
+    #undef  NO_AES_256
+    #define WOLFSSL_AES_256
+#endif
+#if 0   /* SHA-384 (for AES-256-GCM-SHA384 etc.) */
+    #define WOLFSSL_SHA384
+#endif
+
+/* ===== PQC ADDERS (valid on either profile; SHA-3/SHAKE pulled in auto) = */
+#if 0   /* ML-DSA-65 verify-only */
+    #define WOLFSSL_HAVE_MLDSA
+    #define WOLFSSL_DILITHIUM_VERIFY_ONLY
+    #define WOLFSSL_DILITHIUM_VERIFY_SMALL_MEM
+    #define WOLFSSL_DILITHIUM_NO_ASN1
+    #define WOLFSSL_NO_ML_DSA_44
+    #define WOLFSSL_NO_ML_DSA_87
+#endif
+#if 0   /* ML-KEM-768 + X25519MLKEM768 hybrid */
+    #define WOLFSSL_HAVE_MLKEM
+    #define WOLFSSL_WC_MLKEM
+#endif
+
+/* ===== PLATFORM (bare-metal defaults; adjust for your target) ========== */
+#if 1
+    #define WOLFSSL_USER_IO     /* provide your own send/recv callbacks */
+    #define NO_FILESYSTEM
+    #define WOLFSSL_NO_SOCK
+    #define NO_WRITEV
+    #define WOLFSSL_NO_GETPID
+#endif
+/* Provide a hardware RNG seed for bare metal:
+ * #define CUSTOM_RAND_GENERATE_SEED my_hw_seed   (int f(byte*, word32)) */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */

examples/server/server.c

@@ -3110,7 +3110,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #endif
 
 
-#ifdef HAVE_ECC
+#if defined(HAVE_ECC) && !defined(NO_CERTS)
     /* Use ECDHE key size that matches long term key.
      * Zero means use ctx->privateKeySz.
      * Default ECDHE_SIZE is 32 bytes