Topic: wolfssl_new(ctx) return an SSL object null
Hi,
I'm implementing a WolfSSL server using static allocation. The problem is that the wolfSSL_new(ctx) function returns a null ssl. This is the scketch:
#include <WiFi.h>
#include <WiFiClient.h>
#include <wolfssl.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/memory.h>
#define USE_CERT_BUFFERS_256
#include "certificates/certs_test.h"
const int port = 11111; /* port to listen on */
WiFiServer server(port);
WiFiClient client;
WOLFSSL_CTX* ctx = NULL;
WOLFSSL* ssl = NULL;
#define MAX 10000
int ret;
unsigned char memory[MAX];
int memorySz = MAX;
unsigned char IO[MAX];
int IOSz = MAX;
int flag = WOLFMEM_IO_POOL | WOLFMEM_TRACK_STATS;
WOLFSSL_MEM_STATS mem_stats;
const char* ssid = "*****";
const char* password = "*****";
int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
int sent = 0;
sent = client.write((byte*)msg, sz);
return sent;
}
int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
int ret = 0;
while (client.available() > 0 && ret < sz) {
reply[ret++] = client.read();
}
return ret;
}
void setup(){
Serial.begin(115200);
WiFi.begin(ssid, password);
Serial.println("Server started");
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
Serial.print("AP IP address: ");
Serial.println(WiFi.localIP());
int err;
WOLFSSL_METHOD* method;
method = wolfTLSv1_2_server_method();
if (method == NULL) {
Serial.println("unable to get method");
return;
}
ret = wolfSSL_CTX_load_static_memory(&ctx, wolfSSLv23_server_method_ex, memory, memorySz, 0, MAX_CONCURRENT_HANDSHAKES);
if(ret != SSL_SUCCESS){
Serial.println("UN CAZZO");
return;
}
Serial.println("TUTT APPOST");
// carica in memoria per l'uso con IO
ret = wolfSSL_CTX_load_static_memory(&ctx, NULL, IO, IOSz, flag, MAX_CONCURRENT_IO);
if (ret != SSL_SUCCESS) {
Serial.println("UN CAZZO - IO");
return;
}
Serial.println("TUTT APPOST - IO");
ret = wolfSSL_CTX_is_static_memory(ctx, &mem_stats);
if(ret == 1) Serial.println("STATIC");
if(ret == 0) Serial.println("NO STATIC");
/* initialize wolfSSL using callback functions */
wolfSSL_SetIOSend(ctx, EthernetSend);
wolfSSL_SetIORecv(ctx, EthernetReceive);
/* setup the private key and certificate */
err = wolfSSL_CTX_use_PrivateKey_buffer(ctx, ecc_key_der_256,
sizeof_ecc_key_der_256, WOLFSSL_FILETYPE_ASN1);
if (err != WOLFSSL_SUCCESS) {
Serial.println("error setting key");
return;
}
ret = wolfSSL_CTX_use_certificate_file(ctx, "certificates/server-certificate.pem", SSL_FILETYPE_PEM);
if (err != WOLFSSL_SUCCESS) {
Serial.println("error setting certificate");
Serial.println(err);
return;
}
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); /* SSL_VERIFY_PEER (fa anche authentication client), SSL_VERIFY_NONE solo authentication server */
/* Start the server */
server.begin();
return;
}
void loop() {
int err = 0;
int input = 0;
char errBuf[80];
char reply[80];
int replySz = 0;
const char* cipherName;
/* Listen for incoming client requests. */
while(!client){
client = server.available();
}
if (client.connected()) {
Serial.println("Client connected");
ssl = wolfSSL_new(ctx);//ritorna un bad function argument, numero errore -173
if ( ssl == NULL )
{
Serial.println("sono dentro l'if");
int error = wolfSSL_get_error(ssl, 0);
Serial.println(error);
char errStr[80];
wolfSSL_ERR_error_string(err, errStr);
Serial.println("ERROR SSL");
Serial.println(errStr);
}
Serial.println("dopo l'if");
err = wolfSSL_accept(ssl);
Serial.println("Sono qui1");
if (err != WOLFSSL_SUCCESS) {
Serial.println("Sono qui3");
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Accept Error: ");
Serial.println(errBuf);
return;
}
Serial.print("SSL version is ");
Serial.println(wolfSSL_get_version(ssl));
cipherName = wolfSSL_get_cipher(ssl);
Serial.print("SSL cipher suite is ");
Serial.println(cipherName);
Serial.print("Server Read: ");
while (!client.available()) {} //wait data
while (wolfSSL_pending(ssl)) {//read data
input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
if (input < 0) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Read Error: ");
Serial.println(errBuf);
break;
} else if (input > 0) {
replySz = input;
reply[input] = '\0';
Serial.print(reply);
} else {
Serial.println();
}
}
/* echo data */
if ((wolfSSL_write(ssl, reply, replySz)) != replySz) {
err = wolfSSL_get_error(ssl, 0);
wolfSSL_ERR_error_string(err, errBuf);
Serial.print("TLS Write Error: ");
Serial.println(errBuf);
}
wolfSSL_shutdown(ssl);
wolfSSL_free(ssl);
}
client.stop();
Serial.println("Connection complete");
}
This is my user_settings.h
#ifndef __USER_SETTINGS_H__
#define __USER_SETTINGS_H__
/* Platform */
#define WOLFSSL_ESPWROOM32
/* Math library (remove this to use normal math)*/
#define USE_FAST_MATH
#define TFM_NO_ASM
/* RNG DEFAULT !!FOR TESTING ONLY!! */
/* comment out the error below to get started w/ bad entropy source
* This will need fixed before distribution but is OK to test with */
/* #error "needs solved, see: https://www.wolfssl.com/docs/porting-guide/" */
// #define WOLFSSL_GENSEED_FORTEST
/* The remaining added by me: */
#define NO_ASN_TIME
#define SINGLE_THREADED
#define XTIME fnSecondsSinceEpoch
#define XGMTIME
#define ALT_ECC_SIZE
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_ECC
#define HAVE_HKDF
#define WC_RSA_PSS
#define NO_DH
#define WOLFSSL_STATIC_MEMORY
#define MAX_CONCURRENT_IO 25
#define MAX_CONCURRENT_HANDSHAKES 25
#define WOLFMEM_IO_POOL 1
#define WOLFMEM_TRACK_STATS 1
#define HAVE_AESGCM
#endif /* __USER_SETTINGS_H__ */