1 Topic by belen

(1 replies, posted in wolfSSL)

Hello,

While trying to set ECDH-ECDSA-AES256-GCM-SHA384 in my cypher list, I have found #if defined(CYASS_SHA384) on line 342 of internal.h

I have changed that define to #if defined(CYASSL_SHA384) and it works fine.

Thanks for your time,
Belén.

Go to forum: wolfSSL

2 Reply by belen

(6 replies, posted in wolfSSL)

Hi Chris,

I am still using my CyaSSL_CTX_get_cm() function because my embedded system does not have a file system and I think that CyaSSL_CertManagerLoadCA() function needs a file as a second parameter.

Thanks,
Belén.

Go to forum: wolfSSL

3 Reply by belen

(6 replies, posted in wolfSSL)

Hi Chris,

Thanks a lot for your suggestion.

Actually, it is already working. I am using CyaSSL_CertManagerVerifyBuffer() because it is running on an embedded system and it does not have a file system. That is why I have defined NO_FILESYSTEM.

The problem was that the above mentioned function is defined in ssl.c behind #ifndef NO_FILESYSTEM and so it was not linking with my settings.

I think it is a small bug so I moved this function to the file location where the functions related to "buffer" instead of "file" are defined. Now everything works fine.
BTW, I am using wolfssl-2.3.0. I know it is not the last one, but this function is defined in the same location in wolfssl-2.4.0.

Thanks again.
Best Regards,

Belén.

Go to forum: wolfSSL

4 Topic by belen

(6 replies, posted in wolfSSL)

Is any way to verify my own (TCP/IP server) Certificate with my CA before the handshake stars?

I am able to verify peer's (TCP/IP client) certificate during the handshake but I would like to verify my own Certificate.

I tried it using

CyaSSL_CertManagerVerifyBuffer(cm, server_cert, cert_size, SSL_FILETYPE_PEM);

In order to use that function I had to develop a new one to get "cm" in ssl.c.

CYASSL_CERT_MANAGER* CyaSSL_CTX_get_cm(CYASSL_CTX* ctx)
{
    CYASSL_CERT_MANAGER* cm = NULL;
   
    CYASSL_ENTER("CYASSL__CTX_get_cm");
   
    cm = ctx->cm;
   
    CYASSL_LEAVE("CYASSL__CTX_get_cm", 0);
    return cm;
}

and also include in ssl.h:

CYASSL_API CYASSL_CERT_MANAGER* CyaSSL_CTX_get_cm(CYASSL_CTX*);

My new function compiles and links with no problem but I am getting and error linking CyaSSL_CertManagerVerifyBuffer.

Any suggestions?
Thanks a lot,
Belén.

Go to forum: wolfSSL